simar7
simar7
As @afdesk correctly pointed out, specifying `--report=all` when the `--compliance` flag is passed is today not handled properly because compliance based results only have summary style output. There are two...
> [@simar7](https://github.com/simar7) Should we add a code snippet like we did for tfsec? I think we should add information from the `Occurrences` field so that the user can find the...
> [@simar7](https://github.com/simar7) Why is this task type refactor? It also affects the end user. @nikpivkin I didn't know what to put for a "deprecation" type task besides the label itself....
> @simar7 I'm concerned that a few lines will make it hard to see where the error occurred. Should we display the whole resource? Or, if the resource is large,...
> > I think the best would be to display a code snippet along with start/end line numbers > > In that case we should respect the quote flag and...
> > The CLI log output isn't the best way to show such information > > If logging is not the appropriate place, then the only thing left is directly...
@nikpivkin I updated the PR, is there anything we need prior to merging it in?
As explained [here](https://github.com/aquasecurity/tfsec/pull/2177), tfsec does not run OPA in server mode so this vulnerability does not apply.
> But now the default schema is overwritten if at least one of the checks has a schema specified, which is always the case since all of our checks have...
Let's add `github.com/liamg/memoryfs` under `gomodguard` rules as a blocked module.