├── .codespellignore ├── .github └── workflows │ ├── build.yml │ ├── mkdocs_latest.yml │ └── release.yml ├── .gitignore ├── .goreleaser.yml ├── .pre-commit-hooks.yaml ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── cmd ├── cfsec-docs │ ├── main.go │ └── webpage.go ├── cfsec-pr-lint │ ├── linter.go │ └── main.go └── cfsec │ └── main.go ├── docs ├── Dockerfile ├── checks │ ├── api-gateway │ │ └── enable-access-logging.md │ ├── athena │ │ ├── enable-at-rest-encryption.md │ │ └── no-encryption-override.md │ ├── autoscaling │ │ ├── enable-at-rest-encryption.md │ │ └── no-public-ip.md │ ├── cloudfront │ │ ├── enable-logging.md │ │ ├── enable-waf.md │ │ ├── enforce-https.md │ │ └── use-secure-tls-policy.md │ ├── cloudtrail │ │ ├── enable-all-regions.md │ │ ├── enable-at-rest-encryption.md │ │ └── enable-log-validation.md │ ├── cloudwatch │ │ └── log-group-customer-key.md │ ├── codebuild │ │ └── enable-encryption.md │ ├── config │ │ └── aggregate-all-regions.md │ ├── documentdb │ │ ├── enable-log-export.md │ │ ├── enable-storage-encryption.md │ │ └── encryption-customer-key.md │ ├── dynamodb │ │ └── enable-at-rest-encryption.md │ ├── ebs │ │ ├── enable-volume-encryption.md │ │ └── encryption-customer-key.md │ ├── ec2 │ │ └── no-secrets-in-user-data.md │ ├── ecr │ │ ├── enable-image-scans.md │ │ ├── enforce-immutable-repository.md │ │ ├── no-public-access.md │ │ └── repository-customer-key.md │ ├── ecs │ │ ├── enable-container-insight.md │ │ ├── enable-in-transit-encryption.md │ │ └── no-plaintext-secrets.md │ ├── efs │ │ └── enable-at-rest-encryption.md │ ├── eks │ │ └── encrypt-secrets.md │ ├── elastic-search │ │ ├── enable-domain-encryption.md │ │ ├── enable-domain-logging.md │ │ ├── enable-in-transit-encryption.md │ │ ├── enforce-https.md │ │ └── use-secure-tls-policy.md │ ├── elasticache │ │ ├── add-description-for-security-group.md │ │ ├── enable-backup-retention.md │ │ └── enable-in-transit-encryption.md │ ├── iam │ │ └── no-policy-wildcards.md │ ├── kinesis │ │ └── enable-in-transit-encryption.md │ ├── lambda │ │ ├── enable-tracing.md │ │ └── restrict-source-arn.md │ ├── mq │ │ ├── enable-audit-logging.md │ │ ├── enable-general-logging.md │ │ └── no-public-access.md │ ├── msk │ │ ├── enable-in-transit-encryption.md │ │ └── enable-logging.md │ ├── neptune │ │ ├── enable-log-export.md │ │ └── enable-storage-encryption.md │ ├── rds │ │ ├── enable-performance-insights.md │ │ ├── encrypt-cluster-storage-data.md │ │ ├── encrypt-instance-storage-data.md │ │ ├── no-classic-resources.md │ │ ├── no-public-db-access.md │ │ └── specify-backup-retention.md │ ├── redshift │ │ ├── add-description-to-security-group.md │ │ ├── encryption-customer-key.md │ │ ├── no-classic-resources.md │ │ └── use-vpc.md │ ├── s3 │ │ ├── block-public-acls.md │ │ ├── block-public-policy.md │ │ ├── enable-bucket-encryption.md │ │ ├── enable-bucket-logging.md │ │ ├── enable-versioning.md │ │ ├── ignore-public-acls.md │ │ ├── no-public-access-with-acl.md │ │ ├── no-public-buckets.md │ │ └── specify-public-access-block.md │ ├── sam │ │ ├── api-use-secure-tls-policy.md │ │ ├── enable-api-access-logging.md │ │ ├── enable-api-cache-encryption.md │ │ ├── enable-api-tracing.md │ │ ├── enable-function-tracing.md │ │ ├── enable-http-api-access-logging.md │ │ ├── enable-state-machine-tracing.md │ │ ├── enable-table-encryption.md │ │ ├── no-function-policy-wildcards.md │ │ └── no-state-machine-policy-wildcards.md │ ├── sns │ │ └── enable-topic-encryption.md │ ├── sqs │ │ ├── enable-queue-encryption.md │ │ └── no-wildcards-in-policy-documents.md │ ├── ssm │ │ └── secret-use-customer-key.md │ ├── vpc │ │ ├── add-description-to-security-group-rule.md │ │ ├── add-description-to-security-group.md │ │ ├── no-excessive-port-access.md │ │ ├── no-public-egress-sgr.md │ │ ├── no-public-ingress-acl.md │ │ └── no-public-ingress-sgr.md │ └── workspaces │ │ └── enable-disk-encryption.md ├── getting-started │ ├── configuration │ │ └── github-actions │ │ │ └── github-action.md │ ├── credits.md │ ├── installation.md │ ├── quickstart.md │ └── usage.md ├── imgs │ ├── demo.gif │ ├── homelogo.png │ └── logo.png ├── index.md └── requirements.txt ├── example └── bucket.yaml ├── go.mod ├── go.sum ├── internal └── app │ └── cfsec │ ├── adapter │ ├── adapt.go │ └── aws │ │ ├── adapt.go │ │ ├── apigateway │ │ ├── apigateway.go │ │ └── stage.go │ │ ├── athena │ │ ├── athena.go │ │ └── workgroup.go │ │ ├── autoscaling │ │ ├── autoscaling.go │ │ └── launch_configuration.go │ │ ├── cloudfront │ │ ├── cloudfront.go │ │ └── distribution.go │ │ ├── cloudtrail │ │ ├── cloudtrail.go │ │ └── trails.go │ │ ├── cloudwatch │ │ ├── cloudwatch.go │ │ └── log_group.go │ │ ├── codebuild │ │ ├── codebuild.go │ │ └── project.go │ │ ├── config │ │ ├── aggregator.go │ │ └── config.go │ │ ├── documentdb │ │ ├── cluster.go │ │ └── documentdb.go │ │ ├── dynamodb │ │ ├── cluster.go │ │ └── dynamodb.go │ │ ├── ebs │ │ ├── ebs.go │ │ └── volume.go │ │ ├── ec2 │ │ ├── ec2.go │ │ └── instance.go │ │ ├── ecr │ │ ├── ecr.go │ │ └── repository.go │ │ ├── ecs │ │ ├── cluster.go │ │ ├── ecs.go │ │ └── task_definition.go │ │ ├── efs │ │ ├── efs.go │ │ └── filesystem.go │ │ ├── eks │ │ ├── cluster.go │ │ └── eks.go │ │ ├── elasticache │ │ ├── cluster.go │ │ ├── elasticache.go │ │ ├── replication_group.go │ │ └── security_group.go │ │ ├── elasticsearch │ │ ├── domain.go │ │ └── elasticsearch.go │ │ ├── elb │ │ ├── elb.go │ │ └── loadbalancer.go │ │ ├── iam │ │ ├── iam.go │ │ └── policy.go │ │ ├── kinesis │ │ ├── kinesis.go │ │ └── stream.go │ │ ├── lambda │ │ ├── function.go │ │ └── lambda.go │ │ ├── mq │ │ ├── broker.go │ │ └── mq.go │ │ ├── msk │ │ ├── cluster.go │ │ └── msk.go │ │ ├── neptune │ │ ├── cluster.go │ │ └── neptune.go │ │ ├── rds │ │ ├── cluster.go │ │ ├── instance.go │ │ └── rds.go │ │ ├── redshift │ │ ├── cluster.go │ │ ├── redshift.go │ │ └── security_group.go │ │ ├── s3 │ │ ├── bucket.go │ │ └── s3.go │ │ ├── sam │ │ ├── api.go │ │ ├── function.go │ │ ├── http_api.go │ │ ├── sam.go │ │ ├── state_machines.go │ │ └── tables.go │ │ ├── sns │ │ ├── sns.go │ │ └── topic.go │ │ ├── sqs │ │ ├── queue.go │ │ └── sqs.go │ │ ├── ssm │ │ ├── secret.go │ │ └── ssm.go │ │ ├── vpc │ │ ├── nacl.go │ │ ├── security_group.go │ │ └── vpc.go │ │ └── workspaces │ │ ├── workspace.go │ │ └── workspaces.go │ ├── cftypes │ └── types.go │ ├── debug │ ├── errors.go │ └── log.go │ ├── loader │ └── rule_loader.go │ ├── parser │ ├── errors.go │ ├── file_context.go │ ├── fn_base64.go │ ├── fn_base64_test.go │ ├── fn_builtin.go │ ├── fn_builtin_test.go │ ├── fn_equals.go │ ├── fn_equals_test.go │ ├── fn_find_in_map.go │ ├── fn_find_in_map_test.go │ ├── fn_get_attr.go │ ├── fn_get_attr_test.go │ ├── fn_join.go │ ├── fn_join_test.go │ ├── fn_ref.go │ ├── fn_ref_test.go │ ├── fn_select.go │ ├── fn_select_test.go │ ├── fn_split.go │ ├── fn_split_test.go │ ├── fn_sub.go │ ├── fn_sub_test.go │ ├── intrinsics.go │ ├── intrinsics_test.go │ ├── option.go │ ├── parameter.go │ ├── parser.go │ ├── parser_test.go │ ├── property.go │ ├── property_conversion.go │ ├── property_helpers.go │ ├── pseudo_parameters.go │ ├── reference.go │ ├── resource.go │ └── util.go │ ├── rules │ ├── aws │ │ ├── apigateway │ │ │ ├── enable_access_logging_rule.go │ │ │ └── enable_access_logging_rule_test.go │ │ ├── athena │ │ │ ├── enable_at_rest_encryption_rule.go │ │ │ ├── enable_at_rest_encryption_rule_test.go │ │ │ ├── no_encryption_override_rule.go │ │ │ └── no_encryption_override_rule_test.go │ │ ├── autoscaling │ │ │ ├── enable_at_rest_encryption_rule.go │ │ │ ├── enable_at_rest_encryption_rule_test.go │ │ │ ├── no_public_ip_rule.go │ │ │ └── no_public_ip_rule_test.go │ │ ├── cloudfront │ │ │ ├── enable_logging_rule.go │ │ │ ├── enable_logging_rule_test.go │ │ │ ├── enable_waf_rule.go │ │ │ ├── enable_waf_rule_test.go │ │ │ ├── enforce_https_rule.go │ │ │ ├── enforce_https_rule_test.go │ │ │ ├── use_secure_tls_policy_rule.go │ │ │ └── use_secure_tls_policy_rule_test.go │ │ ├── cloudtrail │ │ │ ├── enable_all_regions_rule.go │ │ │ ├── enable_all_regions_rule_test.go │ │ │ ├── enable_at_rest_encryption_rule.go │ │ │ ├── enable_at_rest_encryption_rule_test.go │ │ │ ├── enable_log_validation_rule.go │ │ │ └── enable_log_validation_rule_test.go │ │ ├── cloudwatch │ │ │ ├── log_group_customer_key_rule.go │ │ │ └── log_group_customer_key_rule_test.go │ │ ├── codebuild │ │ │ ├── enable_artifact_encryption_rule.go │ │ │ └── enable_artifect_encryption_rule_test.go │ │ ├── config │ │ │ ├── aggregate_all_regions_rule.go │ │ │ └── aggregate_all_regions_rule_test.go │ │ ├── documentdb │ │ │ ├── enable_log_export_rule.go │ │ │ ├── enable_log_export_rule_test.go │ │ │ ├── enable_storage_encryption_rule.go │ │ │ ├── enable_storage_encryption_rule_test.go │ │ │ ├── encryption_customer_key_rule.go │ │ │ └── encryption_customer_key_rule_test.go │ │ ├── dynamodb │ │ │ ├── enable_at_rest_encryption_rule.go │ │ │ └── enable_at_rest_encryption_rule_test.go │ │ ├── ebs │ │ │ ├── enable_volume_encryption_rule.go │ │ │ ├── enable_volume_encryption_rule_test.go │ │ │ ├── encryption_customer_key_rule.go │ │ │ └── encryption_customer_key_rule_test.go │ │ ├── ec2 │ │ │ ├── no_secrets_in_user_data_rule.go │ │ │ └── no_secrets_in_user_data_rule_test.go │ │ ├── ecr │ │ │ ├── enable_image_scanning_rule.go │ │ │ ├── enable_image_scanning_rule_test.go │ │ │ ├── enforce_immutable_repository_rule.go │ │ │ ├── enforce_immutable_repository_rule_test.go │ │ │ ├── no_public_access_rule.go │ │ │ ├── no_public_access_rule_test.go │ │ │ ├── repository_customer_key_rule.go │ │ │ └── repository_customer_key_rule_test.go │ │ ├── ecs │ │ │ ├── enable_container_insight_rule.go │ │ │ ├── enable_container_insight_rule_test.go │ │ │ ├── enable_in_transit_encryption_rule.go │ │ │ ├── enable_in_transit_encryption_rule_test.go │ │ │ ├── no_plaintext_secrets_rule.go │ │ │ └── no_plaintext_secrets_rule_test.go │ │ ├── efs │ │ │ ├── enable_at_rest_encryption_rule.go │ │ │ └── enable_at_rest_encryption_rule_test.go │ │ ├── eks │ │ │ ├── encrypt_secrets_rule.go │ │ │ └── encrypt_secrets_rule_test.go │ │ ├── elasticache │ │ │ ├── add_description_for_security_group_rule.go │ │ │ ├── add_description_for_security_group_rule_test.go │ │ │ ├── enable_backup_retention_rule.go │ │ │ ├── enable_backup_retention_rule_test.go │ │ │ ├── enable_in_transit_encryption_rule.go │ │ │ └── enable_in_transit_encryption_rule_test.go │ │ ├── elasticsearch │ │ │ ├── enable_domain_encryption_rule.go │ │ │ ├── enable_domain_encryption_rule_test.go │ │ │ ├── enable_domain_logging_rule.go │ │ │ ├── enable_domain_logging_rule_test.go │ │ │ ├── enable_in_transit_encryption_rule.go │ │ │ ├── enable_in_transit_encryption_rule_test.go │ │ │ ├── enforce_https_rule.go │ │ │ ├── enforce_https_rule_test.go │ │ │ ├── use_secure_tls_policy_rule.go │ │ │ └── use_secure_tls_policy_rule_test.go │ │ ├── elb │ │ │ ├── alb_not_public_rule.go │ │ │ ├── alb_not_public_rule_test.go │ │ │ ├── drop_invalid_headers_rule.go │ │ │ ├── drop_invalid_headers_rule_test.go │ │ │ ├── http_not_used_rule.go │ │ │ ├── http_not_used_rule_test.go │ │ │ ├── use_secure_tls_policy_rule.go │ │ │ └── use_secure_tls_policy_rule_test.go │ │ ├── iam │ │ │ ├── no_policy_wildcards_rule.go │ │ │ └── no_policy_wildcards_rule_test.go │ │ ├── kinesis │ │ │ ├── enable_in_transit_encryption_rule.go │ │ │ └── enable_in_transit_encryption_rule_test.go │ │ ├── lambda │ │ │ ├── enable_tracing_rule.go │ │ │ ├── enable_tracing_rule_test.go │ │ │ ├── restrict_source_arn_rule.go │ │ │ └── restrict_source_arn_rule_test.go │ │ ├── mq │ │ │ ├── enable_audit_logging_rule.go │ │ │ ├── enable_audit_logging_rule_test.go │ │ │ ├── enable_general_logging_rule.go │ │ │ ├── enable_general_logging_rule_test.go │ │ │ ├── no_public_access_rule.go │ │ │ └── no_public_access_rule_test.go │ │ ├── msk │ │ │ ├── enable_in_transit_encryption_rule.go │ │ │ ├── enable_in_transit_encryption_rule_test.go │ │ │ ├── enable_logging_rule.go │ │ │ └── enable_logging_rule_test.go │ │ ├── neptune │ │ │ ├── enable_log_export_rule.go │ │ │ ├── enable_log_export_rule_test.go │ │ │ ├── enable_storage_encryption_rule.go │ │ │ └── enable_storage_encryption_rule_test.go │ │ ├── rds │ │ │ ├── enable_performance_insights_rule.go │ │ │ ├── enable_performance_insights_rule_test.go │ │ │ ├── encrypt_cluster_storage_data_rule.go │ │ │ ├── encrypt_cluster_storage_data_rule_test.go │ │ │ ├── encrypt_instance_storage_data_rule.go │ │ │ ├── encrypt_instance_storage_data_rule_test.go │ │ │ ├── no_classic_resources_rule.go │ │ │ ├── no_classic_resources_rule_test.go │ │ │ ├── no_public_db_access_rule.go │ │ │ ├── no_public_db_access_rule_test.go │ │ │ ├── specify_backup_retention_rule.go │ │ │ └── specify_backup_retention_rule_test.go │ │ ├── redshift │ │ │ ├── add_description_to_security_group_rule.go │ │ │ ├── add_description_to_security_group_rule_test.go │ │ │ ├── encryption_customer_key_rule.go │ │ │ ├── encryption_customer_key_rule_test.go │ │ │ ├── no_classic_resources_rule.go │ │ │ ├── no_classic_resources_rule_test.go │ │ │ ├── use_vpc_rule.go │ │ │ └── use_vpc_rule_test.go │ │ ├── s3 │ │ │ ├── block_public_acls_rule.go │ │ │ ├── block_public_acls_rule_test.go │ │ │ ├── block_public_policy_rule.go │ │ │ ├── block_public_policy_rule_test.go │ │ │ ├── enable_encryption_rule.go │ │ │ ├── enable_encryption_rule_test.go │ │ │ ├── enable_logging_rule.go │ │ │ ├── enable_logging_rule_test.go │ │ │ ├── enable_versioning_rule.go │ │ │ ├── enable_versioning_rule_test.go │ │ │ ├── ignore_public_acls_rule.go │ │ │ ├── ignore_public_acls_rule_test.go │ │ │ ├── no_pubic_acls_rule.go │ │ │ ├── no_pubic_acls_rule_test.go │ │ │ ├── require_public_access_block_rule.go │ │ │ ├── require_public_access_block_rule_test.go │ │ │ ├── restrict_public_buckets_rule.go │ │ │ └── restrict_public_buckets_rule_test.go │ │ ├── sam │ │ │ ├── api_use_secure_tls_rule.go │ │ │ ├── api_use_secure_tls_rule_test.go │ │ │ ├── enable_api_access_logging_rule.go │ │ │ ├── enable_api_access_logging_rule_test.go │ │ │ ├── enable_api_cache_encryption_rule.go │ │ │ ├── enable_api_cache_encryption_rule_test.go │ │ │ ├── enable_api_tracing_rule.go │ │ │ ├── enable_api_tracing_rule_test.go │ │ │ ├── enable_function_tracing_rule.go │ │ │ ├── enable_function_tracing_rule_test.go │ │ │ ├── enable_http_api_access_logging_rule.go │ │ │ ├── enable_http_api_access_logging_rule_test.go │ │ │ ├── enable_state_machine_tracing_rule.go │ │ │ ├── enable_state_machine_tracing_rule_test.go │ │ │ ├── enable_table_encryption_rule.go │ │ │ ├── enable_table_encryption_rule_test.go │ │ │ ├── no_function_policy_wildcards_rule.go │ │ │ ├── no_function_policy_wildcards_rule_test.go │ │ │ ├── no_state_machine_policy_wildcards_rule.go │ │ │ └── no_state_machine_policy_wildcards_rule_test.go │ │ ├── sns │ │ │ ├── enable_topic_encryption_rule.go │ │ │ └── enable_topic_encryption_rule_test.go │ │ ├── sqs │ │ │ ├── enable_queue_encryption_rule.go │ │ │ ├── enable_queue_encryption_rule_test.go │ │ │ ├── no_wildcards_in_policy_documents_rule.go │ │ │ └── no_wildcards_in_policy_documents_rule_test.go │ │ ├── ssm │ │ │ ├── secret_use_customer_key_rule.go │ │ │ └── secret_use_customer_key_rule_test.go │ │ ├── vpc │ │ │ ├── add_description_to_security_group_rule.go │ │ │ ├── add_description_to_security_group_rule_rule.go │ │ │ ├── add_description_to_security_group_rule_rule_test.go │ │ │ ├── add_description_to_security_group_rule_test.go │ │ │ ├── no_excessive_port_access_rule.go │ │ │ ├── no_excessive_port_access_rule_test.go │ │ │ ├── no_public_egress_sgr_rule.go │ │ │ ├── no_public_egress_sgr_rule_test.go │ │ │ ├── no_public_ingress_acl_rule.go │ │ │ ├── no_public_ingress_acl_rule_test.go │ │ │ ├── no_public_ingress_sgr_rule.go │ │ │ └── no_public_ingress_sgr_rule_test.go │ │ └── workspaces │ │ │ ├── enable_disk_encryption_rule.go │ │ │ └── enable_disk_encryption_rule_test.go │ └── rule.go │ ├── scanner │ ├── ignores.go │ ├── option.go │ └── scanner.go │ ├── test │ ├── ignore_test.go │ ├── init_test.go │ ├── runner.go │ └── tease_test.go │ ├── testutil │ ├── filesystem │ │ └── fs.go │ └── util.go │ └── util │ └── json_blob_extractor.go ├── logo.png ├── mkdocs.yml ├── pkg ├── externalscan │ ├── external_scan.go │ ├── external_scan_test.go │ └── option.go └── result │ └── result.go ├── screenshot.png ├── scripts ├── build_checks_nav.py ├── install.sh └── publish-docs.sh └── vendor ├── github.com ├── ProtonMail │ └── go-crypto │ │ ├── AUTHORS │ │ ├── CONTRIBUTORS │ │ ├── LICENSE │ │ ├── PATENTS │ │ ├── bitcurves │ │ └── bitcurve.go │ │ ├── brainpool │ │ ├── brainpool.go │ │ └── rcurve.go │ │ ├── eax │ │ ├── eax.go │ │ ├── eax_test_vectors.go │ │ └── random_vectors.go │ │ ├── internal │ │ └── byteutil │ │ │ └── byteutil.go │ │ ├── ocb │ │ ├── ocb.go │ │ ├── random_vectors.go │ │ ├── rfc7253_test_vectors_suite_a.go │ │ └── rfc7253_test_vectors_suite_b.go │ │ └── openpgp │ │ ├── aes │ │ └── keywrap │ │ │ └── keywrap.go │ │ ├── armor │ │ ├── armor.go │ │ └── encode.go │ │ ├── canonical_text.go │ │ ├── ecdh │ │ ├── ecdh.go │ │ └── x25519.go │ │ ├── elgamal │ │ └── elgamal.go │ │ ├── errors │ │ └── errors.go │ │ ├── internal │ │ ├── algorithm │ │ │ ├── aead.go │ │ │ ├── cipher.go │ │ │ └── hash.go │ │ ├── ecc │ │ │ ├── curveInfo.go │ │ │ └── curveType.go │ │ └── encoding │ │ │ ├── encoding.go │ │ │ ├── mpi.go │ │ │ └── oid.go │ │ ├── key_generation.go │ │ ├── keys.go │ │ ├── keys_test_data.go │ │ ├── packet │ │ ├── aead_config.go │ │ ├── aead_encrypted.go │ │ ├── compressed.go │ │ ├── config.go │ │ ├── encrypted_key.go │ │ ├── literal.go │ │ ├── ocfb.go │ │ ├── one_pass_signature.go │ │ ├── opaque.go │ │ ├── packet.go │ │ ├── private_key.go │ │ ├── private_key_test_data.go │ │ ├── public_key.go │ │ ├── public_key_test_data.go │ │ ├── reader.go │ │ ├── signature.go │ │ ├── symmetric_key_encrypted.go │ │ ├── symmetrically_encrypted.go │ │ ├── userattribute.go │ │ └── userid.go │ │ ├── read.go │ │ ├── read_write_test_data.go │ │ ├── s2k │ │ └── s2k.go │ │ └── write.go ├── acomagu │ └── bufpipe │ │ ├── README.md │ │ ├── bufpipe.go │ │ ├── doc.go │ │ ├── go.mod │ │ └── go.sum ├── apparentlymart │ └── go-cidr │ │ ├── LICENSE │ │ └── cidr │ │ ├── cidr.go │ │ └── wrangling.go ├── aquasecurity │ └── defsec │ │ ├── LICENSE │ │ ├── cidr │ │ └── cidr.go │ │ ├── formatters │ │ ├── checkstyle.go │ │ ├── csv.go │ │ ├── default.go │ │ ├── formatter.go │ │ ├── gif.go │ │ ├── json.go │ │ ├── junit.go │ │ ├── sarif.go │ │ └── text.go │ │ ├── metrics │ │ ├── category.go │ │ ├── count.go │ │ ├── metric.go │ │ └── timer.go │ │ ├── provider │ │ ├── aws │ │ │ ├── apigateway │ │ │ │ └── apigateway.go │ │ │ ├── athena │ │ │ │ └── athena.go │ │ │ ├── autoscaling │ │ │ │ └── autoscaling.go │ │ │ ├── aws.go │ │ │ ├── cloudfront │ │ │ │ └── cloudfront.go │ │ │ ├── cloudtrail │ │ │ │ └── cloudtrail.go │ │ │ ├── cloudwatch │ │ │ │ └── cloudwatch.go │ │ │ ├── codebuild │ │ │ │ └── codebuild.go │ │ │ ├── config │ │ │ │ └── config.go │ │ │ ├── documentdb │ │ │ │ └── documentdb.go │ │ │ ├── dynamodb │ │ │ │ └── dynamodb.go │ │ │ ├── ebs │ │ │ │ └── ebs.go │ │ │ ├── ec2 │ │ │ │ ├── ec2.go │ │ │ │ └── instance.go │ │ │ ├── ecr │ │ │ │ └── ecr.go │ │ │ ├── ecs │ │ │ │ └── ecs.go │ │ │ ├── efs │ │ │ │ └── efs.go │ │ │ ├── eks │ │ │ │ └── eks.go │ │ │ ├── elasticache │ │ │ │ └── elasticache.go │ │ │ ├── elasticsearch │ │ │ │ └── elasticsearch.go │ │ │ ├── elb │ │ │ │ └── elb.go │ │ │ ├── iam │ │ │ │ ├── iam.go │ │ │ │ ├── passwords.go │ │ │ │ ├── policy.go │ │ │ │ └── wildcards.go │ │ │ ├── kinesis │ │ │ │ └── kinesis.go │ │ │ ├── kms │ │ │ │ └── kms.go │ │ │ ├── lambda │ │ │ │ └── lambda.go │ │ │ ├── mq │ │ │ │ └── mq.go │ │ │ ├── msk │ │ │ │ └── msk.go │ │ │ ├── neptune │ │ │ │ └── neptune.go │ │ │ ├── rds │ │ │ │ ├── classic.go │ │ │ │ └── rds.go │ │ │ ├── redshift │ │ │ │ └── redshift.go │ │ │ ├── s3 │ │ │ │ ├── bucket.go │ │ │ │ ├── bucket_public_access_block.go │ │ │ │ └── s3.go │ │ │ ├── sam │ │ │ │ ├── api.go │ │ │ │ ├── application.go │ │ │ │ ├── function.go │ │ │ │ ├── http_api.go │ │ │ │ ├── sam.go │ │ │ │ ├── state_machine.go │ │ │ │ └── table.go │ │ │ ├── sns │ │ │ │ └── sns.go │ │ │ ├── sqs │ │ │ │ └── sqs.go │ │ │ ├── ssm │ │ │ │ └── ssm.go │ │ │ ├── vpc │ │ │ │ └── vpc.go │ │ │ └── workspaces │ │ │ │ └── workspaces.go │ │ ├── azure │ │ │ ├── appservice │ │ │ │ └── appservice.go │ │ │ ├── authorization │ │ │ │ └── authorization.go │ │ │ ├── azure.go │ │ │ ├── compute │ │ │ │ └── compute.go │ │ │ ├── container │ │ │ │ └── container.go │ │ │ ├── database │ │ │ │ └── database.go │ │ │ ├── datafactory │ │ │ │ └── datafactory.go │ │ │ ├── datalake │ │ │ │ └── datalake.go │ │ │ ├── keyvault │ │ │ │ └── keyvault.go │ │ │ ├── monitor │ │ │ │ └── monitor.go │ │ │ ├── network │ │ │ │ └── network.go │ │ │ ├── securitycenter │ │ │ │ └── securitycenter.go │ │ │ ├── storage │ │ │ │ └── storage.go │ │ │ └── synapse │ │ │ │ └── synapse.go │ │ ├── cloudstack │ │ │ ├── cloudstack.go │ │ │ └── compute │ │ │ │ └── compute.go │ │ ├── digitalocean │ │ │ ├── compute │ │ │ │ └── compute.go │ │ │ ├── digitalocean.go │ │ │ └── spaces │ │ │ │ └── spaces.go │ │ ├── github │ │ │ ├── actions.go │ │ │ ├── github.go │ │ │ └── repositories.go │ │ ├── google │ │ │ ├── bigquery │ │ │ │ └── bigquery.go │ │ │ ├── compute │ │ │ │ ├── compute.go │ │ │ │ ├── disk.go │ │ │ │ ├── firewall.go │ │ │ │ ├── instance.go │ │ │ │ ├── metadata.go │ │ │ │ ├── network.go │ │ │ │ ├── ssl_policy.go │ │ │ │ └── subnetwork.go │ │ │ ├── dns │ │ │ │ └── dns.go │ │ │ ├── gke │ │ │ │ └── gke.go │ │ │ ├── google.go │ │ │ ├── iam │ │ │ │ └── iam.go │ │ │ ├── kms │ │ │ │ └── kms.go │ │ │ ├── platform │ │ │ │ └── platform.go │ │ │ ├── sql │ │ │ │ └── sql.go │ │ │ └── storage │ │ │ │ └── storage.go │ │ ├── kubernetes │ │ │ └── kubernetes.go │ │ ├── openstack │ │ │ └── openstack.go │ │ ├── oracle │ │ │ └── oracle.go │ │ └── provider.go │ │ ├── rules │ │ ├── aws │ │ │ ├── apigateway │ │ │ │ ├── enable_access_logging.go │ │ │ │ ├── enable_cache_encryption.go │ │ │ │ ├── enable_tracing.go │ │ │ │ ├── no_public_access.go │ │ │ │ └── use_secure_tls_policy.go │ │ │ ├── athena │ │ │ │ ├── enable_at_rest_encryption.go │ │ │ │ └── no_encryption_override.go │ │ │ ├── autoscaling │ │ │ │ ├── enable_at_rest_encryption.go │ │ │ │ ├── no_public_ip.go │ │ │ │ └── no_sensitive_info.go │ │ │ ├── cloudfront │ │ │ │ ├── enable_logging.go │ │ │ │ ├── enable_waf.go │ │ │ │ ├── enforce_https.go │ │ │ │ └── use_secure_tls_policy.go │ │ │ ├── cloudtrail │ │ │ │ ├── enable_all_regions.go │ │ │ │ ├── enable_at_rest_encryption.go │ │ │ │ └── enable_log_validation.go │ │ │ ├── cloudwatch │ │ │ │ └── log_group_customer_key.go │ │ │ ├── codebuild │ │ │ │ └── enable_encryption.go │ │ │ ├── config │ │ │ │ └── aggregate_all_regions.go │ │ │ ├── documentdb │ │ │ │ ├── enable_log_export.go │ │ │ │ ├── enable_storage_encryption.go │ │ │ │ └── encryption_customer_key.go │ │ │ ├── dynamodb │ │ │ │ ├── enable_at_rest_encryption.go │ │ │ │ ├── enable_recovery.go │ │ │ │ └── table_customer_key.go │ │ │ ├── ebs │ │ │ │ ├── enable_volume_encryption.go │ │ │ │ └── encryption_customer_key.go │ │ │ ├── ec2 │ │ │ │ ├── imds_http_tokens.go │ │ │ │ └── no_secrets_in_user_data.go │ │ │ ├── ecr │ │ │ │ ├── enable_image_scans.go │ │ │ │ ├── enforce_immutable_repository.go │ │ │ │ ├── no_public_access.go │ │ │ │ └── repository_customer_key.go │ │ │ ├── ecs │ │ │ │ ├── enable_container_insight.go │ │ │ │ ├── enable_in_transit_encryption.go │ │ │ │ └── no_plaintext_secrets.go │ │ │ ├── efs │ │ │ │ └── enable_at_rest_encryption.go │ │ │ ├── eks │ │ │ │ ├── enable_control_plane_logging.go │ │ │ │ ├── encrypt_secrets.go │ │ │ │ ├── no_public_cluster_access.go │ │ │ │ └── no_public_cluster_access_to_cidr.go │ │ │ ├── elasticache │ │ │ │ ├── add_description_for_security_group.go │ │ │ │ ├── enable_at_rest_encryption.go │ │ │ │ ├── enable_backup_retention.go │ │ │ │ └── enable_in_transit_encryption.go │ │ │ ├── elasticsearch │ │ │ │ ├── enable_domain_encryption.go │ │ │ │ ├── enable_domain_logging.go │ │ │ │ ├── enable_in_transit_encryption.go │ │ │ │ ├── enforce_https.go │ │ │ │ └── use_secure_tls_policy.go │ │ │ ├── elb │ │ │ │ ├── alb_not_public.go │ │ │ │ ├── drop_invalid_headers.go │ │ │ │ ├── http_not_used.go │ │ │ │ └── use_secure_tls_policy.go │ │ │ ├── iam │ │ │ │ ├── enforce_mfa.go │ │ │ │ ├── no_password_reuse.go │ │ │ │ ├── no_policy_wildcards.go │ │ │ │ ├── require_lowercase_in_passwords.go │ │ │ │ ├── require_numbers_in_passwords.go │ │ │ │ ├── require_symbols_in_passwords.go │ │ │ │ ├── require_uppercase_in_passwords.go │ │ │ │ ├── set_max_password_age.go │ │ │ │ └── set_minimum_password_length.go │ │ │ ├── kinesis │ │ │ │ └── enable_in_transit_encryption.go │ │ │ ├── lambda │ │ │ │ ├── enable_tracing.go │ │ │ │ └── restrict_source_arn.go │ │ │ ├── mq │ │ │ │ ├── enable_audit_logging.go │ │ │ │ ├── enable_general_logging.go │ │ │ │ └── no_public_access.go │ │ │ ├── msk │ │ │ │ ├── enable_in_transit_encryption.go │ │ │ │ └── enable_logging.go │ │ │ ├── neptune │ │ │ │ ├── enable_log_export.go │ │ │ │ └── enable_storage_encryption.go │ │ │ ├── rds │ │ │ │ ├── enable_performance_insights.go │ │ │ │ ├── encrypt_cluster_storage_data.go │ │ │ │ ├── encrypt_instance_storage_data.go │ │ │ │ ├── no_classic_resources.go │ │ │ │ ├── no_public_db_access.go │ │ │ │ └── specify_backup_retention.go │ │ │ ├── redshift │ │ │ │ ├── add_description_to_security_group.go │ │ │ │ ├── encryption_customer_key.go │ │ │ │ ├── no_classic_resources.go │ │ │ │ └── non_default_vpc_deployment.go │ │ │ ├── s3 │ │ │ │ ├── block_public_acls.go │ │ │ │ ├── block_public_policy.go │ │ │ │ ├── enable_encryption.go │ │ │ │ ├── enable_logging.go │ │ │ │ ├── enable_versioning.go │ │ │ │ ├── ignore_public_acls.go │ │ │ │ ├── no_public_acl.go │ │ │ │ ├── require_public_access_block.go │ │ │ │ └── restrict_public_buckets.go │ │ │ ├── sam │ │ │ │ ├── enable_api_access_logging.go │ │ │ │ ├── enable_api_tracing.go │ │ │ │ ├── enable_cache_encryption.go │ │ │ │ ├── enable_function_tracing.go │ │ │ │ ├── enable_http_api_access_logging.go │ │ │ │ ├── enable_state_machine_logging.go │ │ │ │ ├── enable_state_machine_tracing.go │ │ │ │ ├── enable_table_encryption.go │ │ │ │ ├── no_function_policy_wildcards.go │ │ │ │ ├── no_state_machine_policy_wildcards.go │ │ │ │ └── use_secure_tls_policy.go │ │ │ ├── sns │ │ │ │ └── enable_topic_encryption.go │ │ │ ├── sqs │ │ │ │ ├── enable_queue_encryption.go │ │ │ │ └── no_wildcards_in_policy_documents.go │ │ │ ├── ssm │ │ │ │ └── secret_use_customer_key.go │ │ │ ├── vpc │ │ │ │ ├── add_description_to_security_group.go │ │ │ │ ├── add_description_to_security_group_rule.go │ │ │ │ ├── no_default_vpc.go │ │ │ │ ├── no_excessive_port_access.go │ │ │ │ ├── no_public_egress_sgr.go │ │ │ │ ├── no_public_ingress_acl.go │ │ │ │ └── no_public_ingress_sgr.go │ │ │ └── workspaces │ │ │ │ └── enable_disk_encryption.go │ │ ├── flat.go │ │ ├── register.go │ │ ├── result.go │ │ └── rule.go │ │ ├── severity │ │ └── severity.go │ │ ├── state │ │ └── state.go │ │ └── types │ │ ├── bool_value.go │ │ ├── bytes_value.go │ │ ├── int_value.go │ │ ├── map_value.go │ │ ├── metadata.go │ │ ├── range.go │ │ ├── reference.go │ │ ├── string_value.go │ │ └── time_value.go ├── davecgh │ └── go-spew │ │ ├── LICENSE │ │ └── spew │ │ ├── bypass.go │ │ ├── bypasssafe.go │ │ ├── common.go │ │ ├── config.go │ │ ├── doc.go │ │ ├── dump.go │ │ ├── format.go │ │ └── spew.go ├── emirpasic │ └── gods │ │ ├── LICENSE │ │ ├── containers │ │ ├── containers.go │ │ ├── enumerable.go │ │ ├── iterator.go │ │ └── serialization.go │ │ ├── lists │ │ ├── arraylist │ │ │ ├── arraylist.go │ │ │ ├── enumerable.go │ │ │ ├── iterator.go │ │ │ └── serialization.go │ │ └── lists.go │ │ ├── trees │ │ ├── binaryheap │ │ │ ├── binaryheap.go │ │ │ ├── iterator.go │ │ │ └── serialization.go │ │ └── trees.go │ │ └── utils │ │ ├── comparator.go │ │ ├── sort.go │ │ └── utils.go ├── gdamore │ ├── encoding │ │ ├── .appveyor.yml │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── ascii.go │ │ ├── charmap.go │ │ ├── doc.go │ │ ├── ebcdic.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── latin1.go │ │ ├── latin5.go │ │ └── utf8.go │ └── tcell │ │ └── v2 │ │ ├── .appveyor.yml │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── AUTHORS │ │ ├── CHANGESv2.adoc │ │ ├── LICENSE │ │ ├── README.adoc │ │ ├── TUTORIAL.adoc │ │ ├── attr.go │ │ ├── cell.go │ │ ├── charset_stub.go │ │ ├── charset_unix.go │ │ ├── charset_windows.go │ │ ├── color.go │ │ ├── colorfit.go │ │ ├── console_stub.go │ │ ├── console_win.go │ │ ├── doc.go │ │ ├── encoding.go │ │ ├── errors.go │ │ ├── event.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── interrupt.go │ │ ├── key.go │ │ ├── mouse.go │ │ ├── nonblock_bsd.go │ │ ├── nonblock_stub.go │ │ ├── nonblock_unix.go │ │ ├── paste.go │ │ ├── resize.go │ │ ├── runes.go │ │ ├── screen.go │ │ ├── simulation.go │ │ ├── style.go │ │ ├── terminfo │ │ ├── .gitignore │ │ ├── README.md │ │ ├── TERMINALS.md │ │ ├── a │ │ │ ├── aixterm │ │ │ │ └── term.go │ │ │ ├── alacritty │ │ │ │ └── term.go │ │ │ └── ansi │ │ │ │ └── term.go │ │ ├── b │ │ │ └── beterm │ │ │ │ └── term.go │ │ ├── base │ │ │ └── base.go │ │ ├── c │ │ │ └── cygwin │ │ │ │ └── term.go │ │ ├── d │ │ │ └── dtterm │ │ │ │ └── term.go │ │ ├── dynamic │ │ │ └── dynamic.go │ │ ├── e │ │ │ └── emacs │ │ │ │ └── term.go │ │ ├── extended │ │ │ └── extended.go │ │ ├── g │ │ │ └── gnome │ │ │ │ └── term.go │ │ ├── gen.sh │ │ ├── h │ │ │ └── hpterm │ │ │ │ └── term.go │ │ ├── k │ │ │ ├── konsole │ │ │ │ └── term.go │ │ │ └── kterm │ │ │ │ └── term.go │ │ ├── l │ │ │ └── linux │ │ │ │ └── term.go │ │ ├── models.txt │ │ ├── p │ │ │ └── pcansi │ │ │ │ └── term.go │ │ ├── r │ │ │ └── rxvt │ │ │ │ └── term.go │ │ ├── s │ │ │ ├── screen │ │ │ │ └── term.go │ │ │ ├── simpleterm │ │ │ │ └── term.go │ │ │ └── sun │ │ │ │ └── term.go │ │ ├── t │ │ │ ├── termite │ │ │ │ └── term.go │ │ │ └── tmux │ │ │ │ └── term.go │ │ ├── terminfo.go │ │ ├── v │ │ │ ├── vt100 │ │ │ │ └── term.go │ │ │ ├── vt102 │ │ │ │ └── term.go │ │ │ ├── vt220 │ │ │ │ └── term.go │ │ │ ├── vt320 │ │ │ │ └── term.go │ │ │ ├── vt400 │ │ │ │ └── term.go │ │ │ ├── vt420 │ │ │ │ └── term.go │ │ │ └── vt52 │ │ │ │ └── term.go │ │ ├── w │ │ │ ├── wy50 │ │ │ │ └── term.go │ │ │ ├── wy60 │ │ │ │ └── term.go │ │ │ └── wy99_ansi │ │ │ │ └── term.go │ │ └── x │ │ │ ├── xfce │ │ │ └── term.go │ │ │ ├── xterm │ │ │ └── term.go │ │ │ ├── xterm_kitty │ │ │ └── term.go │ │ │ └── xterm_termite │ │ │ └── term.go │ │ ├── terms_default.go │ │ ├── terms_dynamic.go │ │ ├── terms_static.go │ │ ├── tscreen.go │ │ ├── tscreen_stub.go │ │ └── tscreen_unix.go ├── go-git │ ├── gcfg │ │ ├── LICENSE │ │ ├── README │ │ ├── doc.go │ │ ├── errors.go │ │ ├── go1_0.go │ │ ├── go1_2.go │ │ ├── read.go │ │ ├── scanner │ │ │ ├── errors.go │ │ │ └── scanner.go │ │ ├── set.go │ │ ├── token │ │ │ ├── position.go │ │ │ ├── serialize.go │ │ │ └── token.go │ │ └── types │ │ │ ├── bool.go │ │ │ ├── doc.go │ │ │ ├── enum.go │ │ │ ├── int.go │ │ │ └── scan.go │ ├── go-billy │ │ └── v5 │ │ │ ├── .gitignore │ │ │ ├── LICENSE │ │ │ ├── README.md │ │ │ ├── fs.go │ │ │ ├── go.mod │ │ │ ├── go.sum │ │ │ ├── helper │ │ │ ├── chroot │ │ │ │ └── chroot.go │ │ │ └── polyfill │ │ │ │ └── polyfill.go │ │ │ ├── memfs │ │ │ ├── memory.go │ │ │ └── storage.go │ │ │ ├── osfs │ │ │ ├── os.go │ │ │ ├── os_js.go │ │ │ ├── os_plan9.go │ │ │ ├── os_posix.go │ │ │ └── os_windows.go │ │ │ └── util │ │ │ ├── glob.go │ │ │ └── util.go │ └── go-git │ │ └── v5 │ │ ├── LICENSE │ │ ├── config │ │ ├── branch.go │ │ ├── config.go │ │ ├── modules.go │ │ ├── refspec.go │ │ └── url.go │ │ ├── internal │ │ └── url │ │ │ └── url.go │ │ ├── plumbing │ │ ├── color │ │ │ └── color.go │ │ ├── error.go │ │ ├── filemode │ │ │ └── filemode.go │ │ ├── format │ │ │ ├── config │ │ │ │ ├── common.go │ │ │ │ ├── decoder.go │ │ │ │ ├── doc.go │ │ │ │ ├── encoder.go │ │ │ │ ├── option.go │ │ │ │ └── section.go │ │ │ ├── diff │ │ │ │ ├── colorconfig.go │ │ │ │ ├── patch.go │ │ │ │ └── unified_encoder.go │ │ │ └── index │ │ │ │ ├── decoder.go │ │ │ │ ├── doc.go │ │ │ │ ├── encoder.go │ │ │ │ ├── index.go │ │ │ │ └── match.go │ │ ├── hash.go │ │ ├── memory.go │ │ ├── object.go │ │ ├── object │ │ │ ├── blob.go │ │ │ ├── change.go │ │ │ ├── change_adaptor.go │ │ │ ├── commit.go │ │ │ ├── commit_walker.go │ │ │ ├── commit_walker_bfs.go │ │ │ ├── commit_walker_bfs_filtered.go │ │ │ ├── commit_walker_ctime.go │ │ │ ├── commit_walker_limit.go │ │ │ ├── commit_walker_path.go │ │ │ ├── common.go │ │ │ ├── difftree.go │ │ │ ├── file.go │ │ │ ├── merge_base.go │ │ │ ├── object.go │ │ │ ├── patch.go │ │ │ ├── rename.go │ │ │ ├── tag.go │ │ │ ├── tree.go │ │ │ └── treenoder.go │ │ ├── reference.go │ │ ├── revision.go │ │ └── storer │ │ │ ├── doc.go │ │ │ ├── index.go │ │ │ ├── object.go │ │ │ ├── reference.go │ │ │ ├── shallow.go │ │ │ └── storer.go │ │ ├── storage │ │ └── storer.go │ │ └── utils │ │ ├── binary │ │ ├── read.go │ │ └── write.go │ │ ├── diff │ │ └── diff.go │ │ ├── ioutil │ │ ├── common.go │ │ ├── pipe.go │ │ └── pipe_js.go │ │ └── merkletrie │ │ ├── change.go │ │ ├── difftree.go │ │ ├── doc.go │ │ ├── doubleiter.go │ │ ├── internal │ │ └── frame │ │ │ └── frame.go │ │ ├── iter.go │ │ └── noder │ │ ├── noder.go │ │ └── path.go ├── inconshreveable │ └── mousetrap │ │ ├── LICENSE │ │ ├── README.md │ │ ├── trap_others.go │ │ ├── trap_windows.go │ │ └── trap_windows_1.4.go ├── jbenet │ └── go-context │ │ ├── LICENSE │ │ └── io │ │ └── ctxio.go ├── liamg │ ├── clinch │ │ ├── LICENSE │ │ └── terminal │ │ │ ├── print.go │ │ │ ├── size.go │ │ │ └── terminal.go │ ├── gifwrap │ │ ├── LICENSE │ │ └── pkg │ │ │ └── ascii │ │ │ ├── ascii.go │ │ │ └── gif.go │ ├── jfather │ │ ├── .vimspector.json │ │ ├── README.md │ │ ├── decode.go │ │ ├── decode_array.go │ │ ├── decode_boolean.go │ │ ├── decode_null.go │ │ ├── decode_number.go │ │ ├── decode_object.go │ │ ├── decode_string.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── kind.go │ │ ├── node.go │ │ ├── parse.go │ │ ├── parse_array.go │ │ ├── parse_boolean.go │ │ ├── parse_null.go │ │ ├── parse_number.go │ │ ├── parse_object.go │ │ ├── parse_string.go │ │ ├── parse_whitespace.go │ │ ├── reader.go │ │ └── unmarshal.go │ └── tml │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── Makefile │ │ ├── README.md │ │ ├── disable.go │ │ ├── example.png │ │ ├── go.mod │ │ ├── go.sum │ │ ├── new_line.go │ │ ├── parse.go │ │ ├── parser.go │ │ ├── printf.go │ │ ├── println.go │ │ ├── sprintf.go │ │ └── tags.go ├── lucasb-eyer │ └── go-colorful │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── colorgens.go │ │ ├── colors.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── happy_palettegen.go │ │ ├── hexcolor.go │ │ ├── soft_palettegen.go │ │ └── warm_palettegen.go ├── mattn │ └── go-runewidth │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── go.mod │ │ ├── go.sum │ │ ├── go.test.sh │ │ ├── runewidth.go │ │ ├── runewidth_appengine.go │ │ ├── runewidth_js.go │ │ ├── runewidth_posix.go │ │ ├── runewidth_table.go │ │ └── runewidth_windows.go ├── mitchellh │ └── go-homedir │ │ ├── LICENSE │ │ ├── README.md │ │ ├── go.mod │ │ └── homedir.go ├── owenrumney │ ├── go-sarif │ │ └── v2 │ │ │ ├── LICENSE │ │ │ └── sarif │ │ │ ├── address.go │ │ │ ├── artifact.go │ │ │ ├── artifact_change.go │ │ │ ├── artifact_content.go │ │ │ ├── artifact_location.go │ │ │ ├── attachment.go │ │ │ ├── code_flow.go │ │ │ ├── configuration_override.go │ │ │ ├── conversion.go │ │ │ ├── edge.go │ │ │ ├── edge_traversal.go │ │ │ ├── exception.go │ │ │ ├── external_properties.go │ │ │ ├── external_property_file_reference.go │ │ │ ├── external_property_file_references.go │ │ │ ├── fix.go │ │ │ ├── graph.go │ │ │ ├── graph_traversal.go │ │ │ ├── invocation.go │ │ │ ├── location.go │ │ │ ├── location_relationship.go │ │ │ ├── logical_location.go │ │ │ ├── message.go │ │ │ ├── multi_format_message_string.go │ │ │ ├── node.go │ │ │ ├── notification.go │ │ │ ├── physical_location.go │ │ │ ├── properties.go │ │ │ ├── rectangle.go │ │ │ ├── region.go │ │ │ ├── replacement.go │ │ │ ├── reporting_configuration.go │ │ │ ├── reporting_descriptor.go │ │ │ ├── reporting_descriptor_reference.go │ │ │ ├── result.go │ │ │ ├── result_provenance.go │ │ │ ├── run.go │ │ │ ├── run_automation_details.go │ │ │ ├── sarif.go │ │ │ ├── special_locations.go │ │ │ ├── stack.go │ │ │ ├── stack_frame.go │ │ │ ├── suppression.go │ │ │ ├── test_helpers.go │ │ │ ├── thread_flow.go │ │ │ ├── thread_flow_location.go │ │ │ ├── tool.go │ │ │ ├── tool_component.go │ │ │ ├── tool_component_reference.go │ │ │ ├── translation_metadata.go │ │ │ ├── version_control_details.go │ │ │ ├── web_request.go │ │ │ └── web_response.go │ └── squealer │ │ ├── LICENSE │ │ ├── internal │ │ └── app │ │ │ └── squealer │ │ │ ├── match │ │ │ ├── matchers.go │ │ │ ├── transgression.go │ │ │ └── transgression_map.go │ │ │ └── mertics │ │ │ └── metrics.go │ │ └── pkg │ │ ├── config │ │ ├── config.go │ │ ├── default.go │ │ └── loader.go │ │ ├── result │ │ └── result.go │ │ └── squealer │ │ └── string_scanner.go ├── pmezard │ └── go-difflib │ │ ├── LICENSE │ │ └── difflib │ │ └── difflib.go ├── rivo │ └── uniseg │ │ ├── LICENSE.txt │ │ ├── README.md │ │ ├── doc.go │ │ ├── go.mod │ │ ├── grapheme.go │ │ └── properties.go ├── sergi │ └── go-diff │ │ ├── AUTHORS │ │ ├── CONTRIBUTORS │ │ ├── LICENSE │ │ └── diffmatchpatch │ │ ├── diff.go │ │ ├── diffmatchpatch.go │ │ ├── match.go │ │ ├── mathutil.go │ │ ├── operation_string.go │ │ ├── patch.go │ │ └── stringutil.go ├── sirupsen │ └── logrus │ │ ├── .gitignore │ │ ├── .golangci.yml │ │ ├── .travis.yml │ │ ├── CHANGELOG.md │ │ ├── LICENSE │ │ ├── README.md │ │ ├── alt_exit.go │ │ ├── appveyor.yml │ │ ├── buffer_pool.go │ │ ├── doc.go │ │ ├── entry.go │ │ ├── exported.go │ │ ├── formatter.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── hooks.go │ │ ├── json_formatter.go │ │ ├── logger.go │ │ ├── logrus.go │ │ ├── terminal_check_appengine.go │ │ ├── terminal_check_bsd.go │ │ ├── terminal_check_js.go │ │ ├── terminal_check_no_terminal.go │ │ ├── terminal_check_notappengine.go │ │ ├── terminal_check_solaris.go │ │ ├── terminal_check_unix.go │ │ ├── terminal_check_windows.go │ │ ├── text_formatter.go │ │ └── writer.go ├── spf13 │ ├── cobra │ │ ├── .gitignore │ │ ├── .golangci.yml │ │ ├── .mailmap │ │ ├── CHANGELOG.md │ │ ├── CONDUCT.md │ │ ├── CONTRIBUTING.md │ │ ├── LICENSE.txt │ │ ├── Makefile │ │ ├── README.md │ │ ├── args.go │ │ ├── bash_completions.go │ │ ├── bash_completions.md │ │ ├── bash_completionsV2.go │ │ ├── cobra.go │ │ ├── command.go │ │ ├── command_notwin.go │ │ ├── command_win.go │ │ ├── completions.go │ │ ├── fish_completions.go │ │ ├── fish_completions.md │ │ ├── go.mod │ │ ├── go.sum │ │ ├── powershell_completions.go │ │ ├── powershell_completions.md │ │ ├── projects_using_cobra.md │ │ ├── shell_completions.go │ │ ├── shell_completions.md │ │ ├── user_guide.md │ │ ├── zsh_completions.go │ │ └── zsh_completions.md │ └── pflag │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── bool.go │ │ ├── bool_slice.go │ │ ├── bytes.go │ │ ├── count.go │ │ ├── duration.go │ │ ├── duration_slice.go │ │ ├── flag.go │ │ ├── float32.go │ │ ├── float32_slice.go │ │ ├── float64.go │ │ ├── float64_slice.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── golangflag.go │ │ ├── int.go │ │ ├── int16.go │ │ ├── int32.go │ │ ├── int32_slice.go │ │ ├── int64.go │ │ ├── int64_slice.go │ │ ├── int8.go │ │ ├── int_slice.go │ │ ├── ip.go │ │ ├── ip_slice.go │ │ ├── ipmask.go │ │ ├── ipnet.go │ │ ├── string.go │ │ ├── string_array.go │ │ ├── string_slice.go │ │ ├── string_to_int.go │ │ ├── string_to_int64.go │ │ ├── string_to_string.go │ │ ├── uint.go │ │ ├── uint16.go │ │ ├── uint32.go │ │ ├── uint64.go │ │ ├── uint8.go │ │ └── uint_slice.go └── stretchr │ └── testify │ ├── LICENSE │ ├── assert │ ├── assertion_compare.go │ ├── assertion_format.go │ ├── assertion_format.go.tmpl │ ├── assertion_forward.go │ ├── assertion_forward.go.tmpl │ ├── assertion_order.go │ ├── assertions.go │ ├── doc.go │ ├── errors.go │ ├── forward_assertions.go │ └── http_assertions.go │ └── require │ ├── doc.go │ ├── forward_requirements.go │ ├── require.go │ ├── require.go.tmpl │ ├── require_forward.go │ ├── require_forward.go.tmpl │ └── requirements.go ├── golang.org └── x │ ├── crypto │ ├── AUTHORS │ ├── CONTRIBUTORS │ ├── LICENSE │ ├── PATENTS │ ├── cast5 │ │ └── cast5.go │ ├── curve25519 │ │ ├── curve25519.go │ │ ├── curve25519_amd64.go │ │ ├── curve25519_amd64.s │ │ ├── curve25519_generic.go │ │ └── curve25519_noasm.go │ ├── ed25519 │ │ ├── ed25519.go │ │ ├── ed25519_go113.go │ │ └── internal │ │ │ └── edwards25519 │ │ │ ├── const.go │ │ │ └── edwards25519.go │ └── ssh │ │ └── terminal │ │ └── terminal.go │ ├── net │ ├── AUTHORS │ ├── CONTRIBUTORS │ ├── LICENSE │ ├── PATENTS │ └── context │ │ ├── context.go │ │ ├── go17.go │ │ ├── go19.go │ │ ├── pre_go17.go │ │ └── pre_go19.go │ ├── sys │ ├── AUTHORS │ ├── CONTRIBUTORS │ ├── LICENSE │ ├── PATENTS │ ├── internal │ │ └── unsafeheader │ │ │ └── unsafeheader.go │ ├── plan9 │ │ ├── asm.s │ │ ├── asm_plan9_386.s │ │ ├── asm_plan9_amd64.s │ │ ├── asm_plan9_arm.s │ │ ├── const_plan9.go │ │ ├── dir_plan9.go │ │ ├── env_plan9.go │ │ ├── errors_plan9.go │ │ ├── mkall.sh │ │ ├── mkerrors.sh │ │ ├── mksysnum_plan9.sh │ │ ├── pwd_go15_plan9.go │ │ ├── pwd_plan9.go │ │ ├── race.go │ │ ├── race0.go │ │ ├── str.go │ │ ├── syscall.go │ │ ├── syscall_plan9.go │ │ ├── zsyscall_plan9_386.go │ │ ├── zsyscall_plan9_amd64.go │ │ ├── zsyscall_plan9_arm.go │ │ └── zsysnum_plan9.go │ ├── unix │ │ ├── .gitignore │ │ ├── README.md │ │ ├── affinity_linux.go │ │ ├── aliases.go │ │ ├── asm_aix_ppc64.s │ │ ├── asm_bsd_386.s │ │ ├── asm_bsd_amd64.s │ │ ├── asm_bsd_arm.s │ │ ├── asm_bsd_arm64.s │ │ ├── asm_linux_386.s │ │ ├── asm_linux_amd64.s │ │ ├── asm_linux_arm.s │ │ ├── asm_linux_arm64.s │ │ ├── asm_linux_mips64x.s │ │ ├── asm_linux_mipsx.s │ │ ├── asm_linux_ppc64x.s │ │ ├── asm_linux_riscv64.s │ │ ├── asm_linux_s390x.s │ │ ├── asm_openbsd_mips64.s │ │ ├── asm_solaris_amd64.s │ │ ├── asm_zos_s390x.s │ │ ├── bluetooth_linux.go │ │ ├── cap_freebsd.go │ │ ├── constants.go │ │ ├── dev_aix_ppc.go │ │ ├── dev_aix_ppc64.go │ │ ├── dev_darwin.go │ │ ├── dev_dragonfly.go │ │ ├── dev_freebsd.go │ │ ├── dev_linux.go │ │ ├── dev_netbsd.go │ │ ├── dev_openbsd.go │ │ ├── dev_zos.go │ │ ├── dirent.go │ │ ├── endian_big.go │ │ ├── endian_little.go │ │ ├── env_unix.go │ │ ├── epoll_zos.go │ │ ├── errors_freebsd_386.go │ │ ├── errors_freebsd_amd64.go │ │ ├── errors_freebsd_arm.go │ │ ├── errors_freebsd_arm64.go │ │ ├── fcntl.go │ │ ├── fcntl_darwin.go │ │ ├── fcntl_linux_32bit.go │ │ ├── fdset.go │ │ ├── fstatfs_zos.go │ │ ├── gccgo.go │ │ ├── gccgo_c.c │ │ ├── gccgo_linux_amd64.go │ │ ├── ioctl.go │ │ ├── ioctl_linux.go │ │ ├── ioctl_zos.go │ │ ├── mkall.sh │ │ ├── mkerrors.sh │ │ ├── pagesize_unix.go │ │ ├── pledge_openbsd.go │ │ ├── ptrace_darwin.go │ │ ├── ptrace_ios.go │ │ ├── race.go │ │ ├── race0.go │ │ ├── readdirent_getdents.go │ │ ├── readdirent_getdirentries.go │ │ ├── sockcmsg_dragonfly.go │ │ ├── sockcmsg_linux.go │ │ ├── sockcmsg_unix.go │ │ ├── sockcmsg_unix_other.go │ │ ├── str.go │ │ ├── syscall.go │ │ ├── syscall_aix.go │ │ ├── syscall_aix_ppc.go │ │ ├── syscall_aix_ppc64.go │ │ ├── syscall_bsd.go │ │ ├── syscall_darwin.1_12.go │ │ ├── syscall_darwin.1_13.go │ │ ├── syscall_darwin.go │ │ ├── syscall_darwin_amd64.go │ │ ├── syscall_darwin_arm64.go │ │ ├── syscall_darwin_libSystem.go │ │ ├── syscall_dragonfly.go │ │ ├── syscall_dragonfly_amd64.go │ │ ├── syscall_freebsd.go │ │ ├── syscall_freebsd_386.go │ │ ├── syscall_freebsd_amd64.go │ │ ├── syscall_freebsd_arm.go │ │ ├── syscall_freebsd_arm64.go │ │ ├── syscall_illumos.go │ │ ├── syscall_linux.go │ │ ├── syscall_linux_386.go │ │ ├── syscall_linux_amd64.go │ │ ├── syscall_linux_amd64_gc.go │ │ ├── syscall_linux_arm.go │ │ ├── syscall_linux_arm64.go │ │ ├── syscall_linux_gc.go │ │ ├── syscall_linux_gc_386.go │ │ ├── syscall_linux_gc_arm.go │ │ ├── syscall_linux_gccgo_386.go │ │ ├── syscall_linux_gccgo_arm.go │ │ ├── syscall_linux_mips64x.go │ │ ├── syscall_linux_mipsx.go │ │ ├── syscall_linux_ppc.go │ │ ├── syscall_linux_ppc64x.go │ │ ├── syscall_linux_riscv64.go │ │ ├── syscall_linux_s390x.go │ │ ├── syscall_linux_sparc64.go │ │ ├── syscall_netbsd.go │ │ ├── syscall_netbsd_386.go │ │ ├── syscall_netbsd_amd64.go │ │ ├── syscall_netbsd_arm.go │ │ ├── syscall_netbsd_arm64.go │ │ ├── syscall_openbsd.go │ │ ├── syscall_openbsd_386.go │ │ ├── syscall_openbsd_amd64.go │ │ ├── syscall_openbsd_arm.go │ │ ├── syscall_openbsd_arm64.go │ │ ├── syscall_openbsd_mips64.go │ │ ├── syscall_solaris.go │ │ ├── syscall_solaris_amd64.go │ │ ├── syscall_unix.go │ │ ├── syscall_unix_gc.go │ │ ├── syscall_unix_gc_ppc64x.go │ │ ├── syscall_zos_s390x.go │ │ ├── timestruct.go │ │ ├── unveil_openbsd.go │ │ ├── xattr_bsd.go │ │ ├── zerrors_aix_ppc.go │ │ ├── zerrors_aix_ppc64.go │ │ ├── zerrors_darwin_amd64.go │ │ ├── zerrors_darwin_arm64.go │ │ ├── zerrors_dragonfly_amd64.go │ │ ├── zerrors_freebsd_386.go │ │ ├── zerrors_freebsd_amd64.go │ │ ├── zerrors_freebsd_arm.go │ │ ├── zerrors_freebsd_arm64.go │ │ ├── zerrors_linux.go │ │ ├── zerrors_linux_386.go │ │ ├── zerrors_linux_amd64.go │ │ ├── zerrors_linux_arm.go │ │ ├── zerrors_linux_arm64.go │ │ ├── zerrors_linux_mips.go │ │ ├── zerrors_linux_mips64.go │ │ ├── zerrors_linux_mips64le.go │ │ ├── zerrors_linux_mipsle.go │ │ ├── zerrors_linux_ppc.go │ │ ├── zerrors_linux_ppc64.go │ │ ├── zerrors_linux_ppc64le.go │ │ ├── zerrors_linux_riscv64.go │ │ ├── zerrors_linux_s390x.go │ │ ├── zerrors_linux_sparc64.go │ │ ├── zerrors_netbsd_386.go │ │ ├── zerrors_netbsd_amd64.go │ │ ├── zerrors_netbsd_arm.go │ │ ├── zerrors_netbsd_arm64.go │ │ ├── zerrors_openbsd_386.go │ │ ├── zerrors_openbsd_amd64.go │ │ ├── zerrors_openbsd_arm.go │ │ ├── zerrors_openbsd_arm64.go │ │ ├── zerrors_openbsd_mips64.go │ │ ├── zerrors_solaris_amd64.go │ │ ├── zerrors_zos_s390x.go │ │ ├── zptrace_armnn_linux.go │ │ ├── zptrace_linux_arm64.go │ │ ├── zptrace_mipsnn_linux.go │ │ ├── zptrace_mipsnnle_linux.go │ │ ├── zptrace_x86_linux.go │ │ ├── zsyscall_aix_ppc.go │ │ ├── zsyscall_aix_ppc64.go │ │ ├── zsyscall_aix_ppc64_gc.go │ │ ├── zsyscall_aix_ppc64_gccgo.go │ │ ├── zsyscall_darwin_amd64.1_13.go │ │ ├── zsyscall_darwin_amd64.1_13.s │ │ ├── zsyscall_darwin_amd64.go │ │ ├── zsyscall_darwin_amd64.s │ │ ├── zsyscall_darwin_arm64.1_13.go │ │ ├── zsyscall_darwin_arm64.1_13.s │ │ ├── zsyscall_darwin_arm64.go │ │ ├── zsyscall_darwin_arm64.s │ │ ├── zsyscall_dragonfly_amd64.go │ │ ├── zsyscall_freebsd_386.go │ │ ├── zsyscall_freebsd_amd64.go │ │ ├── zsyscall_freebsd_arm.go │ │ ├── zsyscall_freebsd_arm64.go │ │ ├── zsyscall_illumos_amd64.go │ │ ├── zsyscall_linux.go │ │ ├── zsyscall_linux_386.go │ │ ├── zsyscall_linux_amd64.go │ │ ├── zsyscall_linux_arm.go │ │ ├── zsyscall_linux_arm64.go │ │ ├── zsyscall_linux_mips.go │ │ ├── zsyscall_linux_mips64.go │ │ ├── zsyscall_linux_mips64le.go │ │ ├── zsyscall_linux_mipsle.go │ │ ├── zsyscall_linux_ppc.go │ │ ├── zsyscall_linux_ppc64.go │ │ ├── zsyscall_linux_ppc64le.go │ │ ├── zsyscall_linux_riscv64.go │ │ ├── zsyscall_linux_s390x.go │ │ ├── zsyscall_linux_sparc64.go │ │ ├── zsyscall_netbsd_386.go │ │ ├── zsyscall_netbsd_amd64.go │ │ ├── zsyscall_netbsd_arm.go │ │ ├── zsyscall_netbsd_arm64.go │ │ ├── zsyscall_openbsd_386.go │ │ ├── zsyscall_openbsd_amd64.go │ │ ├── zsyscall_openbsd_arm.go │ │ ├── zsyscall_openbsd_arm64.go │ │ ├── zsyscall_openbsd_mips64.go │ │ ├── zsyscall_solaris_amd64.go │ │ ├── zsyscall_zos_s390x.go │ │ ├── zsysctl_openbsd_386.go │ │ ├── zsysctl_openbsd_amd64.go │ │ ├── zsysctl_openbsd_arm.go │ │ ├── zsysctl_openbsd_arm64.go │ │ ├── zsysctl_openbsd_mips64.go │ │ ├── zsysnum_darwin_amd64.go │ │ ├── zsysnum_darwin_arm64.go │ │ ├── zsysnum_dragonfly_amd64.go │ │ ├── zsysnum_freebsd_386.go │ │ ├── zsysnum_freebsd_amd64.go │ │ ├── zsysnum_freebsd_arm.go │ │ ├── zsysnum_freebsd_arm64.go │ │ ├── zsysnum_linux_386.go │ │ ├── zsysnum_linux_amd64.go │ │ ├── zsysnum_linux_arm.go │ │ ├── zsysnum_linux_arm64.go │ │ ├── zsysnum_linux_mips.go │ │ ├── zsysnum_linux_mips64.go │ │ ├── zsysnum_linux_mips64le.go │ │ ├── zsysnum_linux_mipsle.go │ │ ├── zsysnum_linux_ppc.go │ │ ├── zsysnum_linux_ppc64.go │ │ ├── zsysnum_linux_ppc64le.go │ │ ├── zsysnum_linux_riscv64.go │ │ ├── zsysnum_linux_s390x.go │ │ ├── zsysnum_linux_sparc64.go │ │ ├── zsysnum_netbsd_386.go │ │ ├── zsysnum_netbsd_amd64.go │ │ ├── zsysnum_netbsd_arm.go │ │ ├── zsysnum_netbsd_arm64.go │ │ ├── zsysnum_openbsd_386.go │ │ ├── zsysnum_openbsd_amd64.go │ │ ├── zsysnum_openbsd_arm.go │ │ ├── zsysnum_openbsd_arm64.go │ │ ├── zsysnum_openbsd_mips64.go │ │ ├── zsysnum_zos_s390x.go │ │ ├── ztypes_aix_ppc.go │ │ ├── ztypes_aix_ppc64.go │ │ ├── ztypes_darwin_amd64.go │ │ ├── ztypes_darwin_arm64.go │ │ ├── ztypes_dragonfly_amd64.go │ │ ├── ztypes_freebsd_386.go │ │ ├── ztypes_freebsd_amd64.go │ │ ├── ztypes_freebsd_arm.go │ │ ├── ztypes_freebsd_arm64.go │ │ ├── ztypes_illumos_amd64.go │ │ ├── ztypes_linux.go │ │ ├── ztypes_linux_386.go │ │ ├── ztypes_linux_amd64.go │ │ ├── ztypes_linux_arm.go │ │ ├── ztypes_linux_arm64.go │ │ ├── ztypes_linux_mips.go │ │ ├── ztypes_linux_mips64.go │ │ ├── ztypes_linux_mips64le.go │ │ ├── ztypes_linux_mipsle.go │ │ ├── ztypes_linux_ppc.go │ │ ├── ztypes_linux_ppc64.go │ │ ├── ztypes_linux_ppc64le.go │ │ ├── ztypes_linux_riscv64.go │ │ ├── ztypes_linux_s390x.go │ │ ├── ztypes_linux_sparc64.go │ │ ├── ztypes_netbsd_386.go │ │ ├── ztypes_netbsd_amd64.go │ │ ├── ztypes_netbsd_arm.go │ │ ├── ztypes_netbsd_arm64.go │ │ ├── ztypes_openbsd_386.go │ │ ├── ztypes_openbsd_amd64.go │ │ ├── ztypes_openbsd_arm.go │ │ ├── ztypes_openbsd_arm64.go │ │ ├── ztypes_openbsd_mips64.go │ │ ├── ztypes_solaris_amd64.go │ │ └── ztypes_zos_s390x.go │ └── windows │ │ ├── aliases.go │ │ ├── dll_windows.go │ │ ├── empty.s │ │ ├── env_windows.go │ │ ├── eventlog.go │ │ ├── exec_windows.go │ │ ├── memory_windows.go │ │ ├── mkerrors.bash │ │ ├── mkknownfolderids.bash │ │ ├── mksyscall.go │ │ ├── race.go │ │ ├── race0.go │ │ ├── security_windows.go │ │ ├── service.go │ │ ├── setupapierrors_windows.go │ │ ├── str.go │ │ ├── syscall.go │ │ ├── syscall_windows.go │ │ ├── types_windows.go │ │ ├── types_windows_386.go │ │ ├── types_windows_amd64.go │ │ ├── types_windows_arm.go │ │ ├── types_windows_arm64.go │ │ ├── zerrors_windows.go │ │ ├── zknownfolderids_windows.go │ │ └── zsyscall_windows.go │ ├── term │ ├── AUTHORS │ ├── CONTRIBUTING.md │ ├── CONTRIBUTORS │ ├── LICENSE │ ├── PATENTS │ ├── README.md │ ├── go.mod │ ├── go.sum │ ├── term.go │ ├── term_plan9.go │ ├── term_solaris.go │ ├── term_unix.go │ ├── term_unix_aix.go │ ├── term_unix_bsd.go │ ├── term_unix_linux.go │ ├── term_unix_zos.go │ ├── term_unsupported.go │ ├── term_windows.go │ └── terminal.go │ └── text │ ├── AUTHORS │ ├── CONTRIBUTORS │ ├── LICENSE │ ├── PATENTS │ ├── encoding │ ├── encoding.go │ └── internal │ │ └── identifier │ │ ├── identifier.go │ │ └── mib.go │ └── transform │ └── transform.go ├── gopkg.in ├── warnings.v0 │ ├── LICENSE │ ├── README │ └── warnings.go ├── yaml.v2 │ ├── .travis.yml │ ├── LICENSE │ ├── LICENSE.libyaml │ ├── NOTICE │ ├── README.md │ ├── apic.go │ ├── decode.go │ ├── emitterc.go │ ├── encode.go │ ├── go.mod │ ├── parserc.go │ ├── readerc.go │ ├── resolve.go │ ├── scannerc.go │ ├── sorter.go │ ├── writerc.go │ ├── yaml.go │ ├── yamlh.go │ └── yamlprivateh.go └── yaml.v3 │ ├── LICENSE │ ├── NOTICE │ ├── README.md │ ├── apic.go │ ├── decode.go │ ├── emitterc.go │ ├── encode.go │ ├── go.mod │ ├── parserc.go │ ├── readerc.go │ ├── resolve.go │ ├── scannerc.go │ ├── sorter.go │ ├── writerc.go │ ├── yaml.go │ ├── yamlh.go │ └── yamlprivateh.go └── modules.txt /.codespellignore: -------------------------------------------------------------------------------- 1 | aks 2 | cfsec 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, built with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | # Dependency directories (remove the comment below to include it) 15 | # vendor/ 16 | 17 | 18 | .idea/* 19 | .ideagit s -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.14 2 | 3 | USER nobody 4 | # work somewhere where we can write 5 | COPY cfsec /usr/bin/cfsec 6 | # set the default entrypoint -- when this container is run, use this command 7 | ENTRYPOINT [ "cfsec" ] 8 | # as we specified an entrypoint, this is appended as an argument (i.e., `cfsec --help`) 9 | CMD [ "--help" ] -------------------------------------------------------------------------------- /cmd/cfsec-pr-lint/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | 7 | _ "github.com/aquasecurity/cfsec/internal/app/cfsec/loader" 8 | "github.com/aquasecurity/cfsec/internal/app/cfsec/scanner" 9 | ) 10 | 11 | func main() { 12 | checks := scanner.GetRegisteredRules() 13 | fmt.Printf("Checks requiring linting: %d\n", len(checks)) 14 | 15 | linter := &linter{} 16 | 17 | for _, check := range checks { 18 | linter.lint(check) 19 | } 20 | 21 | fmt.Printf("Checks requiring action: %d\n", linter.count) 22 | os.Exit(linter.exitCode()) 23 | } 24 | -------------------------------------------------------------------------------- /docs/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM squidfunk/mkdocs-material:7.3.6 2 | 3 | COPY requirements.txt /requirements.txt 4 | RUN pip install -r /requirements.txt -------------------------------------------------------------------------------- /docs/getting-started/credits.md: -------------------------------------------------------------------------------- 1 | # Authors 2 | 3 | - [Liam Galvin][liamg] (liamg) 4 | - [Owen Rumney][owenrumney] (owenrumney) 5 | 6 | [comment]: <> (# Contributors) 7 | 8 | [comment]: <> (Thanks to all [contributors][contributors]) 9 | 10 | [liamg]: https://github.com/liamg 11 | [owenrumney]: https://github.com/owenrumney 12 | [contributors]: https://github.com/aquasecurity/cfsec/graphs/contributors -------------------------------------------------------------------------------- /docs/getting-started/installation.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Installation 3 | subtitle: Installing cfsec on your local machine 4 | author: cfsec 5 | tags: [installation, quickstart] 6 | redirect_from: 7 | - /docs/home/ 8 | --- 9 | 10 | ## Install with brew/linuxbrew: 11 | 12 | ```cmd 13 | brew tap cfsec/cfsec 14 | ``` 15 | 16 | ## Install with Chocolatey: 17 | 18 | ```cmd 19 | choco install cfsec 20 | ``` 21 | 22 | You can grab the binary for your system from the [releases page](https://github.com/aquasecurity/cfsec/releases). 23 | 24 | ## Install with Go: 25 | 26 | ```bash 27 | go install github.com/aquasecurity/cfsec/cmd/cfsec@latest 28 | ``` 29 | 30 | -------------------------------------------------------------------------------- /docs/imgs/demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/docs/imgs/demo.gif -------------------------------------------------------------------------------- /docs/imgs/homelogo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/docs/imgs/homelogo.png -------------------------------------------------------------------------------- /docs/imgs/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/docs/imgs/logo.png -------------------------------------------------------------------------------- /docs/requirements.txt: -------------------------------------------------------------------------------- 1 | mike 2 | mkdocs-macros-plugin 3 | mkdocs-include-markdown-plugin 4 | mkdocs-material -------------------------------------------------------------------------------- /example/bucket.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | AWSTemplateFormatVersion: "2010-09-09" 3 | Description: An example Stack for a bucket 4 | Parameters: 5 | BucketName: 6 | Type: String 7 | Default: naughty-bucket 8 | EncryptBucket: 9 | Type: Boolean 10 | Default: false 11 | Resources: 12 | S3Bucket: 13 | Type: 'AWS::S3::Bucket' 14 | Properties: 15 | BucketName: 16 | Ref: BucketName 17 | PublicAccessBlockConfiguration: 18 | BlockPublicAcls: false 19 | BlockPublicPolicy: false 20 | IgnorePublicAcls: true 21 | RestrictPublicBuckets: false 22 | BucketEncryption: 23 | ServerSideEncryptionConfiguration: 24 | - BucketKeyEnabled: !Ref EncryptBucket 25 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/aquasecurity/cfsec 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/apparentlymart/go-cidr v1.1.0 7 | github.com/aquasecurity/defsec v0.2.13 8 | github.com/liamg/jfather v0.0.2 9 | github.com/liamg/tml v0.4.0 10 | github.com/spf13/cobra v1.2.1 11 | github.com/stretchr/testify v1.7.0 12 | golang.org/x/net v0.0.0-20210428140749-89ef3d95e781 // indirect 13 | gopkg.in/yaml.v2 v2.4.0 14 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b 15 | ) 16 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/adapt.go: -------------------------------------------------------------------------------- 1 | package adapter 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/adapter/aws" 5 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 7 | "github.com/aquasecurity/defsec/state" 8 | ) 9 | 10 | // Adapt ... 11 | func Adapt(cfFile parser.FileContext) *state.State { 12 | defer func() { 13 | if r := recover(); r != nil { 14 | meta := cfFile.Metadata() 15 | debug.Log("An error occurred while adapting %s: \n\n\t%r", meta.Range().GetFilename(), r) 16 | } 17 | }() 18 | 19 | return &state.State{ 20 | AWS: aws.Adapt(cfFile), 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/apigateway/apigateway.go: -------------------------------------------------------------------------------- 1 | package apigateway 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/apigateway" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (gateway apigateway.APIGateway) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(gateway), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | gateway.APIs = getApis(cfFile) 21 | return gateway 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/athena/athena.go: -------------------------------------------------------------------------------- 1 | package athena 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/athena" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result athena.Athena) { 13 | 14 | defer func() { 15 | if r := recover(); r != nil { 16 | metadata := cfFile.Metadata() 17 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 18 | } 19 | }() 20 | 21 | result.Workgroups = getWorkGroups(cfFile) 22 | return result 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/cloudfront/cloudfront.go: -------------------------------------------------------------------------------- 1 | package cloudfront 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/cloudfront" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result cloudfront.Cloudfront) { 13 | 14 | defer func() { 15 | if r := recover(); r != nil { 16 | metadata := cfFile.Metadata() 17 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 18 | } 19 | }() 20 | 21 | result.Distributions = getDistributions(cfFile) 22 | return result 23 | 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/cloudtrail/cloudtrail.go: -------------------------------------------------------------------------------- 1 | package cloudtrail 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/cloudtrail" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result cloudtrail.CloudTrail) { 13 | 14 | 15 | defer func() { 16 | if r := recover(); r != nil { 17 | metadata := cfFile.Metadata() 18 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 19 | } 20 | }() 21 | 22 | result.Trails = getCloudTrails(cfFile) 23 | return result 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/cloudwatch/cloudwatch.go: -------------------------------------------------------------------------------- 1 | package cloudwatch 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/cloudwatch" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result cloudwatch.CloudWatch) { 13 | 14 | 15 | defer func() { 16 | if r := recover(); r != nil { 17 | metadata := cfFile.Metadata() 18 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 19 | } 20 | }() 21 | 22 | result.LogGroups = getLogGroups(cfFile) 23 | return result 24 | 25 | } 26 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/cloudwatch/log_group.go: -------------------------------------------------------------------------------- 1 | package cloudwatch 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/cloudwatch" 6 | ) 7 | 8 | func getLogGroups(ctx parser.FileContext) (logGroups []cloudwatch.LogGroup) { 9 | 10 | logGroupResources := ctx.GetResourceByType("AWS::Logs::LogGroup") 11 | 12 | for _, r := range logGroupResources { 13 | group := cloudwatch.LogGroup{ 14 | Metadata: r.Metadata(), 15 | Name: r.GetStringProperty("LogGroupName"), 16 | KMSKeyID: r.GetStringProperty("KmsKeyId"), 17 | } 18 | logGroups = append(logGroups, group) 19 | } 20 | 21 | return logGroups 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/codebuild/codebuild.go: -------------------------------------------------------------------------------- 1 | package codebuild 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/codebuild" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result codebuild.CodeBuild) { 13 | 14 | defer func() { 15 | if r := recover(); r != nil { 16 | metadata := cfFile.Metadata() 17 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 18 | } 19 | }() 20 | 21 | result.Projects = getProjects(cfFile) 22 | return result 23 | 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/config/config.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/config" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result config.Config) { 13 | 14 | defer func() { 15 | if r := recover(); r != nil { 16 | metadata := cfFile.Metadata() 17 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 18 | } 19 | }() 20 | 21 | result.ConfigurationAggregrator = getConfiguraionAggregator(cfFile) 22 | return result 23 | 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/documentdb/documentdb.go: -------------------------------------------------------------------------------- 1 | package documentdb 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/documentdb" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result documentdb.DocumentDB) { 13 | 14 | defer func() { 15 | if r := recover(); r != nil { 16 | metadata := cfFile.Metadata() 17 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 18 | } 19 | }() 20 | 21 | result.Clusters = getClusters(cfFile) 22 | return result 23 | 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/dynamodb/dynamodb.go: -------------------------------------------------------------------------------- 1 | package dynamodb 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/dynamodb" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result dynamodb.DynamoDB) { 13 | 14 | defer func() { 15 | if r := recover(); r != nil { 16 | metadata := cfFile.Metadata() 17 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 18 | } 19 | }() 20 | 21 | result.DAXClusters = getClusters(cfFile) 22 | return result 23 | 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ebs/ebs.go: -------------------------------------------------------------------------------- 1 | package ebs 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/ebs" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result ebs.EBS) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Volumes = getVolumes(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ebs/volume.go: -------------------------------------------------------------------------------- 1 | package ebs 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/ebs" 6 | ) 7 | 8 | func getVolumes(ctx parser.FileContext) (volumes []ebs.Volume) { 9 | 10 | volumeResources := ctx.GetResourceByType("AWS::EC2::Volume") 11 | for _, r := range volumeResources { 12 | 13 | volume := ebs.Volume{ 14 | Metadata: r.Metadata(), 15 | Encryption: ebs.Encryption{ 16 | Enabled: r.GetBoolProperty("Encrypted"), 17 | KMSKeyID: r.GetStringProperty("KmsKeyId"), 18 | }, 19 | } 20 | 21 | volumes = append(volumes, volume) 22 | } 23 | return volumes 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ec2/ec2.go: -------------------------------------------------------------------------------- 1 | package ec2 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/ec2" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result ec2.EC2) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Instances = getInstances(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ecr/ecr.go: -------------------------------------------------------------------------------- 1 | package ecr 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/ecr" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result ecr.ECR) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Repositories = getRepositories(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ecs/ecs.go: -------------------------------------------------------------------------------- 1 | package ecs 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/ecs" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result ecs.ECS) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Clusters = getClusters(cfFile) 21 | result.TaskDefinitions = getTaskDefinitions(cfFile) 22 | return result 23 | 24 | } 25 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/efs/efs.go: -------------------------------------------------------------------------------- 1 | package efs 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/efs" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result efs.EFS) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.FileSystems = getFileSystems(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/efs/filesystem.go: -------------------------------------------------------------------------------- 1 | package efs 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/efs" 6 | ) 7 | 8 | func getFileSystems(ctx parser.FileContext) (filesystems []efs.FileSystem) { 9 | 10 | filesystemResources := ctx.GetResourceByType("AWS::EFS::FileSystem") 11 | 12 | for _, r := range filesystemResources { 13 | 14 | filesystem := efs.FileSystem{ 15 | Metadata: r.Metadata(), 16 | Encrypted: r.GetBoolProperty("Encrypted"), 17 | } 18 | 19 | filesystems = append(filesystems, filesystem) 20 | } 21 | 22 | return filesystems 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/eks/eks.go: -------------------------------------------------------------------------------- 1 | package eks 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/eks" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result eks.EKS) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Clusters = getClusters(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/elasticache/security_group.go: -------------------------------------------------------------------------------- 1 | package elasticache 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/elasticache" 6 | ) 7 | 8 | func getSecurityGroups(ctx parser.FileContext) (securityGroups []elasticache.SecurityGroup) { 9 | 10 | sgResources := ctx.GetResourceByType("AWS::ElastiCache::SecurityGroup") 11 | 12 | for _, r := range sgResources { 13 | 14 | sg := elasticache.SecurityGroup{ 15 | Metadata: r.Metadata(), 16 | Description: r.GetStringProperty("Description"), 17 | } 18 | securityGroups = append(securityGroups, sg) 19 | } 20 | 21 | return securityGroups 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/elasticsearch/elasticsearch.go: -------------------------------------------------------------------------------- 1 | package elasticsearch 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/elasticsearch" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result elasticsearch.Elasticsearch) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Domains = getDomains(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/elb/elb.go: -------------------------------------------------------------------------------- 1 | package elb 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/elb" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result elb.ELB) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.LoadBalancers = getLoadBalancers(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/kinesis/kinesis.go: -------------------------------------------------------------------------------- 1 | package kinesis 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/kinesis" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result kinesis.Kinesis) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Streams = getStreams(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/lambda/lambda.go: -------------------------------------------------------------------------------- 1 | package lambda 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/lambda" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result lambda.Lambda) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Functions = getFunctions(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/mq/broker.go: -------------------------------------------------------------------------------- 1 | package mq 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/mq" 6 | ) 7 | 8 | func getBrokers(ctx parser.FileContext) (brokers []mq.Broker) { 9 | for _, r := range ctx.GetResourceByType("AWS::AmazonMQ::Broker") { 10 | 11 | broker := mq.Broker{ 12 | Metadata: r.Metadata(), 13 | PublicAccess: r.GetBoolProperty("PubliclyAccessible"), 14 | Logging: mq.Logging{ 15 | General: r.GetBoolProperty("Logs.General"), 16 | Audit: r.GetBoolProperty("Logs.Audit"), 17 | }, 18 | } 19 | 20 | brokers = append(brokers, broker) 21 | } 22 | return brokers 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/mq/mq.go: -------------------------------------------------------------------------------- 1 | package mq 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/mq" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result mq.MQ) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Brokers = getBrokers(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/msk/msk.go: -------------------------------------------------------------------------------- 1 | package msk 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/msk" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result msk.MSK) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Clusters = getClusters(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/neptune/neptune.go: -------------------------------------------------------------------------------- 1 | package neptune 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/neptune" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result neptune.Neptune) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Clusters = getClusters(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/sns/sns.go: -------------------------------------------------------------------------------- 1 | package sns 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/sns" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result sns.SNS) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Topics = getTopics(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/sns/topic.go: -------------------------------------------------------------------------------- 1 | package sns 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/sns" 6 | ) 7 | 8 | func getTopics(ctx parser.FileContext) (topics []sns.Topic) { 9 | for _, r := range ctx.GetResourceByType("AWS::SNS::Topic") { 10 | 11 | topic := sns.Topic{ 12 | Metadata: r.Metadata(), 13 | Encryption: sns.Encryption{ 14 | KMSKeyID: r.GetStringProperty("KmsMasterKeyId"), 15 | }, 16 | } 17 | 18 | topics = append(topics, topic) 19 | } 20 | return topics 21 | } 22 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/sqs/sqs.go: -------------------------------------------------------------------------------- 1 | package sqs 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/sqs" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result sqs.SQS) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Queues = getQueues(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ssm/secret.go: -------------------------------------------------------------------------------- 1 | package ssm 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 5 | "github.com/aquasecurity/defsec/provider/aws/ssm" 6 | ) 7 | 8 | func getSecrets(ctx parser.FileContext) (secrets []ssm.Secret) { 9 | for _, r := range ctx.GetResourceByType("AWS::SecretsManager::Secret") { 10 | secret := ssm.Secret{ 11 | Metadata: r.Metadata(), 12 | KMSKeyID: r.GetStringProperty("KmsKeyId"), 13 | } 14 | 15 | secrets = append(secrets, secret) 16 | } 17 | return secrets 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/ssm/ssm.go: -------------------------------------------------------------------------------- 1 | package ssm 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/ssm" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result ssm.SSM) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.Secrets = getSecrets(cfFile) 21 | return result 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/adapter/aws/workspaces/workspaces.go: -------------------------------------------------------------------------------- 1 | package workspaces 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/debug" 7 | "github.com/aquasecurity/cfsec/internal/app/cfsec/parser" 8 | "github.com/aquasecurity/defsec/provider/aws/workspaces" 9 | ) 10 | 11 | // Adapt ... 12 | func Adapt(cfFile parser.FileContext) (result workspaces.WorkSpaces) { 13 | defer func() { 14 | if r := recover(); r != nil { 15 | metadata := cfFile.Metadata() 16 | debug.Log("There were errors adapting %s from %s", reflect.TypeOf(result), metadata.Range().GetFilename()) 17 | } 18 | }() 19 | 20 | result.WorkSpaces = getWorkSpaces(cfFile) 21 | return result 22 | } 23 | -------------------------------------------------------------------------------- /internal/app/cfsec/cftypes/types.go: -------------------------------------------------------------------------------- 1 | package cftypes 2 | 3 | // CfType ... 4 | type CfType string 5 | 6 | // String ... 7 | const ( 8 | String CfType = "string" 9 | Int = "int" 10 | Float64 = "float64" 11 | Bool = "bool" 12 | Map = "map" 13 | List = "list" 14 | ) 15 | -------------------------------------------------------------------------------- /internal/app/cfsec/debug/errors.go: -------------------------------------------------------------------------------- 1 | package debug 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | var errors []string 8 | 9 | // Error ... 10 | func Error(format string, args ...interface{}) { 11 | if !Enabled { 12 | return 13 | } 14 | errors = append(errors, fmt.Sprintf(format, args...)) 15 | 16 | } 17 | -------------------------------------------------------------------------------- /internal/app/cfsec/debug/log.go: -------------------------------------------------------------------------------- 1 | package debug 2 | 3 | import ( 4 | "fmt" 5 | "time" 6 | ) 7 | 8 | // Enabled ... 9 | var Enabled bool 10 | 11 | // Log ... 12 | func Log(format string, args ...interface{}) { 13 | if !Enabled { 14 | return 15 | } 16 | line := fmt.Sprintf(format, args...) 17 | fmt.Printf("[DEBUG][%s] %s\n", time.Now(), line) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/parser/fn_base64.go: -------------------------------------------------------------------------------- 1 | package parser 2 | 3 | import ( 4 | "encoding/base64" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/cftypes" 7 | ) 8 | 9 | // ResolveBase64 ... 10 | func ResolveBase64(property *Property) (*Property, bool) { 11 | if !property.isFunction() { 12 | return property, true 13 | } 14 | 15 | refValue := property.AsMap()["Fn::Base64"].AsString() 16 | 17 | retVal := base64.StdEncoding.EncodeToString([]byte(refValue)) 18 | 19 | return property.deriveResolved(cftypes.String, retVal), true 20 | } 21 | -------------------------------------------------------------------------------- /internal/app/cfsec/parser/fn_equals.go: -------------------------------------------------------------------------------- 1 | package parser 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/cftypes" 5 | ) 6 | 7 | // ResolveEquals ... 8 | func ResolveEquals(property *Property) (resolved *Property, success bool) { 9 | if !property.isFunction() { 10 | return property, true 11 | } 12 | 13 | refValue := property.AsMap()["Fn::Equals"].AsList() 14 | 15 | if len(refValue) != 2 { 16 | return abortIntrinsic(property, "Fn::Equals should have exactly 2 values, returning original Property") 17 | } 18 | 19 | propA, _ := refValue[0].resolveValue() 20 | propB, _ := refValue[1].resolveValue() 21 | return property.deriveResolved(cftypes.Bool, propA.EqualTo(propB.RawValue())), true 22 | 23 | } 24 | -------------------------------------------------------------------------------- /internal/app/cfsec/parser/option.go: -------------------------------------------------------------------------------- 1 | 2 | package parser 3 | 4 | import ( 5 | "strings" 6 | ) 7 | 8 | type Option func(p *Parser) 9 | 10 | func ProvidedParametersOption(parameters string) Option { 11 | 12 | pairs := strings.Split(parameters, ",") 13 | params := make(map[string]Parameter) 14 | 15 | for _, pair := range pairs { 16 | pairParts := strings.Split(pair, "=") 17 | if len(pairParts) != 2 { 18 | continue 19 | } 20 | key := pairParts[0] 21 | val := pairParts[1] 22 | params[key] = Parameter{ 23 | inner: parameterInner{ 24 | Type: "", 25 | Default: val, 26 | }, 27 | } 28 | } 29 | 30 | return func(p *Parser) { 31 | p.parameters = params 32 | } 33 | } -------------------------------------------------------------------------------- /internal/app/cfsec/parser/pseudo_parameters.go: -------------------------------------------------------------------------------- 1 | package parser 2 | 3 | var pseudoParameters = map[string]interface{} { 4 | "AWS::AccountId": "123456789012", 5 | "AWS::NotificationARNs": []string{ "notification::arn::1", "notification::arn::2" }, 6 | "AWS::NoValue": "", 7 | "AWS::Partition": "aws", 8 | "AWS::Region": "eu-west-1", 9 | "AWS::StackId": "arn:aws:cloudformation:eu-west-1:stack/ID", 10 | "AWS::StackName": "cfsec-test-stack", 11 | } 12 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/apigateway/enable_access_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package apigateway 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/apigateway" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableAccessLogging_FailureExamples(t *testing.T) { 11 | expectedCode := apigateway.CheckEnableAccessLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableAccessLogging_PassedExamples(t *testing.T) { 16 | expectedCode := apigateway.CheckEnableAccessLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/athena/enable_at_rest_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package athena 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/athena" 6 | "testing" 7 | ) 8 | 9 | func Test_CheckEnableAtRestEncryption_FailureExamples(t *testing.T) { 10 | expectedCode := athena.CheckEnableAtRestEncryption.Rule().LongID() 11 | test.RunFailureExamplesTest(t, expectedCode) 12 | } 13 | 14 | func Test_CheckEnableAtRestEncryption_PassedExamples(t *testing.T) { 15 | expectedCode := athena.CheckEnableAtRestEncryption.Rule().LongID() 16 | test.RunPassingExamplesTest(t, expectedCode) 17 | } 18 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/athena/no_encryption_override_rule_test.go: -------------------------------------------------------------------------------- 1 | package athena 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/athena" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckNoEncryptionOverride_FailureExamples(t *testing.T) { 11 | expectedCode := athena.CheckNoEncryptionOverride.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoEncryptionOverride_PassedExamples(t *testing.T) { 16 | expectedCode := athena.CheckNoEncryptionOverride.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/autoscaling/enable_at_rest_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package autoscaling 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/autoscaling" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableAtRestEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := autoscaling.CheckEnableAtRestEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableAtRestEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := autoscaling.CheckEnableAtRestEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/autoscaling/no_public_ip_rule_test.go: -------------------------------------------------------------------------------- 1 | package autoscaling 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/autoscaling" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckNoPublicIp_FailureExamples(t *testing.T) { 11 | expectedCode := autoscaling.CheckNoPublicIp.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicIp_PassedExamples(t *testing.T) { 16 | expectedCode := autoscaling.CheckNoPublicIp.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudfront/enable_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudfront 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudfront" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableLogging_FailureExamples(t *testing.T) { 11 | expectedCode := cloudfront.CheckEnableLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableLogging_PassedExamples(t *testing.T) { 16 | expectedCode := cloudfront.CheckEnableLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudfront/enable_waf_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudfront 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudfront" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableWaf_FailureExamples(t *testing.T) { 11 | expectedCode := cloudfront.CheckEnableWaf.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableWaf_PassedExamples(t *testing.T) { 16 | expectedCode := cloudfront.CheckEnableWaf.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudfront/enforce_https_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudfront 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudfront" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnforceHttps_FailureExamples(t *testing.T) { 11 | expectedCode := cloudfront.CheckEnforceHttps.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnforceHttps_PassedExamples(t *testing.T) { 16 | expectedCode := cloudfront.CheckEnforceHttps.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudfront/use_secure_tls_policy_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudfront 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudfront" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckUseSecureTlsPolicy_FailureExamples(t *testing.T) { 11 | expectedCode := cloudfront.CheckUseSecureTlsPolicy.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckUseSecureTlsPolicy_PassedExamples(t *testing.T) { 16 | expectedCode := cloudfront.CheckUseSecureTlsPolicy.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudtrail/enable_all_regions_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudtrail 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudtrail" 6 | "testing" 7 | ) 8 | 9 | func Test_CheckEnableAllRegions_FailureExamples(t *testing.T) { 10 | expectedCode := cloudtrail.CheckEnableAllRegions.Rule().LongID() 11 | test.RunFailureExamplesTest(t, expectedCode) 12 | } 13 | 14 | func Test_CheckEnableAllRegions_PassedExamples(t *testing.T) { 15 | expectedCode := cloudtrail.CheckEnableAllRegions.Rule().LongID() 16 | test.RunPassingExamplesTest(t, expectedCode) 17 | } 18 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudtrail/enable_at_rest_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudtrail 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudtrail" 6 | "testing" 7 | ) 8 | 9 | func Test_CheckEnableAtRestEncryption_FailureExamples(t *testing.T) { 10 | expectedCode := cloudtrail.CheckEnableAtRestEncryption.Rule().LongID() 11 | test.RunFailureExamplesTest(t, expectedCode) 12 | } 13 | 14 | func Test_CheckEnableAtRestEncryption_PassedExamples(t *testing.T) { 15 | expectedCode := cloudtrail.CheckEnableAtRestEncryption.Rule().LongID() 16 | test.RunPassingExamplesTest(t, expectedCode) 17 | } 18 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudtrail/enable_log_validation_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudtrail 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudtrail" 6 | "testing" 7 | ) 8 | 9 | func Test_CheckEnableLogValidation_FailureExamples(t *testing.T) { 10 | expectedCode := cloudtrail.CheckEnableLogValidation.Rule().LongID() 11 | test.RunFailureExamplesTest(t, expectedCode) 12 | } 13 | 14 | func Test_CheckEnableLogValidation_PassedExamples(t *testing.T) { 15 | expectedCode := cloudtrail.CheckEnableLogValidation.Rule().LongID() 16 | test.RunPassingExamplesTest(t, expectedCode) 17 | } 18 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/cloudwatch/log_group_customer_key_rule_test.go: -------------------------------------------------------------------------------- 1 | package cloudwatch 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/cloudwatch" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckLogGroupCustomerKey_FailureExamples(t *testing.T) { 11 | expectedCode := cloudwatch.CheckLogGroupCustomerKey.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckLogGroupCustomerKey_PassedExamples(t *testing.T) { 16 | expectedCode := cloudwatch.CheckLogGroupCustomerKey.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/codebuild/enable_artifect_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package codebuild 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/codebuild" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := codebuild.CheckEnableEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := codebuild.CheckEnableEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/config/aggregate_all_regions_rule_test.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/config" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckAggregateAllRegions_FailureExamples(t *testing.T) { 11 | expectedCode := config.CheckAggregateAllRegions.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckAggregateAllRegions_PassedExamples(t *testing.T) { 16 | expectedCode := config.CheckAggregateAllRegions.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/documentdb/enable_log_export_rule_test.go: -------------------------------------------------------------------------------- 1 | package documentdb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/documentdb" 8 | ) 9 | 10 | func Test_CheckEnableLogExport_FailureExamples(t *testing.T) { 11 | expectedCode := documentdb.CheckEnableLogExport.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableLogExport_PassedExamples(t *testing.T) { 16 | expectedCode := documentdb.CheckEnableLogExport.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/documentdb/enable_storage_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package documentdb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/documentdb" 8 | ) 9 | 10 | func Test_CheckEnableStorageEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := documentdb.CheckEnableStorageEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableStorageEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := documentdb.CheckEnableStorageEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/documentdb/encryption_customer_key_rule_test.go: -------------------------------------------------------------------------------- 1 | package documentdb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/documentdb" 8 | ) 9 | 10 | func Test_CheckEncryptionCustomerKey_FailureExamples(t *testing.T) { 11 | expectedCode := documentdb.CheckEncryptionCustomerKey.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptionCustomerKey_PassedExamples(t *testing.T) { 16 | expectedCode := documentdb.CheckEncryptionCustomerKey.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/dynamodb/enable_at_rest_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package dynamodb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/dynamodb" 8 | ) 9 | 10 | func Test_CheckEnableAtRestEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := dynamodb.CheckEnableAtRestEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableAtRestEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := dynamodb.CheckEnableAtRestEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ebs/enable_volume_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package ebs 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ebs" 8 | ) 9 | 10 | func Test_CheckEnableVolumeEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := ebs.CheckEnableVolumeEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableVolumeEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := ebs.CheckEnableVolumeEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ebs/encryption_customer_key_rule_test.go: -------------------------------------------------------------------------------- 1 | package ebs 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ebs" 8 | ) 9 | 10 | func Test_CheckEncryptionCustomerKey_FailureExamples(t *testing.T) { 11 | expectedCode := ebs.CheckEncryptionCustomerKey.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptionCustomerKey_PassedExamples(t *testing.T) { 16 | expectedCode := ebs.CheckEncryptionCustomerKey.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ec2/no_secrets_in_user_data_rule_test.go: -------------------------------------------------------------------------------- 1 | package ec2 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ec2" 8 | ) 9 | 10 | func Test_CheckNoSecretsInUserData_FailureExamples(t *testing.T) { 11 | expectedCode := ec2.CheckNoSecretsInUserData.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoSecretsInUserData_PassedExamples(t *testing.T) { 16 | expectedCode := ec2.CheckNoSecretsInUserData.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecr/enable_image_scanning_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecr 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecr" 8 | ) 9 | 10 | func Test_CheckEnableImageScans_FailureExamples(t *testing.T) { 11 | expectedCode := ecr.CheckEnableImageScans.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableImageScans_PassedExamples(t *testing.T) { 16 | expectedCode := ecr.CheckEnableImageScans.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecr/enforce_immutable_repository_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecr 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecr" 8 | ) 9 | 10 | func Test_CheckEnforceImmutableRepository_FailureExamples(t *testing.T) { 11 | expectedCode := ecr.CheckEnforceImmutableRepository.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnforceImmutableRepository_PassedExamples(t *testing.T) { 16 | expectedCode := ecr.CheckEnforceImmutableRepository.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecr/no_public_access_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecr 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecr" 8 | ) 9 | 10 | func Test_CheckNoPublicAccess_FailureExamples(t *testing.T) { 11 | expectedCode := ecr.CheckNoPublicAccess.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicAccess_PassedExamples(t *testing.T) { 16 | expectedCode := ecr.CheckNoPublicAccess.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecr/repository_customer_key_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecr 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecr" 8 | ) 9 | 10 | func Test_CheckRepositoryCustomerKey_FailureExamples(t *testing.T) { 11 | expectedCode := ecr.CheckRepositoryCustomerKey.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckRepositoryCustomerKey_PassedExamples(t *testing.T) { 16 | expectedCode := ecr.CheckRepositoryCustomerKey.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecs/enable_container_insight_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecs 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecs" 8 | ) 9 | 10 | func Test_CheckEnableContainerInsight_FailureExamples(t *testing.T) { 11 | expectedCode := ecs.CheckEnableContainerInsight.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableContainerInsight_PassedExamples(t *testing.T) { 16 | expectedCode := ecs.CheckEnableContainerInsight.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecs/enable_in_transit_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecs 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecs" 8 | ) 9 | 10 | func Test_CheckEnableInTransitEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := ecs.CheckEnableInTransitEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableInTransitEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := ecs.CheckEnableInTransitEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ecs/no_plaintext_secrets_rule_test.go: -------------------------------------------------------------------------------- 1 | package ecs 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ecs" 8 | ) 9 | 10 | func Test_CheckNoPlaintextSecrets_FailureExamples(t *testing.T) { 11 | expectedCode := ecs.CheckNoPlaintextSecrets.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPlaintextSecrets_PassedExamples(t *testing.T) { 16 | expectedCode := ecs.CheckNoPlaintextSecrets.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/efs/enable_at_rest_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package efs 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/efs" 8 | ) 9 | 10 | func Test_CheckEnableAtRestEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := efs.CheckEnableAtRestEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableAtRestEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := efs.CheckEnableAtRestEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/eks/encrypt_secrets_rule_test.go: -------------------------------------------------------------------------------- 1 | package eks 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/eks" 8 | ) 9 | 10 | func Test_CheckEncryptSecrets_FailureExamples(t *testing.T) { 11 | expectedCode := eks.CheckEncryptSecrets.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptSecrets_PassedExamples(t *testing.T) { 16 | expectedCode := eks.CheckEncryptSecrets.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticache/add_description_for_security_group_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticache 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticache" 8 | ) 9 | 10 | func Test_CheckAddDescriptionForSecurityGroup_FailureExamples(t *testing.T) { 11 | expectedCode := elasticache.CheckAddDescriptionForSecurityGroup.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckAddDescriptionForSecurityGroup_PassedExamples(t *testing.T) { 16 | expectedCode := elasticache.CheckAddDescriptionForSecurityGroup.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticache/enable_backup_retention_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticache 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticache" 8 | ) 9 | 10 | func Test_CheckEnableBackupRetention_FailureExamples(t *testing.T) { 11 | expectedCode := elasticache.CheckEnableBackupRetention.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableBackupRetention_PassedExamples(t *testing.T) { 16 | expectedCode := elasticache.CheckEnableBackupRetention.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticache/enable_in_transit_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticache 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticache" 8 | ) 9 | 10 | func Test_CheckEnableInTransitEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := elasticache.CheckEnableInTransitEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableInTransitEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := elasticache.CheckEnableInTransitEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticsearch/enable_domain_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticsearch 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticsearch" 8 | ) 9 | 10 | func Test_CheckEnableDomainEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := elasticsearch.CheckEnableDomainEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableDomainEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := elasticsearch.CheckEnableDomainEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticsearch/enable_domain_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticsearch 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticsearch" 8 | ) 9 | 10 | func Test_CheckEnableDomainLogging_FailureExamples(t *testing.T) { 11 | expectedCode := elasticsearch.CheckEnableDomainLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableDomainLogging_PassedExamples(t *testing.T) { 16 | expectedCode := elasticsearch.CheckEnableDomainLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticsearch/enable_in_transit_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticsearch 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticsearch" 8 | ) 9 | 10 | func Test_CheckEnableInTransitEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := elasticsearch.CheckEnableInTransitEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableInTransitEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := elasticsearch.CheckEnableInTransitEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticsearch/enforce_https_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticsearch 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticsearch" 8 | ) 9 | 10 | func Test_CheckEnforceHttps_FailureExamples(t *testing.T) { 11 | expectedCode := elasticsearch.CheckEnforceHttps.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnforceHttps_PassedExamples(t *testing.T) { 16 | expectedCode := elasticsearch.CheckEnforceHttps.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elasticsearch/use_secure_tls_policy_rule_test.go: -------------------------------------------------------------------------------- 1 | package elasticsearch 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elasticsearch" 8 | ) 9 | 10 | func Test_CheckUseSecureTlsPolicy_FailureExamples(t *testing.T) { 11 | expectedCode := elasticsearch.CheckUseSecureTlsPolicy.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckUseSecureTlsPolicy_PassedExamples(t *testing.T) { 16 | expectedCode := elasticsearch.CheckUseSecureTlsPolicy.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elb/alb_not_public_rule_test.go: -------------------------------------------------------------------------------- 1 | package elb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elb" 8 | ) 9 | 10 | func CheckAlbNotPublic_FailureExamples(t *testing.T) { 11 | expectedCode := elb.CheckAlbNotPublic.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckAlbNotPublic_PassedExamples(t *testing.T) { 16 | expectedCode := elb.CheckAlbNotPublic.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elb/drop_invalid_headers_rule_test.go: -------------------------------------------------------------------------------- 1 | package elb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elb" 8 | ) 9 | 10 | func Test_CheckDropInvalidHeaders_FailureExamples(t *testing.T) { 11 | expectedCode := elb.CheckDropInvalidHeaders.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckDropInvalidHeaders_PassedExamples(t *testing.T) { 16 | expectedCode := elb.CheckDropInvalidHeaders.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elb/http_not_used_rule_test.go: -------------------------------------------------------------------------------- 1 | package elb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elb" 8 | ) 9 | 10 | func Test_CheckHttpNotUsed_FailureExamples(t *testing.T) { 11 | expectedCode := elb.CheckHttpNotUsed.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckHttpNotUsed_PassedExamples(t *testing.T) { 16 | expectedCode := elb.CheckHttpNotUsed.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/elb/use_secure_tls_policy_rule_test.go: -------------------------------------------------------------------------------- 1 | package elb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/elb" 8 | ) 9 | 10 | func Test_CheckUseSecureTlsPolicy_FailureExamples(t *testing.T) { 11 | expectedCode := elb.CheckUseSecureTlsPolicy.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckUseSecureTlsPolicy_PassedExamples(t *testing.T) { 16 | expectedCode := elb.CheckUseSecureTlsPolicy.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/iam/no_policy_wildcards_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/iam" 8 | ) 9 | 10 | func Test_CheckNoPolicyWildcards_FailureExamples(t *testing.T) { 11 | expectedCode := iam.CheckNoPolicyWildcards.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPolicyWildcards_SuccessExamples(t *testing.T) { 16 | expectedCode := iam.CheckNoPolicyWildcards.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/kinesis/enable_in_transit_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package kinesis 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/kinesis" 8 | ) 9 | 10 | func Test_CheckEnableInTransitEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := kinesis.CheckEnableInTransitEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableInTransitEncryption_SuccessExamples(t *testing.T) { 16 | expectedCode := kinesis.CheckEnableInTransitEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/lambda/enable_tracing_rule_test.go: -------------------------------------------------------------------------------- 1 | package lambda 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/lambda" 8 | ) 9 | 10 | func Test_CheckEnableTracing_FailureExamples(t *testing.T) { 11 | expectedCode := lambda.CheckEnableTracing.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableTracing_SuccessExamples(t *testing.T) { 16 | expectedCode := lambda.CheckEnableTracing.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/lambda/restrict_source_arn_rule_test.go: -------------------------------------------------------------------------------- 1 | package lambda 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/lambda" 8 | ) 9 | 10 | func Test_CheckRestrictSourceArn_FailureExamples(t *testing.T) { 11 | expectedCode := lambda.CheckRestrictSourceArn.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckRestrictSourceArn_SuccessExamples(t *testing.T) { 16 | expectedCode := lambda.CheckRestrictSourceArn.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/mq/enable_audit_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/mq" 8 | ) 9 | 10 | func Test_CheckEnableAuditLogging_FailureExamples(t *testing.T) { 11 | expectedCode := mq.CheckEnableAuditLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableAuditLogging_SuccessExamples(t *testing.T) { 16 | expectedCode := mq.CheckEnableAuditLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/mq/enable_general_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/mq" 8 | ) 9 | 10 | func Test_CheckEnableGeneralLogging_FailureExamples(t *testing.T) { 11 | expectedCode := mq.CheckEnableGeneralLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableGeneralLogging_SuccessExamples(t *testing.T) { 16 | expectedCode := mq.CheckEnableGeneralLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/mq/no_public_access_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/mq" 8 | ) 9 | 10 | func Test_CheckNoPublicAccess_FailureExamples(t *testing.T) { 11 | expectedCode := mq.CheckNoPublicAccess.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicAccess_SuccessExamples(t *testing.T) { 16 | expectedCode := mq.CheckNoPublicAccess.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/msk/enable_in_transit_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/msk" 8 | ) 9 | 10 | func Test_CheckEnableInTransitEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := msk.CheckEnableInTransitEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableInTransitEncryption_SuccessExamples(t *testing.T) { 16 | expectedCode := msk.CheckEnableInTransitEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/msk/enable_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/msk" 8 | ) 9 | 10 | func Test_CheckEnableLogging_FailureExamples(t *testing.T) { 11 | expectedCode := msk.CheckEnableLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableLogging_SuccessExamples(t *testing.T) { 16 | expectedCode := msk.CheckEnableLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/neptune/enable_log_export_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/neptune" 8 | ) 9 | 10 | func Test_CheckEnableLogExport_FailureExamples(t *testing.T) { 11 | expectedCode := neptune.CheckEnableLogExport.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableLogExport_SuccessExamples(t *testing.T) { 16 | expectedCode := neptune.CheckEnableLogExport.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/neptune/enable_storage_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/neptune" 8 | ) 9 | 10 | func Test_CheckEnableStorageEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := neptune.CheckEnableStorageEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableStorageEncryption_SuccessExamples(t *testing.T) { 16 | expectedCode := neptune.CheckEnableStorageEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/rds/enable_performance_insights_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/rds" 8 | ) 9 | 10 | func Test_CheckEnablePerformanceInsights_FailureExamples(t *testing.T) { 11 | expectedCode := rds.CheckEnablePerformanceInsights.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnablePerformanceInsights_SuccessExamples(t *testing.T) { 16 | expectedCode := rds.CheckEnablePerformanceInsights.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/rds/encrypt_cluster_storage_data_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/rds" 8 | ) 9 | 10 | func Test_CheckEncryptClusterStorageData_FailureExamples(t *testing.T) { 11 | expectedCode := rds.CheckEncryptClusterStorageData.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptClusterStorageData_SuccessExamples(t *testing.T) { 16 | expectedCode := rds.CheckEncryptClusterStorageData.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/rds/encrypt_instance_storage_data_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/rds" 8 | ) 9 | 10 | func Test_CheckEncryptInstanceStorageData_FailureExamples(t *testing.T) { 11 | expectedCode := rds.CheckEncryptInstanceStorageData.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptInstanceStorageData_SuccessExamples(t *testing.T) { 16 | expectedCode := rds.CheckEncryptInstanceStorageData.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/rds/no_classic_resources_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/rds" 8 | ) 9 | 10 | func Test_CheckNoClassicResources_FailureExamples(t *testing.T) { 11 | expectedCode := rds.CheckNoClassicResources.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoClassicResources_SuccessExamples(t *testing.T) { 16 | expectedCode := rds.CheckNoClassicResources.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/rds/no_public_db_access_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/rds" 8 | ) 9 | 10 | func Test_CheckNoPublicDbAccess_FailureExamples(t *testing.T) { 11 | expectedCode := rds.CheckNoPublicDbAccess.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicDbAccess_SuccessExamples(t *testing.T) { 16 | expectedCode := rds.CheckNoPublicDbAccess.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/rds/specify_backup_retention_rule_test.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/rds" 8 | ) 9 | 10 | func Test_CheckBackupRetentionSpecified_FailureExamples(t *testing.T) { 11 | expectedCode := rds.CheckBackupRetentionSpecified.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckBackupRetentionSpecified_SuccessExamples(t *testing.T) { 16 | expectedCode := rds.CheckBackupRetentionSpecified.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/redshift/add_description_to_security_group_rule_test.go: -------------------------------------------------------------------------------- 1 | package redshift 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/redshift" 8 | ) 9 | 10 | func Test_CheckAddDescriptionToSecurityGroup_FailureExamples(t *testing.T) { 11 | expectedCode := redshift.CheckAddDescriptionToSecurityGroup.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckAddDescriptionToSecurityGroup_SuccessExamples(t *testing.T) { 16 | expectedCode := redshift.CheckAddDescriptionToSecurityGroup.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/redshift/encryption_customer_key_rule_test.go: -------------------------------------------------------------------------------- 1 | package redshift 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/redshift" 8 | ) 9 | 10 | func Test_CheckEncryptionCustomerKey_FailureExamples(t *testing.T) { 11 | expectedCode := redshift.CheckEncryptionCustomerKey.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptionCustomerKey_SuccessExamples(t *testing.T) { 16 | expectedCode := redshift.CheckEncryptionCustomerKey.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/redshift/no_classic_resources_rule_test.go: -------------------------------------------------------------------------------- 1 | package redshift 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/redshift" 8 | ) 9 | 10 | func Test_CheckNoClassicResources_FailureExamples(t *testing.T) { 11 | expectedCode := redshift.CheckNoClassicResources.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoClassicResources_SuccessExamples(t *testing.T) { 16 | expectedCode := redshift.CheckNoClassicResources.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/redshift/use_vpc_rule_test.go: -------------------------------------------------------------------------------- 1 | package redshift 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/redshift" 8 | ) 9 | 10 | func Test_CheckUsesVPC_FailureExamples(t *testing.T) { 11 | expectedCode := redshift.CheckUsesVPC.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckUsesVPC_SuccessExamples(t *testing.T) { 16 | expectedCode := redshift.CheckUsesVPC.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/block_public_acls_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckPublicACLsAreBlocked_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckPublicACLsAreBlocked.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckPublicACLsAreBlocked_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckPublicACLsAreBlocked.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/block_public_policy_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckPublicPoliciesAreBlocked_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckPublicPoliciesAreBlocked.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckPublicPoliciesAreBlocked_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckPublicPoliciesAreBlocked.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/enable_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEncryptionIsEnabled_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckEncryptionIsEnabled.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEncryptionIsEnabled_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckEncryptionIsEnabled.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/enable_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckLoggingIsEnabled_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckLoggingIsEnabled.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckLoggingIsEnabled_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckLoggingIsEnabled.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/enable_versioning_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckVersioningIsEnabled_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckVersioningIsEnabled.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckVersioningIsEnabled_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckVersioningIsEnabled.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/ignore_public_acls_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckPublicACLsAreIgnored_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckPublicACLsAreIgnored.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckPublicACLsAreIgnored_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckPublicACLsAreIgnored.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/no_pubic_acls_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckForPublicACL_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckForPublicACL.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckForPublicACL_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckForPublicACL.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/require_public_access_block_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckBucketsHavePublicAccessBlocks_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckBucketsHavePublicAccessBlocks.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckBucketsHavePublicAccessBlocks_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckBucketsHavePublicAccessBlocks.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/s3/restrict_public_buckets_rule_test.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/s3" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckPublicBucketsAreRestricted_FailureExamples(t *testing.T) { 11 | expectedCode := s3.CheckPublicBucketsAreRestricted.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckPublicBucketsAreRestricted_PassedExamples(t *testing.T) { 16 | expectedCode := s3.CheckPublicBucketsAreRestricted.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/api_use_secure_tls_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckApiUseSecureTlsPolicy_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckApiUseSecureTlsPolicy.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckApiUseSecureTlsPolicy_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckApiUseSecureTlsPolicy.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_api_access_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableApiAccessLogging_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableApiAccessLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableApiAccessLogging_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableApiAccessLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_api_cache_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableApiCacheEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableApiCacheEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableApiCacheEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableApiCacheEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_api_tracing_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableApiTracingFailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableApiTracing.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableApiTracing_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableApiTracing.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_function_tracing_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableFunctionTracing_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableFunctionTracing.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableFunctionTracing_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableFunctionTracing.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_http_api_access_logging_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableHttpApiAccessLogging_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableApiAccessLogging.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableHttpApiAccessLogging_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableHttpApiAccessLogging.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_state_machine_tracing_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckEnableStateMachineTracing_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableStateMachineTracing.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableStateMachineTracing_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableStateMachineTracing.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/enable_table_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/sam" 8 | ) 9 | 10 | func Test_CheckEnableTableEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckEnableTableEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableTableEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckEnableTableEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/no_function_policy_wildcards_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckNoFunctionPolicyWildcards_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckNoFunctionPolicyWildcards.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoFunctionPolicyWildcards_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckNoFunctionPolicyWildcards.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sam/no_state_machine_policy_wildcards_rule_test.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | import ( 4 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 5 | "github.com/aquasecurity/defsec/rules/aws/sam" 6 | 7 | "testing" 8 | ) 9 | 10 | func Test_CheckNoStateMachinePolicyWildcards_FailureExamples(t *testing.T) { 11 | expectedCode := sam.CheckNoStateMachinePolicyWildcards.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoStateMachinePolicyWildcards_PassedExamples(t *testing.T) { 16 | expectedCode := sam.CheckNoStateMachinePolicyWildcards.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sns/enable_topic_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/sns" 8 | ) 9 | 10 | func Test_CheckEnableTopicEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := sns.CheckEnableTopicEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableTopicEncryption_SuccessExamples(t *testing.T) { 16 | expectedCode := sns.CheckEnableTopicEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sqs/enable_queue_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/sqs" 8 | ) 9 | 10 | func Test_CheckEnableQueueEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := sqs.CheckEnableQueueEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableQueueEncryption_SuccessExamples(t *testing.T) { 16 | expectedCode := sqs.CheckEnableQueueEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/sqs/no_wildcards_in_policy_documents_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/sqs" 8 | ) 9 | 10 | func Test_CheckNoWildcardsInPolicyDocuments_FailureExamples(t *testing.T) { 11 | expectedCode := sqs.CheckNoWildcardsInPolicyDocuments.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoWildcardsInPolicyDocuments_SuccessExamples(t *testing.T) { 16 | expectedCode := sqs.CheckNoWildcardsInPolicyDocuments.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/ssm/secret_use_customer_key_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/ssm" 8 | ) 9 | 10 | func Test_CheckSecretUseCustomerKey_FailureExamples(t *testing.T) { 11 | expectedCode := ssm.CheckSecretUseCustomerKey.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckSecretUseCustomerKey_SuccessExamples(t *testing.T) { 16 | expectedCode := ssm.CheckSecretUseCustomerKey.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/vpc/add_description_to_security_group_rule_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/vpc" 8 | ) 9 | 10 | func Test_CheckAddDescriptionToSecurityGroupRule_FailureExamples(t *testing.T) { 11 | expectedCode := vpc.CheckAddDescriptionToSecurityGroupRule.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckAddDescriptionToSecurityGroupRule_PassedExamples(t *testing.T) { 16 | expectedCode := vpc.CheckAddDescriptionToSecurityGroupRule.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/vpc/add_description_to_security_group_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/vpc" 8 | ) 9 | 10 | func Test_CheckAddDescriptionToSecurityGroup_FailureExamples(t *testing.T) { 11 | expectedCode := vpc.CheckAddDescriptionToSecurityGroup.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckAddDescriptionToSecurityGroup_SuccessExamples(t *testing.T) { 16 | expectedCode := vpc.CheckAddDescriptionToSecurityGroup.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/vpc/no_excessive_port_access_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/vpc" 8 | ) 9 | 10 | func Test_CheckNoExcessivePortAccess_FailureExamples(t *testing.T) { 11 | expectedCode := vpc.CheckNoExcessivePortAccess.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoExcessivePortAccess_SuccessExamples(t *testing.T) { 16 | expectedCode := vpc.CheckNoExcessivePortAccess.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/vpc/no_public_egress_sgr_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/vpc" 8 | ) 9 | 10 | func Test_CheckNoPublicEgressSgr_FailureExamples(t *testing.T) { 11 | expectedCode := vpc.CheckNoPublicEgressSgr.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicEgressSgr_SuccessExamples(t *testing.T) { 16 | expectedCode := vpc.CheckNoPublicEgressSgr.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/vpc/no_public_ingress_acl_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/vpc" 8 | ) 9 | 10 | func Test_CheckNoPublicIngress_FailureExamples(t *testing.T) { 11 | expectedCode := vpc.CheckNoPublicIngress.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicIngress_SuccessExamples(t *testing.T) { 16 | expectedCode := vpc.CheckNoPublicIngress.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/vpc/no_public_ingress_sgr_rule_test.go: -------------------------------------------------------------------------------- 1 | package vpc 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/vpc" 8 | ) 9 | 10 | func Test_CheckNoPublicIngressSgr_FailureExamples(t *testing.T) { 11 | expectedCode := vpc.CheckNoPublicIngressSgr.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckNoPublicIngressSgr_SuccessExamples(t *testing.T) { 16 | expectedCode := vpc.CheckNoPublicIngressSgr.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/aws/workspaces/enable_disk_encryption_rule_test.go: -------------------------------------------------------------------------------- 1 | package documentdb 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/aquasecurity/cfsec/internal/app/cfsec/test" 7 | "github.com/aquasecurity/defsec/rules/aws/workspaces" 8 | ) 9 | 10 | func Test_CheckEnableDiskEncryption_FailureExamples(t *testing.T) { 11 | expectedCode := workspaces.CheckEnableDiskEncryption.Rule().LongID() 12 | test.RunFailureExamplesTest(t, expectedCode) 13 | } 14 | 15 | func Test_CheckEnableDiskEncryption_PassedExamples(t *testing.T) { 16 | expectedCode := workspaces.CheckEnableDiskEncryption.Rule().LongID() 17 | test.RunPassingExamplesTest(t, expectedCode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/rules/rule.go: -------------------------------------------------------------------------------- 1 | package rules 2 | 3 | import ( 4 | "github.com/aquasecurity/defsec/rules" 5 | ) 6 | 7 | // Rule ... 8 | type Rule struct { 9 | Base rules.RegisteredRule 10 | 11 | // BadExample (yaml) contains CloudFormation code which would cause the check to fail 12 | BadExample []string 13 | 14 | // GoodExample (yaml) contains CloudFormation code which would pass the check 15 | GoodExample []string 16 | 17 | // Additional links for further reading about the check 18 | Links []string 19 | } 20 | 21 | // ID ... 22 | func (r Rule) ID() string { 23 | return r.Base.Rule().AVDID 24 | } 25 | 26 | func (r Rule) LongID() string { 27 | return r.Base.Rule().LongID() 28 | } 29 | -------------------------------------------------------------------------------- /internal/app/cfsec/scanner/option.go: -------------------------------------------------------------------------------- 1 | package scanner 2 | 3 | // Option ... 4 | type Option func(s *Scanner) 5 | 6 | // OptionIncludePassed ... 7 | func OptionIncludePassed() func(s *Scanner) { 8 | return func(s *Scanner) { 9 | s.includePassed = true 10 | } 11 | } 12 | 13 | // OptionIncludeIgnored ... 14 | func OptionIncludeIgnored() func(s *Scanner) { 15 | return func(s *Scanner) { 16 | s.includeIgnored = true 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /internal/app/cfsec/test/init_test.go: -------------------------------------------------------------------------------- 1 | package test 2 | 3 | import ( 4 | _ "github.com/aquasecurity/cfsec/internal/app/cfsec/rules" 5 | ) 6 | -------------------------------------------------------------------------------- /logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/logo.png -------------------------------------------------------------------------------- /pkg/externalscan/option.go: -------------------------------------------------------------------------------- 1 | package externalscan 2 | 3 | import "github.com/aquasecurity/cfsec/internal/app/cfsec/scanner" 4 | 5 | type Option func(e *ExternalScanner) 6 | 7 | func OptionIncludePassed() Option { 8 | return func(e *ExternalScanner) { 9 | e.internalOptions = append(e.internalOptions, scanner.OptionIncludePassed()) 10 | } 11 | } 12 | 13 | func OptionDebugEnabled() Option { 14 | return func(e *ExternalScanner) { 15 | e.debugEnabled = true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/screenshot.png -------------------------------------------------------------------------------- /scripts/install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux 4 | 5 | env GO111MODULE=on CGO_ENABLED=0 go build -ldflags "-X github.com/aquasecurity/cfsec/version.Version=${1}" ./cmd/cfsec 6 | -------------------------------------------------------------------------------- /vendor/github.com/ProtonMail/go-crypto/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at https://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at https://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveType.go: -------------------------------------------------------------------------------- 1 | package ecc 2 | 3 | type CurveType uint8 4 | 5 | const ( 6 | NISTCurve CurveType = 1 7 | Curve25519 CurveType = 2 8 | BitCurve CurveType = 3 9 | BrainpoolCurve CurveType = 4 10 | ) -------------------------------------------------------------------------------- /vendor/github.com/acomagu/bufpipe/doc.go: -------------------------------------------------------------------------------- 1 | // Package bufpipe provides a IO pipe, has variable-sized buffer. 2 | package bufpipe 3 | -------------------------------------------------------------------------------- /vendor/github.com/acomagu/bufpipe/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/acomagu/bufpipe 2 | 3 | go 1.12 4 | 5 | require github.com/matryer/is v1.2.0 6 | -------------------------------------------------------------------------------- /vendor/github.com/acomagu/bufpipe/go.sum: -------------------------------------------------------------------------------- 1 | github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= 2 | github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= 3 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/formatters/formatter.go: -------------------------------------------------------------------------------- 1 | package formatters 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/aquasecurity/defsec/rules" 7 | ) 8 | 9 | type FormatterOption int 10 | 11 | const ( 12 | ConciseOutput FormatterOption = iota 13 | PassingGif 14 | NoColour 15 | WithDebug 16 | ) 17 | 18 | // Formatter formats scan results into a specific format 19 | type Formatter func(w io.Writer, results []rules.Result, baseDir string, options ...FormatterOption) error 20 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/formatters/gif.go: -------------------------------------------------------------------------------- 1 | package formatters 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/aquasecurity/defsec/rules" 7 | ) 8 | 9 | func FormatGif(w io.Writer, results []rules.Result, baseDir string, options ...FormatterOption) error { 10 | return FormatDefault(w, results, baseDir, append(options, PassingGif)...) 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/formatters/json.go: -------------------------------------------------------------------------------- 1 | package formatters 2 | 3 | import ( 4 | "encoding/json" 5 | "io" 6 | 7 | "github.com/aquasecurity/defsec/rules" 8 | ) 9 | 10 | type JSONOutput struct { 11 | Results []rules.FlatResult `json:"results"` 12 | } 13 | 14 | func FormatJSON(w io.Writer, results []rules.Result, _ string, options ...FormatterOption) error { 15 | jsonWriter := json.NewEncoder(w) 16 | jsonWriter.SetIndent("", "\t") 17 | var flatResults []rules.FlatResult 18 | for _, result := range results { 19 | flatResults = append(flatResults, result.Flatten()) 20 | } 21 | return jsonWriter.Encode(JSONOutput{flatResults}) 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/formatters/text.go: -------------------------------------------------------------------------------- 1 | package formatters 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/aquasecurity/defsec/rules" 7 | ) 8 | 9 | func FormatText(writer io.Writer, results []rules.Result, baseDir string, options ...FormatterOption) error { 10 | return FormatDefault(writer, results, baseDir, append(options, NoColour, ConciseOutput)...) 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/metrics/metric.go: -------------------------------------------------------------------------------- 1 | package metrics 2 | 3 | type Metric interface { 4 | Name() string 5 | Value() string 6 | } 7 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/cloudtrail/cloudtrail.go: -------------------------------------------------------------------------------- 1 | package cloudtrail 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type CloudTrail struct { 6 | Trails []Trail 7 | } 8 | 9 | type Trail struct { 10 | types.Metadata 11 | Name types.StringValue 12 | EnableLogFileValidation types.BoolValue 13 | IsMultiRegion types.BoolValue 14 | KMSKeyID types.StringValue 15 | } 16 | 17 | func (c *Trail) GetMetadata() *types.Metadata { 18 | return &c.Metadata 19 | } 20 | 21 | func (c *Trail) GetRawValue() interface{} { 22 | return nil 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/cloudwatch/cloudwatch.go: -------------------------------------------------------------------------------- 1 | package cloudwatch 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type CloudWatch struct { 6 | LogGroups []LogGroup 7 | } 8 | 9 | type LogGroup struct { 10 | types.Metadata 11 | Name types.StringValue 12 | KMSKeyID types.StringValue 13 | RetentionInDays types.IntValue 14 | } 15 | 16 | func (c *LogGroup) GetMetadata() *types.Metadata { 17 | return &c.Metadata 18 | } 19 | 20 | func (c *LogGroup) GetRawValue() interface{} { 21 | return nil 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/config/config.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Config struct { 6 | ConfigurationAggregrator ConfigurationAggregrator 7 | } 8 | 9 | type ConfigurationAggregrator struct { 10 | SourceAllRegions types.BoolValue 11 | IsDefined bool 12 | } 13 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/dynamodb/dynamodb.go: -------------------------------------------------------------------------------- 1 | package dynamodb 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type DynamoDB struct { 6 | DAXClusters []DAXCluster 7 | } 8 | 9 | type DAXCluster struct { 10 | types.Metadata 11 | ServerSideEncryption ServerSideEncryption 12 | PointInTimeRecovery types.BoolValue 13 | } 14 | 15 | type ServerSideEncryption struct { 16 | Enabled types.BoolValue 17 | KMSKeyID types.StringValue 18 | } 19 | 20 | func (c *DAXCluster) GetMetadata() *types.Metadata { 21 | return &c.Metadata 22 | } 23 | 24 | func (c *DAXCluster) GetRawValue() interface{} { 25 | return nil 26 | } 27 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/ebs/ebs.go: -------------------------------------------------------------------------------- 1 | package ebs 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type EBS struct { 6 | Volumes []Volume 7 | } 8 | 9 | type Volume struct { 10 | types.Metadata 11 | Encryption Encryption 12 | } 13 | 14 | type Encryption struct { 15 | Enabled types.BoolValue 16 | KMSKeyID types.StringValue 17 | } 18 | 19 | func (c *Volume) GetMetadata() *types.Metadata { 20 | return &c.Metadata 21 | } 22 | 23 | func (c *Volume) GetRawValue() interface{} { 24 | return nil 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/ec2/ec2.go: -------------------------------------------------------------------------------- 1 | package ec2 2 | 3 | type EC2 struct { 4 | Instances []Instance 5 | } 6 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/efs/efs.go: -------------------------------------------------------------------------------- 1 | package efs 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type EFS struct { 6 | FileSystems []FileSystem 7 | } 8 | 9 | type FileSystem struct { 10 | types.Metadata 11 | Encrypted types.BoolValue 12 | } 13 | 14 | func (f *FileSystem) GetMetadata() *types.Metadata { 15 | return &f.Metadata 16 | } 17 | 18 | func (f *FileSystem) GetRawValue() interface{} { 19 | return nil 20 | } 21 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/iam/iam.go: -------------------------------------------------------------------------------- 1 | package iam 2 | 3 | type IAM struct { 4 | PasswordPolicy PasswordPolicy 5 | Policies []Policy 6 | GroupPolicies []GroupPolicy 7 | UserPolicies []UserPolicy 8 | RolePolicies []RolePolicy 9 | } 10 | 11 | type Policy struct { 12 | Document PolicyDocument 13 | } 14 | 15 | type GroupPolicy struct { 16 | Document PolicyDocument 17 | } 18 | 19 | type UserPolicy struct { 20 | Document PolicyDocument 21 | } 22 | 23 | type RolePolicy struct { 24 | Document PolicyDocument 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/iam/passwords.go: -------------------------------------------------------------------------------- 1 | package iam 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type PasswordPolicy struct { 6 | types.Metadata 7 | ReusePreventionCount types.IntValue 8 | RequireLowercase types.BoolValue 9 | RequireUppercase types.BoolValue 10 | RequireNumbers types.BoolValue 11 | RequireSymbols types.BoolValue 12 | MaxAgeDays types.IntValue 13 | MinimumLength types.IntValue 14 | } 15 | 16 | func (p *PasswordPolicy) GetMetadata() *types.Metadata { 17 | return &p.Metadata 18 | } 19 | 20 | func (p *PasswordPolicy) GetRawValue() interface{} { 21 | return nil 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/kinesis/kinesis.go: -------------------------------------------------------------------------------- 1 | package kinesis 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Kinesis struct { 6 | Streams []Stream 7 | } 8 | 9 | type Stream struct { 10 | types.Metadata 11 | Encryption Encryption 12 | } 13 | 14 | const ( 15 | EncryptionTypeKMS = "KMS" 16 | ) 17 | 18 | type Encryption struct { 19 | Type types.StringValue 20 | KMSKeyID types.StringValue 21 | } 22 | 23 | func (s *Stream) GetMetadata() *types.Metadata { 24 | return &s.Metadata 25 | } 26 | 27 | func (s *Stream) GetRawValue() interface{} { 28 | return nil 29 | } 30 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/kms/kms.go: -------------------------------------------------------------------------------- 1 | package kms 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type KMS struct { 6 | Keys []Key 7 | } 8 | 9 | const ( 10 | KeyUsageSignAndVerify = "SIGN_VERIFY" 11 | ) 12 | 13 | type Key struct { 14 | types.Metadata 15 | Usage types.StringValue 16 | RotationEnabled types.BoolValue 17 | } 18 | 19 | func (c *Key) GetMetadata() *types.Metadata { 20 | return &c.Metadata 21 | } 22 | 23 | func (c *Key) GetRawValue() interface{} { 24 | return nil 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/mq/mq.go: -------------------------------------------------------------------------------- 1 | package mq 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type MQ struct { 6 | Brokers []Broker 7 | } 8 | 9 | type Broker struct { 10 | types.Metadata 11 | PublicAccess types.BoolValue 12 | Logging Logging 13 | } 14 | 15 | type Logging struct { 16 | General types.BoolValue 17 | Audit types.BoolValue 18 | } 19 | 20 | func (c *Broker) GetMetadata() *types.Metadata { 21 | return &c.Metadata 22 | } 23 | 24 | func (c *Broker) GetRawValue() interface{} { 25 | return nil 26 | } 27 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/neptune/neptune.go: -------------------------------------------------------------------------------- 1 | package neptune 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Neptune struct { 6 | Clusters []Cluster 7 | } 8 | 9 | type Cluster struct { 10 | types.Metadata 11 | Logging Logging 12 | StorageEncrypted types.BoolValue 13 | KMSKeyID types.StringValue 14 | } 15 | 16 | type Logging struct { 17 | Audit types.BoolValue 18 | } 19 | 20 | func (c *Cluster) GetMetadata() *types.Metadata { 21 | return &c.Metadata 22 | } 23 | 24 | func (c *Cluster) GetRawValue() interface{} { 25 | return nil 26 | } 27 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/rds/classic.go: -------------------------------------------------------------------------------- 1 | package rds 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Classic struct { 6 | DBSecurityGroups []DBSecurityGroup 7 | } 8 | 9 | type DBSecurityGroup struct { 10 | types.Metadata 11 | } 12 | 13 | func (g *DBSecurityGroup) GetMetadata() *types.Metadata { 14 | return &g.Metadata 15 | } 16 | 17 | func (g *DBSecurityGroup) GetRawValue() interface{} { 18 | return nil 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/s3/bucket_public_access_block.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type PublicAccessBlock struct { 6 | types.Metadata 7 | Bucket *Bucket 8 | BlockPublicACLs types.BoolValue 9 | BlockPublicPolicy types.BoolValue 10 | IgnorePublicACLs types.BoolValue 11 | RestrictPublicBuckets types.BoolValue 12 | } 13 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/s3/s3.go: -------------------------------------------------------------------------------- 1 | package s3 2 | 3 | type S3 struct { 4 | Buckets []Bucket 5 | PublicAccessBlocks []PublicAccessBlock 6 | } 7 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/sam/sam.go: -------------------------------------------------------------------------------- 1 | package sam 2 | 3 | type SAM struct { 4 | APIs []API 5 | Applications []Application 6 | Functions []Function 7 | HttpAPIs []HttpAPI 8 | SimpleTables []SimpleTable 9 | StateMachines []StateMachine 10 | } 11 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/sns/sns.go: -------------------------------------------------------------------------------- 1 | package sns 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type SNS struct { 6 | Topics []Topic 7 | } 8 | 9 | type Topic struct { 10 | types.Metadata 11 | Encryption Encryption 12 | } 13 | 14 | type Encryption struct { 15 | KMSKeyID types.StringValue 16 | } 17 | 18 | func (v *Topic) GetMetadata() *types.Metadata { 19 | return &v.Metadata 20 | } 21 | 22 | func (v *Topic) GetRawValue() interface{} { 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/sqs/sqs.go: -------------------------------------------------------------------------------- 1 | package sqs 2 | 3 | import ( 4 | "github.com/aquasecurity/defsec/provider/aws/iam" 5 | "github.com/aquasecurity/defsec/types" 6 | ) 7 | 8 | type SQS struct { 9 | Queues []Queue 10 | } 11 | 12 | type Queue struct { 13 | types.Metadata 14 | Encryption Encryption 15 | Policy iam.PolicyDocument 16 | } 17 | 18 | type Encryption struct { 19 | KMSKeyID types.StringValue 20 | } 21 | 22 | func (v *Queue) GetMetadata() *types.Metadata { 23 | return &v.Metadata 24 | } 25 | 26 | func (v *Queue) GetRawValue() interface{} { 27 | return nil 28 | } 29 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/ssm/ssm.go: -------------------------------------------------------------------------------- 1 | package ssm 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type SSM struct { 6 | Secrets []Secret 7 | } 8 | 9 | type Secret struct { 10 | types.Metadata 11 | KMSKeyID types.StringValue 12 | } 13 | 14 | func (v *Secret) GetMetadata() *types.Metadata { 15 | return &v.Metadata 16 | } 17 | 18 | func (v *Secret) GetRawValue() interface{} { 19 | return nil 20 | } 21 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/aws/workspaces/workspaces.go: -------------------------------------------------------------------------------- 1 | package workspaces 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type WorkSpaces struct { 6 | WorkSpaces []WorkSpace 7 | } 8 | 9 | type WorkSpace struct { 10 | types.Metadata 11 | RootVolume Volume 12 | UserVolume Volume 13 | } 14 | 15 | type Volume struct { 16 | Encryption Encryption 17 | } 18 | 19 | type Encryption struct { 20 | Enabled types.BoolValue 21 | } 22 | 23 | func (b *WorkSpace) GetMetadata() *types.Metadata { 24 | return &b.Metadata 25 | } 26 | 27 | func (b *WorkSpace) GetRawValue() interface{} { 28 | return nil 29 | } 30 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/appservice/appservice.go: -------------------------------------------------------------------------------- 1 | package appservice 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type AppService struct { 6 | Services []Service 7 | FunctionApps []FunctionApp 8 | } 9 | 10 | type Service struct { 11 | EnableClientCert types.BoolValue 12 | Identity struct { 13 | Type types.StringValue 14 | } 15 | Authentication struct { 16 | Enabled types.BoolValue 17 | } 18 | Site struct { 19 | EnableHTTP2 types.BoolValue 20 | MinimumTLSVersion types.StringValue 21 | } 22 | } 23 | 24 | type FunctionApp struct { 25 | HTTPSOnly types.BoolValue 26 | } 27 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/authorization/authorization.go: -------------------------------------------------------------------------------- 1 | package authorization 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Authorization struct { 6 | RoleDefinitions []RoleDefinition 7 | } 8 | 9 | type RoleDefinition struct { 10 | Permissions []Permission 11 | AssignableScopes []types.StringValue 12 | } 13 | 14 | type Permission struct { 15 | Actions []types.StringValue 16 | } 17 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/datafactory/datafactory.go: -------------------------------------------------------------------------------- 1 | package datafactory 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type DataFactory struct { 6 | DataFactories []Factory 7 | } 8 | 9 | type Factory struct { 10 | EnablePublicNetwork types.BoolValue 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/datalake/datalake.go: -------------------------------------------------------------------------------- 1 | package datalake 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type DataLake struct { 6 | Stores []Store 7 | } 8 | 9 | type Store struct { 10 | EnableEncryption types.BoolValue 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/keyvault/keyvault.go: -------------------------------------------------------------------------------- 1 | package keyvault 2 | 3 | import ( 4 | "github.com/aquasecurity/defsec/types" 5 | ) 6 | 7 | type KeyVault struct { 8 | Vaults []Vault 9 | } 10 | 11 | type Vault struct { 12 | Secrets []Secret 13 | Keys []Key 14 | EnablePurgeProtection types.BoolValue 15 | NetworkACLs NetworkACLs 16 | } 17 | 18 | type NetworkACLs struct { 19 | DefaultAction types.StringValue 20 | } 21 | 22 | type Key struct { 23 | ExpiryDate types.TimeValue 24 | } 25 | 26 | type Secret struct { 27 | ContentType types.StringValue 28 | ExpiryDate types.TimeValue 29 | } 30 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/monitor/monitor.go: -------------------------------------------------------------------------------- 1 | package monitor 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Monitor struct { 6 | LogProfiles []LogProfile 7 | } 8 | 9 | type LogProfile struct { 10 | types.Metadata 11 | RetentionPolicy RetentionPolicy 12 | Categories []types.StringValue 13 | Locations []types.StringValue 14 | } 15 | 16 | func (p LogProfile) GetMetadata() *types.Metadata { 17 | return &p.Metadata 18 | } 19 | 20 | func (p LogProfile) GetRawValue() interface{} { 21 | return nil 22 | } 23 | 24 | type RetentionPolicy struct { 25 | Enabled types.BoolValue 26 | Days types.IntValue 27 | } 28 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/securitycenter/securitycenter.go: -------------------------------------------------------------------------------- 1 | package securitycenter 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type SecurityCenter struct { 6 | Contacts []Contact 7 | Subscriptions []SubscriptionPricing 8 | } 9 | 10 | type Contact struct { 11 | EnableAlertNotifications types.BoolValue 12 | Phone types.StringValue 13 | } 14 | 15 | const ( 16 | TierFree = "Free" 17 | TierStandard = "Standard" 18 | ) 19 | 20 | type SubscriptionPricing struct { 21 | Tier types.StringValue 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/azure/synapse/synapse.go: -------------------------------------------------------------------------------- 1 | package synapse 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Synapse struct { 6 | Workspaces []Workspace 7 | } 8 | 9 | type Workspace struct { 10 | EnableManagedVirtualNetwork types.BoolValue 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/cloudstack/cloudstack.go: -------------------------------------------------------------------------------- 1 | package cloudstack 2 | 3 | import "github.com/aquasecurity/defsec/provider/cloudstack/compute" 4 | 5 | type CloudStack struct { 6 | Compute compute.Compute 7 | } 8 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/cloudstack/compute/compute.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Compute struct { 6 | Instances []Instance 7 | } 8 | 9 | type Instance struct { 10 | UserData types.StringValue // not b64 encoded pls 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/digitalocean/digitalocean.go: -------------------------------------------------------------------------------- 1 | package digitalocean 2 | 3 | import ( 4 | "github.com/aquasecurity/defsec/provider/digitalocean/compute" 5 | "github.com/aquasecurity/defsec/provider/digitalocean/spaces" 6 | ) 7 | 8 | type DigitalOcean struct { 9 | Compute compute.Compute 10 | Spaces spaces.Spaces 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/digitalocean/spaces/spaces.go: -------------------------------------------------------------------------------- 1 | package spaces 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Spaces struct { 6 | Buckets []Bucket 7 | } 8 | 9 | type Bucket struct { 10 | Objects []Object 11 | ACL types.StringValue 12 | ForceDestroy types.BoolValue 13 | Versioning Versioning 14 | } 15 | 16 | type Versioning struct { 17 | Enabled types.BoolValue 18 | } 19 | 20 | type Object struct { 21 | ACL types.StringValue 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/github/actions.go: -------------------------------------------------------------------------------- 1 | package github 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Action struct { 6 | types.Metadata 7 | EnvironmentSecrets []EnvironmentSecret 8 | } 9 | 10 | type EnvironmentSecret struct { 11 | types.Metadata 12 | Repository types.StringValue 13 | Environment types.StringValue 14 | SecretName types.StringValue 15 | PlainTextValue types.StringValue 16 | EncryptedValue types.StringValue 17 | } 18 | 19 | func (a *EnvironmentSecret) GetMetadata() *types.Metadata { 20 | return &a.Metadata 21 | } 22 | 23 | func (a *EnvironmentSecret) GetRawValue() interface{} { 24 | return nil 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/github/github.go: -------------------------------------------------------------------------------- 1 | package github 2 | 3 | type GitHub struct { 4 | Repositories []Repository 5 | EnvironmentSecrets []EnvironmentSecret 6 | } 7 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/github/repositories.go: -------------------------------------------------------------------------------- 1 | package github 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Repository struct { 6 | Public types.BoolValue 7 | } 8 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/bigquery/bigquery.go: -------------------------------------------------------------------------------- 1 | package bigquery 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type BigQuery struct { 6 | Datasets []Dataset 7 | } 8 | 9 | type Dataset struct { 10 | types.Metadata 11 | ID types.StringValue 12 | AccessGrants []AccessGrant 13 | } 14 | 15 | const ( 16 | SpecialGroupAllAuthenticatedUsers = "allAuthenticatedUsers" 17 | ) 18 | 19 | type AccessGrant struct { 20 | Role types.StringValue 21 | Domain types.StringValue 22 | SpecialGroup types.StringValue 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/compute.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | type Compute struct { 4 | Disks []Disk 5 | Networks []Network 6 | SSLPolicies []SSLPolicy 7 | ProjectMetadata ProjectMetadata 8 | Instances []Instance 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/disk.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Disk struct { 6 | Name types.StringValue 7 | Encryption DiskEncryption 8 | } 9 | 10 | type DiskEncryption struct { 11 | RawKey types.BytesValue 12 | KMSKeyLink types.StringValue 13 | } 14 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/firewall.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Firewall struct { 6 | types.Metadata 7 | IngressRules []IngressRule 8 | EgressRules []EgressRule 9 | } 10 | 11 | type FirewallRule struct { 12 | types.Metadata 13 | Enforced types.BoolValue 14 | IsAllow types.BoolValue 15 | } 16 | 17 | type IngressRule struct { 18 | types.Metadata 19 | FirewallRule 20 | SourceRanges []types.StringValue 21 | } 22 | 23 | type EgressRule struct { 24 | types.Metadata 25 | FirewallRule 26 | DestinationRanges []types.StringValue 27 | } 28 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/metadata.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type ProjectMetadata struct { 6 | types.Metadata 7 | EnableOSLogin types.BoolValue 8 | } 9 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/network.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Network struct { 6 | types.Metadata 7 | Firewall *Firewall 8 | Subnetworks []SubNetwork 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/ssl_policy.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type SSLPolicy struct { 6 | types.Metadata 7 | Name types.StringValue 8 | Profile types.StringValue 9 | MinimumTLSVersion types.StringValue 10 | } 11 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/compute/subnetwork.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type SubNetwork struct { 6 | types.Metadata 7 | Name types.StringValue 8 | EnableFlowLogs types.BoolValue 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/dns/dns.go: -------------------------------------------------------------------------------- 1 | package dns 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type DNS struct { 6 | ManagedZones []ManagedZone 7 | } 8 | 9 | type ManagedZone struct { 10 | DNSSec DNSSec 11 | } 12 | 13 | type DNSSec struct { 14 | Enabled types.BoolValue 15 | DefaultKeySpecs KeySpecs 16 | } 17 | 18 | type KeySpecs struct { 19 | KeySigningKey Key 20 | ZoneSigningKey Key 21 | } 22 | 23 | type Key struct { 24 | Algorithm types.StringValue 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/iam/iam.go: -------------------------------------------------------------------------------- 1 | package iam 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type IAM struct { 6 | } 7 | 8 | type Member struct { 9 | Member types.StringValue 10 | Role types.StringValue 11 | } 12 | 13 | type Binding struct { 14 | Members []types.StringValue 15 | Role types.StringValue 16 | } 17 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/kms/kms.go: -------------------------------------------------------------------------------- 1 | package kms 2 | 3 | import ( 4 | "github.com/aquasecurity/defsec/types" 5 | ) 6 | 7 | type KMS struct { 8 | KeyRings []KeyRing 9 | } 10 | 11 | type KeyRing struct { 12 | Keys []Key 13 | } 14 | 15 | type Key struct { 16 | RotationPeriodSeconds types.IntValue 17 | } 18 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/google/storage/storage.go: -------------------------------------------------------------------------------- 1 | package storage 2 | 3 | import ( 4 | "github.com/aquasecurity/defsec/provider/google/iam" 5 | "github.com/aquasecurity/defsec/types" 6 | ) 7 | 8 | type Storage struct { 9 | Buckets []Bucket 10 | } 11 | 12 | type Bucket struct { 13 | Name types.StringValue 14 | Location types.StringValue 15 | EnableUniformBucketLevelAccess types.BoolValue 16 | Members []iam.Member 17 | Bindings []iam.Binding 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/kubernetes/kubernetes.go: -------------------------------------------------------------------------------- 1 | package kubernetes 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Kubernetes struct { 6 | NetworkPolicies []NetworkPolicy 7 | } 8 | 9 | type NetworkPolicy struct { 10 | Spec Spec 11 | } 12 | 13 | type Spec struct { 14 | Egress Egress 15 | Ingress Ingress 16 | } 17 | 18 | type Egress struct { 19 | Ports []Port 20 | DestinationCIDRs []types.StringValue 21 | } 22 | 23 | type Ingress struct { 24 | Ports []Port 25 | SourceCIDRs []types.StringValue 26 | } 27 | 28 | type Port struct { 29 | Number types.StringValue // e.g. "http" or "80" 30 | Protocol types.StringValue 31 | } 32 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/openstack/openstack.go: -------------------------------------------------------------------------------- 1 | package openstack 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type OpenStack struct { 6 | Compute Compute 7 | } 8 | 9 | type Compute struct { 10 | Instances []Instance 11 | Firewall Firewall 12 | } 13 | 14 | type Firewall struct { 15 | AllowRules []Rule 16 | DenyRules []Rule 17 | } 18 | 19 | type Rule struct { 20 | Source types.StringValue 21 | Destination types.StringValue 22 | SourcePort types.StringValue 23 | DestinationPort types.StringValue 24 | Enabled types.BoolValue 25 | } 26 | 27 | type Instance struct { 28 | AdminPassword types.StringValue 29 | } 30 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/provider/oracle/oracle.go: -------------------------------------------------------------------------------- 1 | package oracle 2 | 3 | import "github.com/aquasecurity/defsec/types" 4 | 5 | type Oracle struct { 6 | Compute Compute 7 | } 8 | 9 | type Compute struct { 10 | AddressReservations []AddressReservation 11 | } 12 | 13 | type AddressReservation struct { 14 | Pool types.StringValue // e.g. public-pool 15 | } 16 | -------------------------------------------------------------------------------- /vendor/github.com/aquasecurity/defsec/types/reference.go: -------------------------------------------------------------------------------- 1 | package types 2 | 3 | type Reference interface { 4 | String() string 5 | LogicalID() string 6 | RefersTo(r Reference) bool 7 | } 8 | 9 | type FakeReference struct { 10 | } 11 | 12 | func (f *FakeReference) String() string { 13 | return "something" 14 | } 15 | 16 | func (f *FakeReference) RefersTo(r Reference) bool { 17 | return false 18 | } 19 | 20 | func (f *FakeReference) LogicalID() string { 21 | return "something" 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/emirpasic/gods/containers/serialization.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2015, Emir Pasic. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package containers 6 | 7 | // JSONSerializer provides JSON serialization 8 | type JSONSerializer interface { 9 | // ToJSON outputs the JSON representation of containers's elements. 10 | ToJSON() ([]byte, error) 11 | } 12 | 13 | // JSONDeserializer provides JSON deserialization 14 | type JSONDeserializer interface { 15 | // FromJSON populates containers's elements from the input JSON representation. 16 | FromJSON([]byte) error 17 | } 18 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/encoding/.appveyor.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | clone_folder: c:\gopath\src\github.com\gdamore\encoding 3 | environment: 4 | GOPATH: c:\gopath 5 | build_script: 6 | - go version 7 | - go env 8 | - SET PATH=%LOCALAPPDATA%\atom\bin;%GOPATH%\bin;%PATH% 9 | - go get -t ./... 10 | - go build 11 | - go install ./... 12 | test_script: 13 | - go test ./... 14 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/encoding/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - 1.9.x 5 | - 1.10.x 6 | - 1.11.x 7 | - tip 8 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/encoding/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/gdamore/encoding 2 | 3 | go 1.9 4 | 5 | require golang.org/x/text v0.3.0 6 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/encoding/go.sum: -------------------------------------------------------------------------------- 1 | golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= 2 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 3 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/.appveyor.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | clone_folder: c:\gopath\src\github.com\gdamore\tcell 3 | environment: 4 | GOPATH: c:\gopath 5 | build_script: 6 | - go version 7 | - go env 8 | - SET PATH=%LOCALAPPDATA%\atom\bin;%GOPATH%\bin;%PATH% 9 | - go get -t ./... 10 | - go build 11 | - go install ./... 12 | test_script: 13 | - go test ./... 14 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/.gitignore: -------------------------------------------------------------------------------- 1 | coverage.txt 2 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - 1.15.x 5 | - master 6 | 7 | arch: 8 | - amd64 9 | - ppc64le 10 | 11 | before_install: 12 | - go get -t -v ./... 13 | 14 | script: 15 | - go test -race -coverprofile=coverage.txt -covermode=atomic 16 | 17 | after_success: 18 | - bash <(curl -s https://codecov.io/bash) 19 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/AUTHORS: -------------------------------------------------------------------------------- 1 | Garrett D'Amore 2 | Zachary Yedidia 3 | Junegunn Choi 4 | Staysail Systems, Inc. 5 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/gdamore/tcell/v2 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/gdamore/encoding v1.0.0 7 | github.com/lucasb-eyer/go-colorful v1.0.3 8 | github.com/mattn/go-runewidth v0.0.10 9 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 10 | golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf 11 | golang.org/x/text v0.3.0 12 | ) 13 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/terminfo/.gitignore: -------------------------------------------------------------------------------- 1 | mkinfo 2 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/terminfo/TERMINALS.md: -------------------------------------------------------------------------------- 1 | TERMINALS 2 | ========= 3 | 4 | The best way to populate terminals on Debian is to install ncurses, 5 | ncurses-term, screen, tmux, rxvt-unicode, and dvtm. This populates the 6 | the terminfo database so that we can have a reasonable set of starting 7 | terminals. 8 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/terminfo/gen.sh: -------------------------------------------------------------------------------- 1 | while read line 2 | do 3 | case "$line" in 4 | *'|'*) 5 | alias=${line#*|} 6 | line=${line%|*} 7 | ;; 8 | *) 9 | alias=${line%%,*} 10 | ;; 11 | esac 12 | 13 | alias=${alias//-/_} 14 | direc=${alias:0:1} 15 | 16 | mkdir -p ${direc}/${alias} 17 | go run mkinfo.go -P ${alias} -go ${direc}/${alias}/term.go ${line//,/ } 18 | done < models.txt 19 | -------------------------------------------------------------------------------- /vendor/github.com/gdamore/tcell/v2/terminfo/models.txt: -------------------------------------------------------------------------------- 1 | aixterm 2 | alacritty 3 | ansi 4 | beterm 5 | cygwin 6 | dtterm 7 | eterm,eterm-color|emacs 8 | gnome,gnome-256color 9 | hpterm 10 | konsole,konsole-256color 11 | kterm 12 | linux 13 | pcansi 14 | rxvt,rxvt-256color,rxvt-88color,rxvt-unicode,rxvt-unicode-256color 15 | screen,screen-256color 16 | st,st-256color|simpleterm 17 | sun,sun-color 18 | termite 19 | tmux 20 | vt52 21 | vt100 22 | vt102 23 | vt220 24 | vt320 25 | vt400 26 | vt420 27 | wy50 28 | wy60 29 | wy99-ansi,wy99a-ansi 30 | xfce 31 | xterm,xterm-88color,xterm-256color 32 | xterm-kitty 33 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/gcfg/README: -------------------------------------------------------------------------------- 1 | Gcfg reads INI-style configuration files into Go structs; 2 | supports user-defined types and subsections. 3 | 4 | Package docs: https://godoc.org/gopkg.in/gcfg.v1 5 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/gcfg/go1_0.go: -------------------------------------------------------------------------------- 1 | // +build !go1.2 2 | 3 | package gcfg 4 | 5 | type textUnmarshaler interface { 6 | UnmarshalText(text []byte) error 7 | } 8 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/gcfg/go1_2.go: -------------------------------------------------------------------------------- 1 | // +build go1.2 2 | 3 | package gcfg 4 | 5 | import ( 6 | "encoding" 7 | ) 8 | 9 | type textUnmarshaler encoding.TextUnmarshaler 10 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/gcfg/types/bool.go: -------------------------------------------------------------------------------- 1 | package types 2 | 3 | // BoolValues defines the name and value mappings for ParseBool. 4 | var BoolValues = map[string]interface{}{ 5 | "true": true, "yes": true, "on": true, "1": true, 6 | "false": false, "no": false, "off": false, "0": false, 7 | } 8 | 9 | var boolParser = func() *EnumParser { 10 | ep := &EnumParser{} 11 | ep.AddVals(BoolValues) 12 | return ep 13 | }() 14 | 15 | // ParseBool parses bool values according to the definitions in BoolValues. 16 | // Parsing is case-insensitive. 17 | func ParseBool(s string) (bool, error) { 18 | v, err := boolParser.Parse(s) 19 | if err != nil { 20 | return false, err 21 | } 22 | return v.(bool), nil 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/gcfg/types/doc.go: -------------------------------------------------------------------------------- 1 | // Package types defines helpers for type conversions. 2 | // 3 | // The API for this package is not finalized yet. 4 | package types 5 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-billy/v5/.gitignore: -------------------------------------------------------------------------------- 1 | /coverage.txt 2 | /vendor 3 | Gopkg.lock 4 | Gopkg.toml 5 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-billy/v5/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/go-git/go-billy/v5 2 | 3 | require ( 4 | github.com/kr/text v0.2.0 // indirect 5 | github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect 6 | golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 7 | gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f 8 | ) 9 | 10 | go 1.13 11 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-billy/v5/osfs/os_js.go: -------------------------------------------------------------------------------- 1 | // +build js 2 | 3 | package osfs 4 | 5 | import ( 6 | "github.com/go-git/go-billy/v5" 7 | "github.com/go-git/go-billy/v5/helper/chroot" 8 | "github.com/go-git/go-billy/v5/memfs" 9 | ) 10 | 11 | // globalMemFs is the global memory fs 12 | var globalMemFs = memfs.New() 13 | 14 | // Default Filesystem representing the root of in-memory filesystem for a 15 | // js/wasm environment. 16 | var Default = memfs.New() 17 | 18 | // New returns a new OS filesystem. 19 | func New(baseDir string) billy.Filesystem { 20 | return chroot.New(Default, Default.Join("/", baseDir)) 21 | } 22 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-billy/v5/osfs/os_posix.go: -------------------------------------------------------------------------------- 1 | // +build !plan9,!windows,!js 2 | 3 | package osfs 4 | 5 | import ( 6 | "os" 7 | 8 | "golang.org/x/sys/unix" 9 | ) 10 | 11 | func (f *file) Lock() error { 12 | f.m.Lock() 13 | defer f.m.Unlock() 14 | 15 | return unix.Flock(int(f.File.Fd()), unix.LOCK_EX) 16 | } 17 | 18 | func (f *file) Unlock() error { 19 | f.m.Lock() 20 | defer f.m.Unlock() 21 | 22 | return unix.Flock(int(f.File.Fd()), unix.LOCK_UN) 23 | } 24 | 25 | func rename(from, to string) error { 26 | return os.Rename(from, to) 27 | } 28 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/plumbing/object/common.go: -------------------------------------------------------------------------------- 1 | package object 2 | 3 | import ( 4 | "bufio" 5 | "sync" 6 | ) 7 | 8 | var bufPool = sync.Pool{ 9 | New: func() interface{} { 10 | return bufio.NewReader(nil) 11 | }, 12 | } 13 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/plumbing/revision.go: -------------------------------------------------------------------------------- 1 | package plumbing 2 | 3 | // Revision represents a git revision 4 | // to get more details about git revisions 5 | // please check git manual page : 6 | // https://www.kernel.org/pub/software/scm/git/docs/gitrevisions.html 7 | type Revision string 8 | 9 | func (r Revision) String() string { 10 | return string(r) 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/plumbing/storer/doc.go: -------------------------------------------------------------------------------- 1 | // Package storer defines the interfaces to store objects, references, etc. 2 | package storer 3 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/plumbing/storer/index.go: -------------------------------------------------------------------------------- 1 | package storer 2 | 3 | import "github.com/go-git/go-git/v5/plumbing/format/index" 4 | 5 | // IndexStorer generic storage of index.Index 6 | type IndexStorer interface { 7 | SetIndex(*index.Index) error 8 | Index() (*index.Index, error) 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/plumbing/storer/shallow.go: -------------------------------------------------------------------------------- 1 | package storer 2 | 3 | import "github.com/go-git/go-git/v5/plumbing" 4 | 5 | // ShallowStorer is a storage of references to shallow commits by hash, 6 | // meaning that these commits have missing parents because of a shallow fetch. 7 | type ShallowStorer interface { 8 | SetShallow([]plumbing.Hash) error 9 | Shallow() ([]plumbing.Hash, error) 10 | } 11 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/plumbing/storer/storer.go: -------------------------------------------------------------------------------- 1 | package storer 2 | 3 | // Storer is a basic storer for encoded objects and references. 4 | type Storer interface { 5 | EncodedObjectStorer 6 | ReferenceStorer 7 | } 8 | 9 | // Initializer should be implemented by storers that require to perform any 10 | // operation when creating a new repository (i.e. git init). 11 | type Initializer interface { 12 | // Init performs initialization of the storer and returns the error, if 13 | // any. 14 | Init() error 15 | } 16 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe.go: -------------------------------------------------------------------------------- 1 | // +build !js 2 | 3 | package ioutil 4 | 5 | import "io" 6 | 7 | func Pipe() (PipeReader, PipeWriter) { 8 | return io.Pipe() 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe_js.go: -------------------------------------------------------------------------------- 1 | // +build js 2 | 3 | package ioutil 4 | 5 | import "github.com/acomagu/bufpipe" 6 | 7 | func Pipe() (PipeReader, PipeWriter) { 8 | return bufpipe.New(nil) 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/inconshreveable/mousetrap/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2014 Alan Shreve 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /vendor/github.com/inconshreveable/mousetrap/trap_others.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package mousetrap 4 | 5 | // StartedByExplorer returns true if the program was invoked by the user 6 | // double-clicking on the executable from explorer.exe 7 | // 8 | // It is conservative and returns false if any of the internal calls fail. 9 | // It does not guarantee that the program was run from a terminal. It only can tell you 10 | // whether it was launched from explorer.exe 11 | // 12 | // On non-Windows platforms, it always returns false. 13 | func StartedByExplorer() bool { 14 | return false 15 | } 16 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/clinch/terminal/size.go: -------------------------------------------------------------------------------- 1 | package terminal 2 | 3 | import "golang.org/x/crypto/ssh/terminal" 4 | 5 | // Size returns the width and height of the terminal, in columns and rows 6 | func Size() (int, int) { 7 | width, height, _ := terminal.GetSize(0) 8 | return width, height 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/.vimspector.json: -------------------------------------------------------------------------------- 1 | { 2 | "configurations": { 3 | "Run Test": { 4 | "adapter": "vscode-go", 5 | "configuration": { 6 | "request": "launch", 7 | "program": "${fileDirname}", 8 | "mode": "test", 9 | "dlvToolPath": "$HOME/go/bin/dlv", 10 | "args": [ 11 | "-test.v", 12 | "-test.run", 13 | "${Test}" 14 | ] 15 | } 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/decode_boolean.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | import ( 4 | "fmt" 5 | "reflect" 6 | ) 7 | 8 | func (n *node) decodeBoolean(v reflect.Value) error { 9 | switch v.Kind() { 10 | case reflect.Bool: 11 | v.SetBool(n.raw.(bool)) 12 | case reflect.Interface: 13 | v.Set(reflect.ValueOf(n.raw)) 14 | default: 15 | return fmt.Errorf("cannot decode boolean value to %s target", v.Kind()) 16 | } 17 | return nil 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/decode_null.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | import ( 4 | "reflect" 5 | ) 6 | 7 | func (n *node) decodeNull(v reflect.Value) error { 8 | v.Set(reflect.Zero(v.Type())) 9 | return nil 10 | } 11 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/decode_string.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | import ( 4 | "fmt" 5 | "reflect" 6 | ) 7 | 8 | func (n *node) decodeString(v reflect.Value) error { 9 | 10 | switch v.Kind() { 11 | case reflect.String: 12 | v.SetString(n.raw.(string)) 13 | case reflect.Interface: 14 | v.Set(reflect.ValueOf(n.raw)) 15 | default: 16 | return fmt.Errorf("cannot decode string value to non-string target: %s", v.Kind()) 17 | } 18 | return nil 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/liamg/jfather 2 | 3 | go 1.16 4 | 5 | require github.com/stretchr/testify v1.7.0 6 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/kind.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | type Kind uint8 4 | 5 | const ( 6 | KindUnknown Kind = iota 7 | KindNull 8 | KindNumber 9 | KindString 10 | KindBoolean 11 | KindArray 12 | KindObject 13 | ) 14 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/parse_null.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | import "fmt" 4 | 5 | var nullRunes = []rune("null") 6 | 7 | func (p *parser) parseNull() (Node, error) { 8 | 9 | n := p.newNode(KindNull) 10 | 11 | for _, expected := range nullRunes { 12 | if !p.swallowIfEqual(expected) { 13 | return nil, fmt.Errorf("unexpected character") 14 | } 15 | } 16 | n.raw = nil 17 | n.end = p.position 18 | return n, nil 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/parse_whitespace.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | import "io" 4 | 5 | func (p *parser) parseWhitespace() error { 6 | for { 7 | b, err := p.peeker.Peek() 8 | if err != nil { 9 | if err == io.EOF { 10 | return nil 11 | } 12 | return err 13 | } 14 | switch b { 15 | case 0x0d, 0x20, 0x09: 16 | case 0x0a: 17 | p.position.Column = 1 18 | p.position.Line++ 19 | default: 20 | return nil 21 | } 22 | if _, err := p.next(); err != nil { 23 | return err 24 | } 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/jfather/unmarshal.go: -------------------------------------------------------------------------------- 1 | package jfather 2 | 3 | import "bytes" 4 | 5 | type Unmarshaller interface { 6 | UnmarshalJSONWithMetadata(node Node) error 7 | } 8 | 9 | func Unmarshal(data []byte, target interface{}) error { 10 | node, err := newParser(NewPeekReader(bytes.NewReader(data)), Position{1, 1}).parse() 11 | if err != nil { 12 | return err 13 | } 14 | return node.Decode(target) 15 | } 16 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/.gitignore: -------------------------------------------------------------------------------- 1 | bin 2 | .vscode 3 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/Makefile: -------------------------------------------------------------------------------- 1 | 2 | default: build 3 | 4 | build: test 5 | mkdir -p bin 6 | go build ./tml/ -o bin/tml 7 | 8 | build-travis: test 9 | mkdir -p bin/linux-amd64/tml 10 | mkdir -p bin/darwin-amd64/tml 11 | GOOS=linux GOARCH=amd64 go build -o bin/linux-amd64/tml -ldflags "-X github.com/liamg/tml/version.Version=${TRAVIS_TAG}" ./tml 12 | GOOS=darwin GOARCH=amd64 go build -o bin/darwin-amd64/tml -ldflags "-X github.com/liamg/tml/version.Version=${TRAVIS_TAG}" ./tml 13 | 14 | test: 15 | go vet ./... 16 | go test -v ./... 17 | 18 | .PHONY: build test 19 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/disable.go: -------------------------------------------------------------------------------- 1 | package tml 2 | 3 | import "sync" 4 | 5 | var disableFormatting bool 6 | var formattingLock sync.RWMutex 7 | 8 | func DisableFormatting() { 9 | formattingLock.Lock() 10 | defer formattingLock.Unlock() 11 | disableFormatting = true 12 | } 13 | 14 | func EnableFormatting() { 15 | formattingLock.Lock() 16 | defer formattingLock.Unlock() 17 | disableFormatting = false 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/vendor/github.com/liamg/tml/example.png -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/liamg/tml 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/davecgh/go-spew v1.1.1 // indirect 7 | github.com/stretchr/testify v1.3.0 8 | ) 9 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/new_line.go: -------------------------------------------------------------------------------- 1 | package tml 2 | 3 | // NewLine prints a new line to the terminal with no content 4 | func NewLine() { 5 | Println("") 6 | } 7 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/parse.go: -------------------------------------------------------------------------------- 1 | package tml 2 | 3 | import ( 4 | "strings" 5 | "bytes" 6 | ) 7 | 8 | // Parse converts the input string (containing TML tags) into a string containing ANSI escape code sequences for output to the terminal. 9 | func Parse(input string) (string, error) { 10 | output := bytes.NewBufferString("") 11 | if err := NewParser(output).Parse(strings.NewReader(input)); err != nil { 12 | return "", err 13 | } 14 | return output.String(), nil 15 | } 16 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/printf.go: -------------------------------------------------------------------------------- 1 | package tml 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | // Printf works like fmt.Printf, but adds the option of using tags to apply colour or text formatting to the written text. For example "some red text". 8 | // A full list of tags is available here: https://github.com/liamg/tml 9 | func Printf(input string, a ...interface{}) error { 10 | format, err := Parse(input) 11 | if err != nil { 12 | return err 13 | } 14 | _, err = fmt.Printf(format, a...) 15 | return err 16 | } 17 | 18 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/println.go: -------------------------------------------------------------------------------- 1 | package tml 2 | 3 | // Println works like fmt.Println, but adds the option of using tags to apply colour or text formatting to the written text. For example "some red text". 4 | // A full list of tags is available here: https://github.com/liamg/tml 5 | func Println(input string) { 6 | Printf(input + "\n") 7 | } 8 | -------------------------------------------------------------------------------- /vendor/github.com/liamg/tml/sprintf.go: -------------------------------------------------------------------------------- 1 | package tml 2 | 3 | import "fmt" 4 | 5 | // Sprintf works like fmt.Sprintf, but adds the option of using tags to apply colour or text formatting to the written text. For example "some red text". 6 | // A full list of tags is available here: https://github.com/liamg/tml 7 | func Sprintf(input string, a ...interface{}) string { 8 | // parsing cannot fail as the reader/writer are simply for local strings 9 | format, _ := Parse(input) 10 | return fmt.Sprintf(format, a...) 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/lucasb-eyer/go-colorful/.gitignore: -------------------------------------------------------------------------------- 1 | # Compiled Object files, Static and Dynamic libs (Shared Objects) 2 | *.o 3 | *.a 4 | *.so 5 | 6 | # Folders 7 | _obj 8 | _test 9 | 10 | # Vim swap files 11 | .*.sw? 12 | 13 | # Architecture specific extensions/prefixes 14 | *.[568vq] 15 | [568vq].out 16 | 17 | *.cgo1.go 18 | *.cgo2.c 19 | _cgo_defun.c 20 | _cgo_gotypes.go 21 | _cgo_export.* 22 | 23 | _testmain.go 24 | 25 | *.exe 26 | 27 | # Code coverage stuff 28 | coverage.out 29 | -------------------------------------------------------------------------------- /vendor/github.com/lucasb-eyer/go-colorful/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | install: 3 | - go get golang.org/x/tools/cmd/cover 4 | - go get github.com/mattn/goveralls 5 | script: 6 | - go test -v -covermode=count -coverprofile=coverage.out 7 | - if [[ "$TRAVIS_PULL_REQUEST" = "false" ]]; then $HOME/gopath/bin/goveralls -coverprofile=coverage.out -service=travis-ci -repotoken $COVERALLS_TOKEN; fi 8 | -------------------------------------------------------------------------------- /vendor/github.com/lucasb-eyer/go-colorful/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/lucasb-eyer/go-colorful 2 | 3 | go 1.12 4 | -------------------------------------------------------------------------------- /vendor/github.com/lucasb-eyer/go-colorful/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/vendor/github.com/lucasb-eyer/go-colorful/go.sum -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | sudo: false 3 | go: 4 | - 1.13.x 5 | - tip 6 | 7 | before_install: 8 | - go get -t -v ./... 9 | 10 | script: 11 | - go generate 12 | - git diff --cached --exit-code 13 | - ./go.test.sh 14 | 15 | after_success: 16 | - bash <(curl -s https://codecov.io/bash) 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/mattn/go-runewidth 2 | 3 | go 1.9 4 | 5 | require github.com/rivo/uniseg v0.1.0 6 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/go.sum: -------------------------------------------------------------------------------- 1 | github.com/rivo/uniseg v0.1.0 h1:+2KBaVoUmb9XzDsrx/Ct0W/EYOSFf/nWTauy++DprtY= 2 | github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= 3 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/go.test.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | echo "" > coverage.txt 5 | 6 | for d in $(go list ./... | grep -v vendor); do 7 | go test -race -coverprofile=profile.out -covermode=atomic "$d" 8 | if [ -f profile.out ]; then 9 | cat profile.out >> coverage.txt 10 | rm profile.out 11 | fi 12 | done 13 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/runewidth_appengine.go: -------------------------------------------------------------------------------- 1 | // +build appengine 2 | 3 | package runewidth 4 | 5 | // IsEastAsian return true if the current locale is CJK 6 | func IsEastAsian() bool { 7 | return false 8 | } 9 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/runewidth_js.go: -------------------------------------------------------------------------------- 1 | // +build js 2 | // +build !appengine 3 | 4 | package runewidth 5 | 6 | func IsEastAsian() bool { 7 | // TODO: Implement this for the web. Detect east asian in a compatible way, and return true. 8 | return false 9 | } 10 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-runewidth/runewidth_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | // +build !appengine 3 | 4 | package runewidth 5 | 6 | import ( 7 | "syscall" 8 | ) 9 | 10 | var ( 11 | kernel32 = syscall.NewLazyDLL("kernel32") 12 | procGetConsoleOutputCP = kernel32.NewProc("GetConsoleOutputCP") 13 | ) 14 | 15 | // IsEastAsian return true if the current locale is CJK 16 | func IsEastAsian() bool { 17 | r1, _, _ := procGetConsoleOutputCP.Call() 18 | if r1 == 0 { 19 | return false 20 | } 21 | 22 | switch int(r1) { 23 | case 932, 51932, 936, 949, 950: 24 | return true 25 | } 26 | 27 | return false 28 | } 29 | -------------------------------------------------------------------------------- /vendor/github.com/mitchellh/go-homedir/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/mitchellh/go-homedir 2 | -------------------------------------------------------------------------------- /vendor/github.com/owenrumney/go-sarif/v2/sarif/replacement.go: -------------------------------------------------------------------------------- 1 | package sarif 2 | 3 | // Replacement ... 4 | type Replacement struct { 5 | DeletedRegion Region `json:"deletedRegion"` 6 | InsertedContent *ArtifactContent `json:"insertedContent,omitempty"` 7 | PropertyBag 8 | 9 | } 10 | 11 | // NewReplacement creates a new Replacement and returns a pointer to it 12 | func NewReplacement(region *Region) *Replacement { 13 | return &Replacement{ 14 | DeletedRegion: *region, 15 | } 16 | } 17 | 18 | // WithInsertedContent sets the InsertedContent 19 | func (r *Replacement) WithInsertedContent(artifactContent *ArtifactContent) *Replacement { 20 | r.InsertedContent = artifactContent 21 | return r 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/owenrumney/go-sarif/v2/sarif/special_locations.go: -------------------------------------------------------------------------------- 1 | package sarif 2 | 3 | // SpecialLocations ... 4 | type SpecialLocations struct { 5 | DisplayBase *ArtifactLocation `json:"displayBase,omitempty"` 6 | PropertyBag 7 | 8 | } 9 | 10 | // NewSpecialLocations ... 11 | func NewSpecialLocations() *SpecialLocations { 12 | return &SpecialLocations{} 13 | } 14 | 15 | // WithDisplayBase sets the DisplayBase 16 | func (specialLocations *SpecialLocations) WithDisplayBase(displayBase *ArtifactLocation) *SpecialLocations { 17 | specialLocations.DisplayBase = displayBase 18 | return specialLocations 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/owenrumney/go-sarif/v2/sarif/test_helpers.go: -------------------------------------------------------------------------------- 1 | package sarif 2 | 3 | import "encoding/json" 4 | 5 | func getJsonString(value interface{}) string { 6 | j, err := json.Marshal(value) 7 | if err != nil { 8 | panic(err) 9 | } 10 | return string(j) 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/owenrumney/go-sarif/v2/sarif/tool.go: -------------------------------------------------------------------------------- 1 | package sarif 2 | 3 | // Tool ... 4 | type Tool struct { 5 | Driver *ToolComponent `json:"driver"` 6 | PropertyBag 7 | 8 | } 9 | 10 | // NewTool creates a new Tool and returns a pointer to it 11 | func NewTool(driver *ToolComponent) *Tool { 12 | return &Tool{ 13 | Driver: driver, 14 | } 15 | } 16 | 17 | // NewSimpleTool creates a new SimpleTool and returns a pointer to it 18 | func NewSimpleTool(driverName string) *Tool { 19 | return &Tool{ 20 | Driver: NewDriver(driverName), 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /vendor/github.com/owenrumney/squealer/pkg/result/result.go: -------------------------------------------------------------------------------- 1 | package result 2 | 3 | type StringScanResult struct { 4 | Description string 5 | TransgressionFound bool 6 | } 7 | 8 | var CleanResult = StringScanResult{} 9 | 10 | func NewTransgressionResult(description string) StringScanResult { 11 | return StringScanResult{ 12 | TransgressionFound: true, 13 | Description: description, 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /vendor/github.com/rivo/uniseg/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Package uniseg implements Unicode Text Segmentation according to Unicode 3 | Standard Annex #29 (http://unicode.org/reports/tr29/). 4 | 5 | At this point, only the determination of grapheme cluster boundaries is 6 | implemented. 7 | */ 8 | package uniseg 9 | -------------------------------------------------------------------------------- /vendor/github.com/rivo/uniseg/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/rivo/uniseg 2 | 3 | go 1.12 4 | -------------------------------------------------------------------------------- /vendor/github.com/sergi/go-diff/diffmatchpatch/mathutil.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2012-2016 The go-diff authors. All rights reserved. 2 | // https://github.com/sergi/go-diff 3 | // See the included LICENSE file for license details. 4 | // 5 | // go-diff is a Go implementation of Google's Diff, Match, and Patch library 6 | // Original library is Copyright (c) 2006 Google Inc. 7 | // http://code.google.com/p/google-diff-match-patch/ 8 | 9 | package diffmatchpatch 10 | 11 | func min(x, y int) int { 12 | if x < y { 13 | return x 14 | } 15 | return y 16 | } 17 | 18 | func max(x, y int) int { 19 | if x > y { 20 | return x 21 | } 22 | return y 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/sergi/go-diff/diffmatchpatch/operation_string.go: -------------------------------------------------------------------------------- 1 | // Code generated by "stringer -type=Operation -trimprefix=Diff"; DO NOT EDIT. 2 | 3 | package diffmatchpatch 4 | 5 | import "fmt" 6 | 7 | const _Operation_name = "DeleteEqualInsert" 8 | 9 | var _Operation_index = [...]uint8{0, 6, 11, 17} 10 | 11 | func (i Operation) String() string { 12 | i -= -1 13 | if i < 0 || i >= Operation(len(_Operation_index)-1) { 14 | return fmt.Sprintf("Operation(%d)", i+-1) 15 | } 16 | return _Operation_name[_Operation_index[i]:_Operation_index[i+1]] 17 | } 18 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/.gitignore: -------------------------------------------------------------------------------- 1 | logrus 2 | vendor 3 | 4 | .idea/ 5 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | go_import_path: github.com/sirupsen/logrus 3 | git: 4 | depth: 1 5 | env: 6 | - GO111MODULE=on 7 | go: 1.15.x 8 | os: linux 9 | install: 10 | - ./travis/install.sh 11 | script: 12 | - cd ci 13 | - go run mage.go -v -w ../ crossBuild 14 | - go run mage.go -v -w ../ lint 15 | - go run mage.go -v -w ../ test 16 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/appveyor.yml: -------------------------------------------------------------------------------- 1 | version: "{build}" 2 | platform: x64 3 | clone_folder: c:\gopath\src\github.com\sirupsen\logrus 4 | environment: 5 | GOPATH: c:\gopath 6 | branches: 7 | only: 8 | - master 9 | install: 10 | - set PATH=%GOPATH%\bin;c:\go\bin;%PATH% 11 | - go version 12 | build_script: 13 | - go get -t 14 | - go test 15 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/sirupsen/logrus 2 | 3 | require ( 4 | github.com/davecgh/go-spew v1.1.1 // indirect 5 | github.com/pmezard/go-difflib v1.0.0 // indirect 6 | github.com/stretchr/testify v1.2.2 7 | golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 8 | ) 9 | 10 | go 1.13 11 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_appengine.go: -------------------------------------------------------------------------------- 1 | // +build appengine 2 | 3 | package logrus 4 | 5 | import ( 6 | "io" 7 | ) 8 | 9 | func checkIfTerminal(w io.Writer) bool { 10 | return true 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_bsd.go: -------------------------------------------------------------------------------- 1 | // +build darwin dragonfly freebsd netbsd openbsd 2 | // +build !js 3 | 4 | package logrus 5 | 6 | import "golang.org/x/sys/unix" 7 | 8 | const ioctlReadTermios = unix.TIOCGETA 9 | 10 | func isTerminal(fd int) bool { 11 | _, err := unix.IoctlGetTermios(fd, ioctlReadTermios) 12 | return err == nil 13 | } 14 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_js.go: -------------------------------------------------------------------------------- 1 | // +build js 2 | 3 | package logrus 4 | 5 | func isTerminal(fd int) bool { 6 | return false 7 | } 8 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_no_terminal.go: -------------------------------------------------------------------------------- 1 | // +build js nacl plan9 2 | 3 | package logrus 4 | 5 | import ( 6 | "io" 7 | ) 8 | 9 | func checkIfTerminal(w io.Writer) bool { 10 | return false 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_notappengine.go: -------------------------------------------------------------------------------- 1 | // +build !appengine,!js,!windows,!nacl,!plan9 2 | 3 | package logrus 4 | 5 | import ( 6 | "io" 7 | "os" 8 | ) 9 | 10 | func checkIfTerminal(w io.Writer) bool { 11 | switch v := w.(type) { 12 | case *os.File: 13 | return isTerminal(int(v.Fd())) 14 | default: 15 | return false 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_solaris.go: -------------------------------------------------------------------------------- 1 | package logrus 2 | 3 | import ( 4 | "golang.org/x/sys/unix" 5 | ) 6 | 7 | // IsTerminal returns true if the given file descriptor is a terminal. 8 | func isTerminal(fd int) bool { 9 | _, err := unix.IoctlGetTermio(fd, unix.TCGETA) 10 | return err == nil 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_unix.go: -------------------------------------------------------------------------------- 1 | // +build linux aix zos 2 | // +build !js 3 | 4 | package logrus 5 | 6 | import "golang.org/x/sys/unix" 7 | 8 | const ioctlReadTermios = unix.TCGETS 9 | 10 | func isTerminal(fd int) bool { 11 | _, err := unix.IoctlGetTermios(fd, ioctlReadTermios) 12 | return err == nil 13 | } 14 | -------------------------------------------------------------------------------- /vendor/github.com/sirupsen/logrus/terminal_check_windows.go: -------------------------------------------------------------------------------- 1 | // +build !appengine,!js,windows 2 | 3 | package logrus 4 | 5 | import ( 6 | "io" 7 | "os" 8 | 9 | "golang.org/x/sys/windows" 10 | ) 11 | 12 | func checkIfTerminal(w io.Writer) bool { 13 | switch v := w.(type) { 14 | case *os.File: 15 | handle := windows.Handle(v.Fd()) 16 | var mode uint32 17 | if err := windows.GetConsoleMode(handle, &mode); err != nil { 18 | return false 19 | } 20 | mode |= windows.ENABLE_VIRTUAL_TERMINAL_PROCESSING 21 | if err := windows.SetConsoleMode(handle, mode); err != nil { 22 | return false 23 | } 24 | return true 25 | } 26 | return false 27 | } 28 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/.gitignore: -------------------------------------------------------------------------------- 1 | # Compiled Object files, Static and Dynamic libs (Shared Objects) 2 | *.o 3 | *.a 4 | *.so 5 | 6 | # Folders 7 | _obj 8 | _test 9 | 10 | # Architecture specific extensions/prefixes 11 | *.[568vq] 12 | [568vq].out 13 | 14 | *.cgo1.go 15 | *.cgo2.c 16 | _cgo_defun.c 17 | _cgo_gotypes.go 18 | _cgo_export.* 19 | 20 | _testmain.go 21 | 22 | # Vim files https://github.com/github/gitignore/blob/master/Global/Vim.gitignore 23 | # swap 24 | [._]*.s[a-w][a-z] 25 | [._]s[a-w][a-z] 26 | # session 27 | Session.vim 28 | # temporary 29 | .netrwhist 30 | *~ 31 | # auto-generated tag files 32 | tags 33 | 34 | *.exe 35 | cobra.test 36 | bin 37 | 38 | .idea/ 39 | *.iml 40 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/.mailmap: -------------------------------------------------------------------------------- 1 | Steve Francia 2 | Bjørn Erik Pedersen 3 | Fabiano Franz 4 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/command_notwin.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package cobra 4 | 5 | var preExecHookFn func(*Command) 6 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/command_win.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package cobra 4 | 5 | import ( 6 | "fmt" 7 | "os" 8 | "time" 9 | 10 | "github.com/inconshreveable/mousetrap" 11 | ) 12 | 13 | var preExecHookFn = preExecHook 14 | 15 | func preExecHook(c *Command) { 16 | if MousetrapHelpText != "" && mousetrap.StartedByExplorer() { 17 | c.Print(MousetrapHelpText) 18 | if MousetrapDisplayDuration > 0 { 19 | time.Sleep(MousetrapDisplayDuration) 20 | } else { 21 | c.Println("Press return to continue...") 22 | fmt.Scanln() 23 | } 24 | os.Exit(1) 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/fish_completions.md: -------------------------------------------------------------------------------- 1 | ## Generating Fish Completions For Your cobra.Command 2 | 3 | Please refer to [Shell Completions](shell_completions.md) for details. 4 | 5 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/spf13/cobra 2 | 3 | go 1.14 4 | 5 | require ( 6 | github.com/cpuguy83/go-md2man/v2 v2.0.0 7 | github.com/inconshreveable/mousetrap v1.0.0 8 | github.com/spf13/pflag v1.0.5 9 | github.com/spf13/viper v1.8.1 10 | gopkg.in/yaml.v2 v2.4.0 11 | ) 12 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/cobra/powershell_completions.md: -------------------------------------------------------------------------------- 1 | # Generating PowerShell Completions For Your Own cobra.Command 2 | 3 | Please refer to [Shell Completions](shell_completions.md#powershell-completions) for details. 4 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/pflag/.gitignore: -------------------------------------------------------------------------------- 1 | .idea/* 2 | 3 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/pflag/.travis.yml: -------------------------------------------------------------------------------- 1 | sudo: false 2 | 3 | language: go 4 | 5 | go: 6 | - 1.9.x 7 | - 1.10.x 8 | - 1.11.x 9 | - tip 10 | 11 | matrix: 12 | allow_failures: 13 | - go: tip 14 | 15 | install: 16 | - go get golang.org/x/lint/golint 17 | - export PATH=$GOPATH/bin:$PATH 18 | - go install ./... 19 | 20 | script: 21 | - verify/all.sh -v 22 | - go test ./... 23 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/pflag/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/spf13/pflag 2 | 3 | go 1.12 4 | -------------------------------------------------------------------------------- /vendor/github.com/spf13/pflag/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aquasecurity/cfsec/0a43f073585a87c4f1782755d65d49fdbdd069e2/vendor/github.com/spf13/pflag/go.sum -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl: -------------------------------------------------------------------------------- 1 | {{.CommentFormat}} 2 | func {{.DocInfo.Name}}f(t TestingT, {{.ParamsFormat}}) bool { 3 | if h, ok := t.(tHelper); ok { h.Helper() } 4 | return {{.DocInfo.Name}}(t, {{.ForwardedParamsFormat}}) 5 | } 6 | -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl: -------------------------------------------------------------------------------- 1 | {{.CommentWithoutT "a"}} 2 | func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) bool { 3 | if h, ok := a.t.(tHelper); ok { h.Helper() } 4 | return {{.DocInfo.Name}}(a.t, {{.ForwardedParams}}) 5 | } 6 | -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/assert/errors.go: -------------------------------------------------------------------------------- 1 | package assert 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | // AnError is an error instance useful for testing. If the code does not care 8 | // about error specifics, and only needs to return the error for example, this 9 | // error should be used to make the test code more readable. 10 | var AnError = errors.New("assert.AnError general error for testing") 11 | -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/assert/forward_assertions.go: -------------------------------------------------------------------------------- 1 | package assert 2 | 3 | // Assertions provides assertion methods around the 4 | // TestingT interface. 5 | type Assertions struct { 6 | t TestingT 7 | } 8 | 9 | // New makes a new Assertions object for the specified TestingT. 10 | func New(t TestingT) *Assertions { 11 | return &Assertions{ 12 | t: t, 13 | } 14 | } 15 | 16 | //go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_forward.go.tmpl -include-format-funcs" 17 | -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/require/forward_requirements.go: -------------------------------------------------------------------------------- 1 | package require 2 | 3 | // Assertions provides assertion methods around the 4 | // TestingT interface. 5 | type Assertions struct { 6 | t TestingT 7 | } 8 | 9 | // New makes a new Assertions object for the specified TestingT. 10 | func New(t TestingT) *Assertions { 11 | return &Assertions{ 12 | t: t, 13 | } 14 | } 15 | 16 | //go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=require -template=require_forward.go.tmpl -include-format-funcs" 17 | -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/require/require.go.tmpl: -------------------------------------------------------------------------------- 1 | {{.Comment}} 2 | func {{.DocInfo.Name}}(t TestingT, {{.Params}}) { 3 | if h, ok := t.(tHelper); ok { h.Helper() } 4 | if assert.{{.DocInfo.Name}}(t, {{.ForwardedParams}}) { return } 5 | t.FailNow() 6 | } 7 | -------------------------------------------------------------------------------- /vendor/github.com/stretchr/testify/require/require_forward.go.tmpl: -------------------------------------------------------------------------------- 1 | {{.CommentWithoutT "a"}} 2 | func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) { 3 | if h, ok := a.t.(tHelper); ok { h.Helper() } 4 | {{.DocInfo.Name}}(a.t, {{.ForwardedParams}}) 5 | } 6 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at https://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at https://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/curve25519_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !amd64 || !gc || purego 6 | // +build !amd64 !gc purego 7 | 8 | package curve25519 9 | 10 | func scalarMult(out, in, base *[32]byte) { 11 | scalarMultGeneric(out, in, base) 12 | } 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/plan9/asm.s: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | #include "textflag.h" 6 | 7 | TEXT ·use(SB),NOSPLIT,$0 8 | RET 9 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/plan9/mksysnum_plan9.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright 2009 The Go Authors. All rights reserved. 3 | # Use of this source code is governed by a BSD-style 4 | # license that can be found in the LICENSE file. 5 | 6 | COMMAND="mksysnum_plan9.sh $@" 7 | 8 | cat <= 10 { 16 | buf[i] = byte(val%10 + '0') 17 | i-- 18 | val /= 10 19 | } 20 | buf[i] = byte(val + '0') 21 | return string(buf[i:]) 22 | } 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/.gitignore: -------------------------------------------------------------------------------- 1 | _obj/ 2 | unix.test 3 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/aliases.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) && go1.9 6 | // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos 7 | // +build go1.9 8 | 9 | package unix 10 | 11 | import "syscall" 12 | 13 | type Signal = syscall.Signal 14 | type Errno = syscall.Errno 15 | type SysProcAttr = syscall.SysProcAttr 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/asm_aix_ppc64.s: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc 6 | // +build gc 7 | 8 | #include "textflag.h" 9 | 10 | // 11 | // System calls for ppc64, AIX are implemented in runtime/syscall_aix.go 12 | // 13 | 14 | TEXT ·syscall6(SB),NOSPLIT,$0-88 15 | JMP syscall·syscall6(SB) 16 | 17 | TEXT ·rawSyscall6(SB),NOSPLIT,$0-88 18 | JMP syscall·rawSyscall6(SB) 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/asm_solaris_amd64.s: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc 6 | // +build gc 7 | 8 | #include "textflag.h" 9 | 10 | // 11 | // System calls for amd64, Solaris are implemented in runtime/syscall_solaris.go 12 | // 13 | 14 | TEXT ·sysvicall6(SB),NOSPLIT,$0-88 15 | JMP syscall·sysvicall6(SB) 16 | 17 | TEXT ·rawSysvicall6(SB),NOSPLIT,$0-88 18 | JMP syscall·rawSysvicall6(SB) 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/constants.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos 6 | // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos 7 | 8 | package unix 9 | 10 | const ( 11 | R_OK = 0x4 12 | W_OK = 0x2 13 | X_OK = 0x1 14 | ) 15 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/endian_big.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | // 5 | //go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64 6 | // +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64 7 | 8 | package unix 9 | 10 | const isBigEndian = true 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/endian_little.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | // 5 | //go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh 6 | // +build 386 amd64 amd64p32 alpha arm arm64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh 7 | 8 | package unix 9 | 10 | const isBigEndian = false 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/errors_freebsd_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Constants that were deprecated or moved to enums in the FreeBSD headers. Keep 6 | // them here for backwards compatibility. 7 | 8 | package unix 9 | 10 | const ( 11 | DLT_HHDLC = 0x79 12 | IPV6_MIN_MEMBERSHIPS = 0x1f 13 | IP_MAX_SOURCE_FILTER = 0x400 14 | IP_MIN_MEMBERSHIPS = 0x1f 15 | RT_CACHING_CONTEXT = 0x1 16 | RT_NORTREF = 0x2 17 | ) 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) || (linux && ppc) 6 | // +build linux,386 linux,arm linux,mips linux,mipsle linux,ppc 7 | 8 | package unix 9 | 10 | func init() { 11 | // On 32-bit Linux systems, the fcntl syscall that matches Go's 12 | // Flock_t type is SYS_FCNTL64, not SYS_FCNTL. 13 | fcntl64Syscall = SYS_FCNTL64 14 | } 15 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gccgo && linux && amd64 6 | // +build gccgo,linux,amd64 7 | 8 | package unix 9 | 10 | import "syscall" 11 | 12 | //extern gettimeofday 13 | func realGettimeofday(*Timeval, *byte) int32 14 | 15 | func gettimeofday(tv *Timeval) (err syscall.Errno) { 16 | r := realGettimeofday(tv, nil) 17 | if r < 0 { 18 | return syscall.GetErrno() 19 | } 20 | return 0 21 | } 22 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/pagesize_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris 6 | // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris 7 | 8 | // For Unix, get the pagesize from the runtime. 9 | 10 | package unix 11 | 12 | import "syscall" 13 | 14 | func Getpagesize() int { 15 | return syscall.Getpagesize() 16 | } 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/ptrace_darwin.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build darwin && !ios 6 | // +build darwin,!ios 7 | 8 | package unix 9 | 10 | func ptrace(request int, pid int, addr uintptr, data uintptr) error { 11 | return ptrace1(request, pid, addr, data) 12 | } 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/ptrace_ios.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build ios 6 | // +build ios 7 | 8 | package unix 9 | 10 | func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { 11 | return ENOTSUP 12 | } 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/readdirent_getdents.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || dragonfly || freebsd || linux || netbsd || openbsd 6 | // +build aix dragonfly freebsd linux netbsd openbsd 7 | 8 | package unix 9 | 10 | // ReadDirent reads directory entries from fd and writes them into buf. 11 | func ReadDirent(fd int, buf []byte) (n int, err error) { 12 | return Getdents(fd, buf) 13 | } 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/sockcmsg_dragonfly.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package unix 6 | 7 | // Round the length of a raw sockaddr up to align it properly. 8 | func cmsgAlignOf(salen int) int { 9 | salign := SizeofPtr 10 | if SizeofPtr == 8 && !supportsABI(_dragonflyABIChangeVersion) { 11 | // 64-bit Dragonfly before the September 2019 ABI changes still requires 12 | // 32-bit aligned access to network subsystem. 13 | salign = 4 14 | } 15 | return (salen + salign - 1) & ^(salign - 1) 16 | } 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build amd64 && linux && gc 6 | // +build amd64,linux,gc 7 | 8 | package unix 9 | 10 | import "syscall" 11 | 12 | //go:noescape 13 | func gettimeofday(tv *Timeval) (err syscall.Errno) 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && gc 6 | // +build linux,gc 7 | 8 | package unix 9 | 10 | // SyscallNoError may be used instead of Syscall for syscalls that don't fail. 11 | func SyscallNoError(trap, a1, a2, a3 uintptr) (r1, r2 uintptr) 12 | 13 | // RawSyscallNoError may be used instead of RawSyscall for syscalls that don't 14 | // fail. 15 | func RawSyscallNoError(trap, a1, a2, a3 uintptr) (r1, r2 uintptr) 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && gc && 386 6 | // +build linux,gc,386 7 | 8 | package unix 9 | 10 | import "syscall" 11 | 12 | // Underlying system call writes to newoffset via pointer. 13 | // Implemented in assembly to avoid allocation. 14 | func seek(fd int, offset int64, whence int) (newoffset int64, err syscall.Errno) 15 | 16 | func socketcall(call int, a0, a1, a2, a3, a4, a5 uintptr) (n int, err syscall.Errno) 17 | func rawsocketcall(call int, a0, a1, a2, a3, a4, a5 uintptr) (n int, err syscall.Errno) 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build arm && gc && linux 6 | // +build arm,gc,linux 7 | 8 | package unix 9 | 10 | import "syscall" 11 | 12 | // Underlying system call writes to newoffset via pointer. 13 | // Implemented in assembly to avoid allocation. 14 | func seek(fd int, offset int64, whence int) (newoffset int64, err syscall.Errno) 15 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/aliases.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | // +build go1.9 7 | 8 | package windows 9 | 10 | import "syscall" 11 | 12 | type Errno = syscall.Errno 13 | type SysProcAttr = syscall.SysProcAttr 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/empty.s: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !go1.12 6 | // +build !go1.12 7 | 8 | // This file is here to allow bodyless functions with go:linkname for Go 1.11 9 | // and earlier (see https://golang.org/issue/23311). 10 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/mksyscall.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build generate 6 | 7 | package windows 8 | 9 | //go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go eventlog.go service.go syscall_windows.go security_windows.go 10 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/race0.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows,!race 6 | 7 | package windows 8 | 9 | import ( 10 | "unsafe" 11 | ) 12 | 13 | const raceenabled = false 14 | 15 | func raceAcquire(addr unsafe.Pointer) { 16 | } 17 | 18 | func raceReleaseMerge(addr unsafe.Pointer) { 19 | } 20 | 21 | func raceReadRange(addr unsafe.Pointer, len int) { 22 | } 23 | 24 | func raceWriteRange(addr unsafe.Pointer, len int) { 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/str.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | 7 | package windows 8 | 9 | func itoa(val int) string { // do it here rather than with fmt to avoid dependency 10 | if val < 0 { 11 | return "-" + itoa(-val) 12 | } 13 | var buf [32]byte // big enough for int64 14 | i := len(buf) - 1 15 | for val >= 10 { 16 | buf[i] = byte(val%10 + '0') 17 | i-- 18 | val /= 10 19 | } 20 | buf[i] = byte(val + '0') 21 | return string(buf[i:]) 22 | } 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/go.mod: -------------------------------------------------------------------------------- 1 | module golang.org/x/term 2 | 3 | go 1.11 4 | 5 | require golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 6 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/go.sum: -------------------------------------------------------------------------------- 1 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw= 2 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 3 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/term_unix_aix.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package term 6 | 7 | import "golang.org/x/sys/unix" 8 | 9 | const ioctlReadTermios = unix.TCGETS 10 | const ioctlWriteTermios = unix.TCSETS 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/term_unix_bsd.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build darwin dragonfly freebsd netbsd openbsd 6 | 7 | package term 8 | 9 | import "golang.org/x/sys/unix" 10 | 11 | const ioctlReadTermios = unix.TIOCGETA 12 | const ioctlWriteTermios = unix.TIOCSETA 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/term_unix_linux.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package term 6 | 7 | import "golang.org/x/sys/unix" 8 | 9 | const ioctlReadTermios = unix.TCGETS 10 | const ioctlWriteTermios = unix.TCSETS 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/term/term_unix_zos.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package term 6 | 7 | import "golang.org/x/sys/unix" 8 | 9 | const ioctlReadTermios = unix.TCGETS 10 | const ioctlWriteTermios = unix.TCSETS 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/text/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/text/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/gopkg.in/yaml.v2/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - "1.4.x" 5 | - "1.5.x" 6 | - "1.6.x" 7 | - "1.7.x" 8 | - "1.8.x" 9 | - "1.9.x" 10 | - "1.10.x" 11 | - "1.11.x" 12 | - "1.12.x" 13 | - "1.13.x" 14 | - "1.14.x" 15 | - "tip" 16 | 17 | go_import_path: gopkg.in/yaml.v2 18 | -------------------------------------------------------------------------------- /vendor/gopkg.in/yaml.v2/NOTICE: -------------------------------------------------------------------------------- 1 | Copyright 2011-2016 Canonical Ltd. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /vendor/gopkg.in/yaml.v2/go.mod: -------------------------------------------------------------------------------- 1 | module gopkg.in/yaml.v2 2 | 3 | go 1.15 4 | 5 | require gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 6 | -------------------------------------------------------------------------------- /vendor/gopkg.in/yaml.v3/NOTICE: -------------------------------------------------------------------------------- 1 | Copyright 2011-2016 Canonical Ltd. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /vendor/gopkg.in/yaml.v3/go.mod: -------------------------------------------------------------------------------- 1 | module "gopkg.in/yaml.v3" 2 | 3 | require ( 4 | "gopkg.in/check.v1" v0.0.0-20161208181325-20d25e280405 5 | ) 6 | --------------------------------------------------------------------------------