berney

Supersedes #32 Fixes #30 Uses git tags per #33 This PR adds v5.2.0, v5.2.1, and v5.2.2. Updates copyright year. The README.md references old Dockerfiles via git tags rather than commit...

I saw in the readme you provide links to Dockerfiles for older revisions. Have you considered using git tags for these commits, and then the hyperlinks could be references to...

The workflow runs off the existing `resolvers.txt` and commits the results back. But the order is nondeterministic, so it often just changing the ordering in the file. Looking at the...

The readme includes instructions: ```yaml repos: - repo: https://github.com/maltzj/google-style-precommit-hook sha: b7e9e7fcba4a5aea463e72fe9964c14877bd8130 hooks: - id: google-style-java ``` There is no hash `b7e9e7fcba4a5aea463e72fe9964c14877bd8130` in this projects git history. ``` git fetch --all...

First, this is a great guide, and I appreciate the effort you put into it. In the Key Editor section the key CDCD72AF is clearly a 3072 bit RSA key,...

- Including important ones to security auditing (`bind`, `impersonate`, and `escalate`). Thinking to add more, such as https://github.com/kubernetes/kubernetes/blob/d67e6545b159658d5500f773595cc7a6b62e94ba/staging/src/k8s.io/kubectl/pkg/cmd/auth/cani.go#L109 I'm thinking to also allow invalid verbs (maybe with a CLI flag),...

The current implementation of the `copy_gcc_libs()` helper function doesn't work for multilib systems. https://github.com/edannenberg/kubler/blob/cc6ae3601f4d9d076e7f4b6140bc542741d8b131/engine/docker/bob-core/build-root.sh#L59-L70 The `find` commands will return multiple lines for the amd64 and x86 libraries, and the `cp`...

**Describe the bug** Trying to write rules to scan files with non-standard (for the language) file extensions. A good example is writing an XML rule for `web.config` files, which are...