ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-21 05:57:42 +03:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
e15264d9c8
scorecard/checks
History
Jürgen Kreileder e15264d9c8
🐛 Refactor Dockerfile validation code to handle here-documents (#3774) 
* Refactor Dockerfile validation code to handle here-documents

Refactors the `validateDockerfileInsecureDownloads` function to handle
Dockerfiles that contain here-documents.  This implementation handles the
basic use-case, namely shell commands.  It does not manage other
interpreters that are specified through a she-bang, such as python.

Fixes https://github.com/ossf/scorecard/issues/3335

Signed-off-by: Jürgen Kreileder <jk@blackdown.de>

* Add test for empty run command case in validateDockerfileInsecureDownloads()

Signed-off-by: Jürgen Kreileder <jk@blackdown.de>

* Simplify end line calculation in validateDockerfileInsecureDownloads()

Signed-off-by: Jürgen Kreileder <jk@blackdown.de>

* Document why we have a python test case here

Signed-off-by: Jürgen Kreileder <jk@blackdown.de>

---------

Signed-off-by: Jürgen Kreileder <jk@blackdown.de>
2024-01-10 21:26:46 +00:00
..
evaluation 🌱 refactor permissions (#3693) 2024-01-09 14:05:55 -08:00
fileparser 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
raw 🐛 Refactor Dockerfile validation code to handle here-documents (#3774) 2024-01-10 21:26:46 +00:00
testdata 🌱 Convert SAST check to probes (#3571) 2023-11-07 08:41:44 -05:00
all_checks_test.go 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
all_checks.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
binary_artifact_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
binary_artifact.go 🌱 convert binary artifact check to probe (#3508) 2023-12-05 00:24:16 -08:00
branch_protection_test.go 🐛 revert making RequiredPullRequestReviews a pointer (#3728) 2023-12-13 00:26:35 +00:00
branch_protection.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
ci_tests_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
ci_tests.go 🌱 convert CI-Tests check to probes (#3621) 2023-12-11 10:15:50 -08:00
cii_best_practices_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
cii_best_practices.go 🌱 convert CII Best Practices check to probes (#3520) 2023-11-28 12:02:26 -08:00
code_review_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
code_review.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
contributors_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
contributors.go 🌱 Add probe support for contributors metrics (#3460) 2023-10-24 14:02:18 -07:00
dangerous_workflow.go 🌱 Convert Dangerous Workflow check to probes (#3521) 2023-11-06 21:43:03 +00:00
dependency_update_tool_test.go 🐛 Dependency-Update-Tool: ignore search commit data for repo clients which dont support it (#3756) 2023-12-29 17:46:10 +00:00
dependency_update_tool.go 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
errors.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
fuzzing_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
fuzzing.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
license_test.go 🌱 Add license probe (#3465) 2023-10-24 11:48:41 -07:00
license.go 🌱 Add license probe (#3465) 2023-10-24 11:48:41 -07:00
maintained_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
maintained.go 🌱 Migrate Maintained check to probes (#3507) 2023-11-17 09:57:10 -08:00
packaging.go 🌱 convert packaging check to probe (#3486) 2023-10-24 19:12:05 +00:00
permissions_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
permissions.go Structured results for permissions (#2584) 2023-01-30 18:41:36 -08:00
pinned_dependencies.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
probes.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
sast_test.go 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
sast.go 🌱 Convert SAST check to probes (#3571) 2023-11-07 08:41:44 -05:00
security_policy_test.go 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
security_policy.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
signed_releases_test.go Support .sigstore bundles to check for signed releases (#3772) 2024-01-05 08:35:46 -08:00
signed_releases.go convert Signed Releases to probes (#3610) 2023-12-13 07:51:32 -08:00
vulnerabilities_test.go ⚠️ OSV scanner integration (#2509) 2022-12-12 16:46:43 -08:00
vulnerabilities.go 🌱 convert vulnerabilities check to probe (#3487) 2023-10-25 10:02:24 -07:00
webhook_test.go 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
webhook.go 🌱 convert Webhook check to probes (#3522) 2023-12-05 18:59:42 +00:00
write.md Detect fuzzing in Haskell by the presence of property tests. (#2843) 2023-04-12 17:29:29 +00:00