kics icon indicating copy to clipboard operation
kics copied to clipboard

bug(dockerfile): apt-get Missing '-y' To Avoid Manual Input`

Open SpikePy opened this issue 1 year ago • 1 comments

When linting a Dockerfile that has an apt-get install command I get the error 77783205-c4ca-4f80-bb80-c777f267c547 # APT-GET Missing '-y' To Avoid Manual Input. This is a false positive when using apt-get --quiet --quiet install sl or apt-get --yes install sl

Expected Behavior

  • No error is shown when using apt get --quiet --quiet as it implies -y/--yes
  • No error is shown when using apt get --yes which is the long form of -y

Actual Behavior

[Severity: LOW, Query description: Check if apt-get calls use the flag -y to avoid user manual input.] Problem found on 'docker/local-toolbox/Dockerfile_test' file in line 2. Expected value: {{RUN apt-get --yes install sl}} sould avoid manual input. Actual value: {{RUN apt-get --yes install sl}} doesn't avoid manual input.

SpikePy avatar May 14 '24 13:05 SpikePy

Hi @SpikePy ,

Thank you for your inputs! Our internal AppSec team soon will check it. We will keep you updated.

(APPSEC-2556)

gabriel-cx avatar May 14 '24 13:05 gabriel-cx

Hi @SpikePy,

We have merged the PR that addresses the false positive issue you reported. This should resolve the problem as described. However, if you encounter any further issues, please feel free to re-open this issue or create a new one if necessary.

Thank you for your contribution and feedback!

cx-artur-ribeiro avatar Jun 07 '24 13:06 cx-artur-ribeiro