-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added tfsec as a security linter #199
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but why are we deleting so much of package-lock.json?
Also not sure why I follow .json -> .out.json to be important
Re: package-lock.json: I'm not sure - when I initially made the PR, CI told me to run npm install, and I did and pushed the result. I don't know what the implications of that are. Re: .json -> .out.json: tfsec runs on terraform files, which are |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's back out the package-lock.json changes - I suspect you ran into some kind of transient error, because we haven't modified package.json.
@@ -453,7 +453,7 @@ export class TrunkDriver { | |||
*/ | |||
async runCheckUnit(targetRelativePath: string, linter: string): Promise<TestResult> { | |||
const targetAbsPath = path.resolve(this.sandboxPath ?? "", targetRelativePath); | |||
const resultJsonPath = `${targetAbsPath}.json`; | |||
const resultJsonPath = `${targetAbsPath}.out.json`; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add comment here explaining the tf.json thing
Added tfsec as a security linter. Includes a small fix to testing that prevents accidentally linting the json output of trunk check.