sast

Describe the bug

Patterns:

patterns:
  - pattern-regex: hi
  - pattern: ...

Code:

# hi

a = [
    # hi
    1,
    2,
    3
]

"""
hi
"""

Expects no matches, gets two.

To Reproduce
https://semgrep.dev/playground/s/enelli:confusion-2?editorMode=advanced

Expected behavior
Expect no matches.

The first match, with the array, i

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

We currently refactoring unit test in every package of horusec, and we have a lot of code to cover. I'm opening this issue as a report and invite to community to contribute and improve our application. Currently i'm in start package refactor and we have some cases to cover and you can base on #701 to write your code

Update: Since #731 we moved flags constants to package [testutil](https://githu

Seeing the below error while installing rush.js. Probably might need a package in the base image. Any help would be appreciated.

#21 516.9 > keytar@7.6.0 install /usr/local/lib/node_modules/@microsoft/rush/node_modules/keytar
#21 516.9 > prebuild-install || npm run build
#21 516.9 
#21 521.6 prebuild-install WARN install No prebuilt binaries found (target=14.16.0 runtime=node arch=arm64

Scan the docker network for open ports and vulnerable services.

The goal is to add UT about https://github.com/NodeSecure/js-x-ray/tree/master/src/probes/

It can help you to get into this project, feel free to submit a PR about 1 or multiples probes :)

I expect

To be able to reformat the yaml/json code I have in the editor