xfhg / intercept Goto Github PK
View Code? Open in Web Editor NEWINTERCEPT Code Compliance / Policy as Code Auditing / SAST & Runtime Code+API Check
Home Page: https://intercept.cc
License: GNU Affero General Public License v3.0
intercept's People
Contributors
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![patched-codes[bot] avatar](https://avatars.githubusercontent.com/in/298395?v=4 "patched-codes[bot]")
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot]")
Stargazers
Watchers
intercept's Issues
Dependabot can't resolve your Go dependency files
Dependabot can't resolve your Go dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
github.com/xfhg/intercept/cmd: cannot find module providing package github.com/xfhg/intercept/cmd
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
TOML Trouble
Getting Compliant Output with Warning while ideally it should be non-compliant.
File to scan: https://github.com/grafana/grafana/blob/main/conf/ldap.toml
Rule:
- name: TOML ASSURE - Minimum TLS Version 1.2
id: 1001
description: Assure Minimum TLS Version
error: Misconfiguration or omission is fatal
tags: TLS
type: toml
fatal: false
enforcement: true
environment: all
confidence: high
toml_filepattern: "ldap.toml"
toml_structure: |
servers: [{minimum_tls_version:"1.2"}]
...
Output:
│
├ TOML Rule # 1001
│ Rule name : TOML ASSURE - Minimum TLS Version 1.2
│ Rule description : Assure Minimum TLS Version
│ Impacted Env : all
│ Confidence : high
│ Tags : TLS
│ File pattern : ldap.toml
│ TOML pattern : servers: [{minimum_tls_version:"1.2"}]
...
│
│ Scanning..
│ File : tests/ldap.toml
│ Hash : 1fd89962937a50cdabc3560e3e7642866f7ef450fafa8b4e18c43da895390b85
│
│ Warning : TOML File not valid
├ Missing keys feature not available
│
│
│ Compliant
│
Dependency Dashboard
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
Open
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
- Update module gopkg.in/yaml.v2 to v2.2.8 [SECURITY]
- Update module github.com/lens-vm/jsonmerge to v0.1
Detected dependencies
github-actions
.github/workflows/codeql.yml
actions/checkout v3actions/setup-go v4github/codeql-action v2github/codeql-action v2.github/workflows/release.yml
actions/checkout v3actions/setup-go v4meeDamian/github-release 2.0.github/workflows/static.yml
actions/checkout v3actions/configure-pages v3actions/upload-pages-artifact v2actions/deploy-pages v2.github/workflows/test.yml
actions/checkout v3actions/setup-go v4
gomod
go.mod
go 1.20github.com/blang/semver v3.5.1+incompatiblegithub.com/gookit/color v1.5.3github.com/itchyny/gojq v0.12.13github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0@2bc1f35cddc0github.com/lens-vm/jsonmerge v0.0.0-20210328131518-91ae88d1bfff@91ae88d1bfffgithub.com/mitchellh/go-homedir v1.1.0github.com/owenrumney/go-sarif/v2 v2.2.0github.com/rhysd/go-github-selfupdate v1.2.3github.com/spf13/cobra v1.7.0github.com/spf13/viper v1.16.0github.com/theckman/yacspin v0.13.12gopkg.in/yaml.v2 v2.2.2gopkg.in/yaml.v3 v3.0.1
- Check this box to trigger a request for Renovate to run again on this repository
Dependabot can't resolve your Go dependency files
Dependabot can't resolve your Go dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
rsc.io/quote/[email protected]: unrecognized import path "rsc.io/quote/v3" (parse https://rsc.io/quote/v3?go-get=1: no go-import meta tags ())
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Support for ini files
Fix Reporting
-
Avoid overwriting SARIF output by GenerateComplianceSarif
Why? --> Running multiple TOML / INI etc. scan in same directory should not overwrite results. -
Generate SARIF Report only if --output = full or sarif
Support for String based rule id to follow naming convention for rules
Dependabot can't resolve your Go dependency files
Dependabot can't resolve your Go dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
honnef.co/go/[email protected]: unrecognized import path "honnef.co/go/tools" (https fetch: Get https://honnef.co/go/tools?go-get=1: EOF)
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Dependabot wasn't able to update gopkg.in/gookit/color.v1
The module path gopkg.in/gookit/color.v1 found in your /go.mod doesn't match the actual path github.com/gookit/color found in the dependency's go.mod.
Updating the module path in your go.mod to github.com/gookit/color should resolve this issue.
New Documentation - part 1
Description:
Test for all Policy Types in bash/docker format and produce step by step example documentation and running code examples
Acceptance Criteria:
One example policy file for each Policy Type
One target file for each policy Type
Full suite of testing add policy types against its targets
Mac M1 specific binary
Hi Team
would like to know and request when Mac M1 specific binary releasing?
thanks
Dependabot wasn't able to update gopkg.in/gookit/color.v1
The module path gopkg.in/gookit/color.v1 found in your /go.mod doesn't match the actual path github.com/gookit/color found in the dependency's go.mod.
Updating the module path in your go.mod to github.com/gookit/color should resolve this issue.
Standard zero findings output
Proper stdout output , sarif and cleanup
Zero findings != Zero policies scanned
Dependabot can't resolve your Go dependency files
Dependabot can't resolve your Go dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
github.com/xfhg/intercept/cmd: cannot find module providing package github.com/xfhg/intercept/cmd
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Support for publishing scan result to URL
As scan results need to be published to data lake, tool need to support publication of scan result to URL
Linux bootstrap script Scan - Query Not an Issue
Dear Team
Would like to know does the Intecept application scan through bootstrap scripts based on the Patterns.
Thanks
Kannan V
Silent output, reduced output
- configurable and customisable through config or flags
- output DIFF on noncompliance to be optional by flag
- also related to #137
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.