search

Checkmarx / kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
https://kics.io
Apache License 2.0
1.97k stars 294 forks source link

bug(dockerfile): apt-get Missing '-y' To Avoid Manual Input` #7053

Closed SpikePy closed 3 weeks ago

SpikePy commented 1 month ago

When linting a Dockerfile that has an apt-get install command I get the error 77783205-c4ca-4f80-bb80-c777f267c547 # APT-GET Missing '-y' To Avoid Manual Input. This is a false positive when using apt-get --quiet --quiet install sl or apt-get --yes install sl

Expected Behavior

Actual Behavior

[Severity: LOW, Query description: Check if apt-get calls use the flag -y to avoid user manual input.] Problem found on 'docker/local-toolbox/Dockerfile_test' file in line 2. Expected value: {{RUN apt-get --yes install sl}} sould avoid manual input. Actual value: {{RUN apt-get --yes install sl}} doesn't avoid manual input.
gabriel-cx commented 1 month ago

Hi @SpikePy ,

Thank you for your inputs! Our internal AppSec team soon will check it. We will keep you updated.

(APPSEC-2556)

ArturRibeiro-CX commented 3 weeks ago

Hi @SpikePy,

We have merged the PR that addresses the false positive issue you reported. This should resolve the problem as described. However, if you encounter any further issues, please feel free to re-open this issue or create a new one if necessary.

Thank you for your contribution and feedback!