fix(misconf): do not erase variable type for child modules

aquasecurity / trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

https://aquasecurity.github.io/trivy

Apache License 2.0

23.79k stars 2.34k forks source link

fix(misconf): do not erase variable type for child modules #7936

Closed nikpivkin closed 2 hours ago

nikpivkin commented 4 days ago

We need to improve the evaluation of input module variables. If null is passed to a module, it will erase the type of the variable and cause incorrect evaluation of expressions that use them.

Discussed in https://github.com/aquasecurity/trivy/discussions/7932

Checklist

[ ] Run trivy clean --all
[ ] Read the troubleshooting