puppet-wp icon indicating copy to clipboard operation
puppet-wp copied to clipboard
verified publisher icon Chassis

Potential security code smells

Open danielfobooss opened this issue 3 years ago • 1 comments

Hi! I'm building a linter to detect security vulnerabilities for puppet scripts. Our linter found some smells that might lead to vulnerabilities such as weak passwords and hard coded secrets. It would be important to get your feedback since you have more context on the application than we do. How can we discuss this in private? I didn't find any vulnerability disclosure guidelines. Thanks!

danielfobooss avatar Apr 27 '22 15:04 danielfobooss

Hey @danielfobooss! Thanks for touching base about this. We've published this package for spinning up local development VMs and it's not intended for production use. However, if you think it's worth chatting about further you can email me. Thanks!

BronsonQuick avatar Apr 27 '22 23:04 BronsonQuick