Thanks for the question. I'm glad you asked, as this is a good opportunity to clarify. KICS uses sentry ( https://github.com/getsentry/sentry ) to track crashes of the software.
What is being tracked is the source go file and the line number the caused the crash. That's it. This gives the developers a lead to what they should investigate if/when a crash happens.
In this context, the environment variable you asked about is confusing and we'll change that. Do you want to report an issue or should I ?
Hi, I have a finding on kics which states:
Passwords And Secrets In Infrastructure Code, Severity: HIGH
And the actual code is a Kubernetes Helm chart which is pointing to a secret, and not the password itself:
existingSecret: enabled: true name: "bitwardensmtp" userKey: "username" passwordKey: "password"
Is there a way to tell KICS to ignore this finding?
--libraries-pathflag and the
--queries-pathflag now fetches remote repositories with go-getter. Check out the changes and new features in the latest release in our GitHub repository: https://github.com/Checkmarx/kics/releases/tag/v1.4.2
--disable-secretsflag and new
--secrets-regexes-pathflag, also flag
--libraries-pathsupports git repositories and compressed files. Check out the changes and new features in the latest release in our GitHub repository: https://github.com/Checkmarx/kics/releases/tag/v1.4.3