dmd report policy-violations
dmd report policy-violations
Report policy violations that are found for packages or dependencies in use
Usage
policy-violations
Synopsis
Report policy violations that are found for packages or dependencies in use, based on Open Policy Agent Policies
As an alternative to writing custom Advisories https://dmd.tanna.dev/cookbooks/custom-advisories/, you can leverage the power of Open Policy Agent to create Policies https://dmd.tanna.dev/concepts/policy/. See https://dmd.tanna.dev/cookbooks/custom-advisories-opa/ for more information on how to write them.
Once the data is generated via dmd db generate policy-violations, you can use this report to flag any non-compliance.
Options
| Flag (type) | Usage | Notes |
|---|---|---|
--csv
|
Whether to output as a CSV file |
|
-h, --help
|
help for policy-violations |
|
--level (string)
|
The violation level to report: [ERROR, WARN]. Empty string returns all |
|
--organisation (string)
|
Whether to filter policy violations by the given organisation that hosts the repository |
|
--out (string)
|
Where to output report(s) |
|
--owner (string)
|
Whether to filter policy violations by the underlying owner of the repository |
|
--platform (gitlab)
|
Whether to filter policy violations by the given platform that hosts the repository, for instance gitlab |
|
--repo (string)
|
Whether to filter policy violations by a specific repository name |
|
Options inherited from parent commands
| Flag (type) | Usage | Notes |
|---|---|---|
--db (string)
|
the path to the input/output database |
|
--debug
|
whether to enable debug logging |
|
Related
dmd report- Perform reports on the database