internal/vulnerability/events_creator.go (13 lines): - line 190: // TODO: Replace sequence with more generic approach - line 233: // TODO: Support more services - line 252: // TODO: Should we fail the event if we can't enrich the cloud section? - line 260: // TODO: Investigate how to get the full os name - line 270: // TODO: Should we fail the event if we can't enrich the host section? - line 281: // TODO: Should we fail the event if we can't enrich the network section? - line 287: // TODO: Maybe configure or get from somewhere else? - line 291: // TODO: Replace sequence with more generic approach - line 306: // TODO: Replace sequence with more generic approach - line 307: // TODO: Do we need to add the ReportID duplication if we already have the sequence in event? - line 315: // TODO: Populate with what? - line 338: // TODO: These sections might be overridden by the enricher of proccessor - line 492: // TODO: We need to find a better solution for this, it wastes resources internal/vulnerability/scanner.go (4 lines): - line 63: // TODO: Replace sequence with more generic approach - line 73: // TODO: Replace sequence with more generic approach - line 122: // TODO: Make configurable - line 199: // TODO: Replace sequence with more generic approach internal/resources/providers/awslib/ec2/ec2_instance.go (4 lines): - line 44: // TODO: check if this is the correct ARN - line 70: // TODO: Use genertic implementation with custom functions - line 79: // TODO: Use genertic implementation with custom functions - line 88: // TODO: Use genertic implementation with custom functions internal/resources/providers/awslib/ec2/ebs_snapshot.go (2 lines): - line 40: // TODO: check if this is the correct ARN - line 45: // TODO: From tags? internal/vulnerability/verifier.go (2 lines): - line 59: // TODO: Maybe verify more than one snapshot - line 108: // TODO: Add a layer of "smart" cache to avoid checking and sending the same snapshot security-policies/bundle/compliance/policy/process/ensure_arguments_and_config.rego (2 lines): - line 82: # TODO: object.get needs to be provided with a default value to assign - line 90: # TODO: This is a "hack" to avoid returning undefined values and recognize when there is no value internal/resources/fetching/fetchers/k8s/kube_fetcher.go (1 line): - line 126: // happens due to a context.TODO present in the libbeat dependency. It needs to accept context internal/vulnerability/worker.go (1 line): - line 62: // TODO: Replace sequence with more generic approach internal/resources/fetching/fetchers/azure/batch_fetcher.go (1 line): - line 142: // TODO: Make sure ActivityLogAlerts are not location scoped (benchmarks do not check location) internal/resources/providers/awslib/ec2_metadata_provider.go (1 line): - line 39: // TODO: mock local struct internal/resources/providers/awslib/s3/s3.go (1 line): - line 42: // TODO: This can be better typed, but this is a complex object. See this library for example: https://github.com/liamg/iamgo/ internal/vulnerability/runner.go (1 line): - line 48: // TODO: Make configurable security-policies/bundle/compliance/policy/process/ensure_appropriate_arguments.rego (1 line): - line 15: # TODO: Change index access to cycle internal/dataprovider/providers/cloud/data_provider.go (1 line): - line 34: // TODO: update fields names when an ECS field is decided internal/resources/providers/awslib/ec2/provider.go (1 line): - line 307: // TODO: Maybe we should bulk request snapshots? internal/beater/validator.go (1 line): - line 34: // TODO: Should we check something? deploy/test-environments/elk-stack/main.tf (1 line): - line 71: region_id = "aws-us-east-1" # TODO: replace with var.ess_region when more regions are supported