Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(misconf): display irrelevant warnings #7426

Closed
knqyf263 opened this issue Aug 30, 2024 · 2 comments · Fixed by aquasecurity/trivy-checks#250 or #7427
Closed

fix(misconf): display irrelevant warnings #7426

knqyf263 opened this issue Aug 30, 2024 · 2 comments · Fixed by aquasecurity/trivy-checks#250 or #7427
Assignees
@simar7 @nikpivkin
Labels
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.55.0

Comments

@knqyf263
Copy link
Collaborator

Description

Even when the misconfiguration scanner is disabled, some warnings are shown.

$ trivy image alpine:3.19 --scanners vuln
2024/08/30 18:16:35 WARN Check ID is empty file_path=lib/cloud/aws_trails.rego
2024/08/30 18:16:35 WARN Check ID is empty file_path=lib/docker/docker.rego
2024-08-30T18:16:35+04:00       INFO    [vuln] Vulnerability scanning is enabled

Commit

$ git log -1
commit bf64003ac8b209f34b88f228918a96d4f9dac5e0 (HEAD -> main, upstream/main, upstream/gh-readonly-queue/main/pr-7410-3a5d091759564496992a83fb2015a21c84a22213, upstream/HEAD)
Author: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Date:   Fri Aug 30 13:15:10 2024 +0600

    fix(secret): use `.eyJ` keyword for JWT secret (#7410)
@knqyf263 knqyf263 added kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning labels Aug 30, 2024
@knqyf263 knqyf263 added this to the v0.55.0 milestone Aug 30, 2024
@knqyf263 knqyf263 mentioned this issue Aug 30, 2024
Merged
@nikpivkin nikpivkin mentioned this issue Aug 30, 2024
Merged
@simar7 simar7 reopened this Aug 31, 2024
@simar7
Copy link
Member

simar7 commented Aug 31, 2024
edited
Loading

It seems that the fix didn't work @nikpivkin

Scratch that, I didn't realize I hadn't updated the dependency 😌 opened to update and fix #7427

@simar7 simar7 mentioned this issue Aug 31, 2024
Merged
6 tasks
@knqyf263
Copy link
Collaborator Author

knqyf263 commented Sep 2, 2024

I took a look at the fix. It seems to me that the problem is not the warning itself, but that the checks are being loaded even though misconfiguration scanning is disabled, or that processing related to misconfiguration scanning is taking place. Is it possible to delay the initialization process so that it only takes place when misconfiguration scanning is enabled?

This was referenced Sep 2, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

@nikpivkin nikpivkin

Labels
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Archived in project
Milestone
v0.55.0
3 participants
@simar7 @knqyf263 @nikpivkin