devsecops

Hi, when will Ubuntu 22.04 be supported for APT?

Attempting to install on Jammy using APT shows an error:

E: The repository 'https://aquasecurity.github.io/trivy-repo/deb jammy Release' does not have a Release file.

Is your feature request related to a problem? Please describe.
It would be nice if gitleaks had a validate command that would validate examples found in the config rules. Introducing such a feature would speed up rule development and help with debugging.

Describe the solution you'd like
example entry in the rules tables
ex:

[[rules]]
id = "discord-client-secret"
des

Describe the issue
On GCP if you apply a role via a policy that is applied none of the checks are performed. The example below should pass CKV_GCP_48 and fail CKV_GCP_44 (with my variables) but when checkov is run, no checks are run, pass or fail.

Examples\

 data "google_iam_policy" "folder" {
   binding {
     role = "roles/owner"

     members = var.a

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

This bar with log4j doesn't show when a search request is pending.

Description

The Files class currently has an extra_headers property whose job is toadd the GGShield-Version and GGShield-Command-Path HTTP headers.

This property should not be part of the Files class: it is not specific to Files instances (has can be noticed by the