Is your feature request related to a problem? Please describe.
It would be nice if gitleaks had a validate command that would validate examples found in the config rules. Introducing such a feature would speed up rule development and help with debugging.
Describe the solution you'd like
example entry in the rules tables
ex:
[[rules]]
id = "discord-client-secret"
des
Describe the issue
On GCP if you apply a role via a policy that is applied none of the checks are performed. The example below should pass CKV_GCP_48 and fail CKV_GCP_44 (with my variables) but when checkov is run, no checks are run, pass or fail.
Examples\
data "google_iam_policy" "folder" {
binding {
role = "roles/owner"
members = var.a
Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.
Extremely useful when running the tool without halting a pipeline for example.
I currently use a workaround, but something more concrete would be very desira
The current swagger definition is autogenerated. The automatically generated definitions rely on reflection and annotations to create the documentation. The reflection capabilities are poor at best and lead to missing API parameters. Annotations can help in some cases, but the only fix for Swagger is to create individual POJOs for every possible request. This will lead to unnecessary large number
The Files class currently has an extra_headers property whose job is toadd the GGShield-Version and GGShield-Command-Path HTTP headers.
This property should not be part of the Files class: it is not specific to Files instances (has can be noticed by the
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."
Hi,
it would be nice, if pod annotations would be configurable via values file. E.g:
values.yaml:
statefulset.yaml: