Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(misconf): display irrelevant warnings #7426

Closed
knqyf263 opened this issue Aug 30, 2024 · 2 comments · Fixed by aquasecurity/trivy-checks#250 or #7427
Closed

fix(misconf): display irrelevant warnings #7426

knqyf263 opened this issue Aug 30, 2024 · 2 comments · Fixed by aquasecurity/trivy-checks#250 or #7427
Assignees
Labels
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone

Comments

@knqyf263
Copy link
Collaborator

Description

Even when the misconfiguration scanner is disabled, some warnings are shown.

$ trivy image alpine:3.19 --scanners vuln
2024/08/30 18:16:35 WARN Check ID is empty file_path=lib/cloud/aws_trails.rego
2024/08/30 18:16:35 WARN Check ID is empty file_path=lib/docker/docker.rego
2024-08-30T18:16:35+04:00       INFO    [vuln] Vulnerability scanning is enabled

Commit

$ git log -1
commit bf64003ac8b209f34b88f228918a96d4f9dac5e0 (HEAD -> main, upstream/main, upstream/gh-readonly-queue/main/pr-7410-3a5d091759564496992a83fb2015a21c84a22213, upstream/HEAD)
Author: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Date:   Fri Aug 30 13:15:10 2024 +0600

    fix(secret): use `.eyJ` keyword for JWT secret (#7410)
@knqyf263 knqyf263 added kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning labels Aug 30, 2024
@knqyf263 knqyf263 added this to the v0.55.0 milestone Aug 30, 2024
@simar7 simar7 reopened this Aug 31, 2024
@simar7
Copy link
Member

simar7 commented Aug 31, 2024

It seems that the fix didn't work @nikpivkin

Scratch that, I didn't realize I hadn't updated the dependency 😌 opened to update and fix #7427

@knqyf263
Copy link
Collaborator Author

knqyf263 commented Sep 2, 2024

I took a look at the fix. It seems to me that the problem is not the warning itself, but that the checks are being loaded even though misconfiguration scanning is disabled, or that processing related to misconfiguration scanning is taking place. Is it possible to delay the initialization process so that it only takes place when misconfiguration scanning is enabled?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Archived in project
3 participants