kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

feat(bicep): added support for Ignore by comments for bicep

Open JonasCordsen opened this issue 1 year ago • 6 comments

Closes #4420

Reason for Proposed Changes

  • This Pr will add the support for bicep files to handle kics-scan comments

Proposed Changes

  • Users can now ignore lines by comments in the original file
  • lines containing comments are now excluded as well for bicep

I submit this contribution under the Apache-2.0 license.

JonasCordsen avatar Nov 29 '24 10:11 JonasCordsen

@ArturRibeiro-CX Hello Sorry for the direct tag, but I was wondering if you could provide some idea of when this might get reviewed, and hopefully merged, it is a feature we would love, as it provides os the option to not exclude hole files :)

JonasCordsen avatar Feb 28 '25 07:02 JonasCordsen

@ArturRibeiro-CX Just fixed, the issue found in inters, I have checked with a PR in my fork, and all checks are green (Other then labels check, but seems like that has to do with it being a fork). It is possible to get a new review or again a start of linter here?

JonasCordsen avatar Mar 05 '25 08:03 JonasCordsen

Hey @JonasCordsen, Sorry for the delayed response!

Thanks for contributing and tackling this issue for KICS. We really appreciate your effort in improving the tool. Your PR is on our radar, and we'll be reviewing it as soon as possible.

We'll get back to you at our earliest opportunity 😄.

cx-artur-ribeiro avatar Mar 05 '25 10:03 cx-artur-ribeiro

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them. While these secrets were previously flagged, we no longer have a reference to the specific commits where they were detected. Once a secret has been leaked into a git repository, you should consider it compromised, even if it was deleted immediately. Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

gitguardian[bot] avatar Mar 14 '25 15:03 gitguardian[bot]

What is the status of this? Would be very useful for implementing kics into our workflow

chielboogaard avatar Jun 11 '25 13:06 chielboogaard

Hi @JonasCordsen and @chielboogaard, apologies for the late response, and thank you for the contribution.

We'll be reviewing this PR in more detail during July, with the goal of merging it after completing the necessary assessments. From an initial look, some adjustments were needed since parts of the code being modified are generated by ANTLR, which could affect the parser structure. To address that and test the changes in a more controlled way, I've opened this draft PR to refactor and validate the integration.

I'll keep you updated if anything else is required from your side. Thanks again for the contribution and your patience!

cx-artur-ribeiro avatar Jun 23 '25 07:06 cx-artur-ribeiro