Feature: Improve --show-details for Pinned-Dependencies when a certain type of file doesn't exist #2679
Labels
kind/enhancement
New feature or request
Comments
|
Stale issue message - this issue will be closed in 7 days |
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
The Pinned-Dependencies check scans three types of files: workflows, Dockerfiles and shell scripts. If a certain type of file doesn't exist,
--show-detailsoutputs the same thing as if there was such a file and it was correctly pinned.For example, a repo with no Dockerfiles gets:
Info: Dockerfile dependencies are pinned Info: no insecure (not pinned by hash) dependency downloads found in Dockerfiles.Describe the solution you'd like
When there are no files of a certain class,
--show-detailsshould say so:Info: No Dockerfile found.The text was updated successfully, but these errors were encountered: