Rafaela Soares

icon indicating a website link https://www.linkedin.com/in/rafaela-s-3632a5b2/ icon indicating an email [email protected]

icon company Checkmarx icon location Braga, Portugal icon location [Software Developer] Personal account: https://github.com/cosmicgirl97

Results 24 issues of Rafaela Soares

fix(tf parser): added parentheses expr to convertStringPart

Closes #5605 **Proposed Changes** - added parentheses expr to convertStringPart I submit this contribution under the Apache-2.0 license.

bug
go

fix(docker parser): added resolver for args

Closes #5621 **Proposed Changes** - added resolver for args I submit this contribution under the Apache-2.0 license.

bug
go

fix(query): reduced complexity of 'lambda_function_with_privileged_role' query

**Proposed Changes** - reduced complexity of `lambda_function_with_privileged_role` query since this query exceeded query timeout in PR #5423 I submit this contribution under the Apache-2.0 license.

query
terraform

fix(memory consumption): improved SplitLines function calls

**Proposed Changes** - improved SplitLines function calls - improved minor code details I submit this contribution under the Apache-2.0 license.

go

feat(engine): Kubernetes API support for runtime k8s clusters scan​

**Proposed Changes** - added Kubernetes API support for runtime k8s clusters scan​ I submit this contribution under the Apache-2.0 license.

feature
go
kuberneter

fix(query): fixed incorrect metadatas

2 comment

**Proposed Changes** - fixed incorrect metadatas I submit this contribution under the Apache-2.0 license.

query

Passwords and Secrets mechanism does not exclude defined variables references in the results

1 comment

There are a few cases related to defined variables that Password and Secrets return FP's: - **Code snippets**: ``` Resources: MyLambdaFunction: Type: AWS::Lambda::Function Properties: FunctionName: !Sub '${AWS::StackName}-CdnViewerRequest' Code: ZipFile: !Sub...

bug

[Terraformer] no EC2 IMDS role found : connect: connection refused

4 comment

Dockerfile: ``` (...) # Install Terraform and Terraform plugins RUN wget https://releases.hashicorp.com/terraform/1.2.3/terraform_1.2.3_linux_amd64.zip \ && unzip terraform_1.2.3_linux_amd64.zip && rm terraform_1.2.3_linux_amd64.zip \ && mv terraform /usr/bin/terraform \ && wget https://releases.hashicorp.com/terraform-provider-azurerm/3.5.0/terraform-provider-azurerm_3.5.0_linux_amd64.zip \ &&...

"Passwords And Secrets - Generic Secret" False Positive Results

## CASE 1 ### Actual Behavior A false positive result is detected in line 76 (` SLACK_SIGNING_SECRET = "projects/455826092000/secrets/SlackSigningSecret/versions/latest" `). The result is flagging a path to a secret, which...

bug
query
community
hacktoberfest

BOM: support for GCP

### Description BOM (Bill of Materials) uses Rego queries to extract a list of used resources along with its metadata in the scanned IaC. It is already available for AWS...

feature
community
hacktoberfest