trivy icon indicating copy to clipboard operation
trivy copied to clipboard
Published 4 weeks ago verified publisher icon aquasecurity

feat(misconf): Show misconfig ID in output

Open simar7 opened this issue 1 year ago • 2 comments

Description

Show misconfig ID in output

Before

my-file ()
==========
Tests: 1 (SUCCESSES: 0, FAILURES: 1, EXCEPTIONS: 0)
Failures: 1 (LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

HIGH: Oh no, a bad config.
════════════════════════════════════════
Your config file is not good.

See https://google.com/search?q=bad%20config
────────────────────────────────────────
 my-file
────────────────────────────────────────
   1   
   2 [ bad: true
   3   
────────────────────────────────────────

After

my-file ()
==========
Tests: 1 (SUCCESSES: 0, FAILURES: 1, EXCEPTIONS: 0)
Failures: 1 (LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

AVD-XYZ-0123
HIGH: Oh no, a bad config.
════════════════════════════════════════
Your config file is not good.

See https://google.com/search?q=bad%20config
────────────────────────────────────────
 my-file
────────────────────────────────────────
   1   
   2 [ bad: true
   3   
────────────────────────────────────────

Related issues

  • Close https://github.com/aquasecurity/trivy/issues/7629

Checklist

  • [x] I've read the guidelines for contributing to this repository.
  • [x] I've followed the conventions in the PR title.
  • [x] I've added tests that prove my fix is effective or that my feature works.
  • [ ] I've updated the documentation with the relevant information (if needed).
  • [ ] I've added usage information (if the PR introduces new options)
  • [x] I've included a "before" and "after" example to the description (if the PR is a user interface change).

simar7 avatar Oct 18 '24 06:10 simar7

I think the before and after output should be added to the description.

nikpivkin avatar Oct 18 '24 08:10 nikpivkin

I think the before and after output should be added to the description.

Thanks! I forgot about that.

simar7 avatar Oct 19 '24 00:10 simar7

I prefer a single line as below, but I guess @itaysk has some idea as it's his request.

AVD-XYZ-0123 (HIGH): Oh no, a bad config.

HIGH: Oh no, a bad config (AVD-XYZ-0123).

knqyf263 avatar Oct 21 '24 09:10 knqyf263

agree with @knqyf263 of the two options I'd probably pick the first

itaysk avatar Oct 21 '24 14:10 itaysk

I prefer a single line as below, but I guess @itaysk has some idea as it's his request.

AVD-XYZ-0123 (HIGH): Oh no, a bad config.

HIGH: Oh no, a bad config (AVD-XYZ-0123).

Agreed. Implemented https://github.com/aquasecurity/trivy/pull/7762/commits/051313724443c3cdc7b2167ed60356931662663f

simar7 avatar Oct 21 '24 22:10 simar7

nit: There are some more options.

[AVD-XYZ-0123] HIGH: Oh no, a bad config.

AVD-XYZ-0123 [HIGH]: Oh no, a bad config.

<AVD-XYZ-0123> HIGH: Oh no, a bad config.

AVD-XYZ-0123 <HIGH>: Oh no, a bad config.

knqyf263 avatar Oct 22 '24 05:10 knqyf263