Skip to content

Commit

Permalink
Update vuln_crit.rego
Browse files Browse the repository at this point in the history
  • Loading branch information
@furi0us333
furi0us333 authored Jul 5, 2024
1 parent 96f078e commit b05b602
Showing 1 changed file with 12 additions and 10 deletions.
22 changes: 12 additions & 10 deletions vuln_crit.rego
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
package policy
# METADATA
# title: Critical Software Vulnerability
# description: |
# Returns a violation if the package has a Critical software vulnerability

package policy.v1

import rego.v1
import data.phylum.domain
import data.phylum.level
import rego.v1

# Returns a violation if the package has a Critical software vulnerability
# METADATA
# scope: rule
# schemas:
# - data.issue: schema.issue
issue contains "Critical software vulnerability" if {
data.issue.domain == domain.VULNERABILITY
data.issue.severity > level.HIGH
# Critical software vulnerability
deny contains issue if {
some issue in data.issues
issue.domain == domain.VULNERABILITY
issue.severity == level.CRITICAL
}

0 comments on commit b05b602

Please sign in to comment.