static-analysis

Describe the issue
I wouldn't expect to get the alert if not defined explicitly.

Examples
https://github.com/hashicorp/terraform-provider-google/releases/tag/v4.0.0

Version (please complete the following information):

• Checkov Version 2.0.780

W0402 (deprecated-module) error message says "Uses of a deprecated module 'optparse'".

I think it should say "Use of a deprecated module 'optparse'" instead of "Uses". Either "Use", or "Usage". "Uses" seems grammatically incorrect to me. What do you think?

Elm has the option to output errors as JSON (via a flag), and something like that is handy for writing tooling around it. I'm trying to integrate pytype into ALE and this would make it a lot easier.

Describe the desired feature

Look for whenNotPaused (including in internal functions) and show all the entry points that can be reached when the contract is paused

I wrote some of the code to do this in a branch https://github.com/python-security/pyt/compare/class_based_views, but since I'm working on other things and this feature seems cool and important I'm making this issue 👍

Let me know if you would like any help in implementing.

The CodeChecker cmd subcommand communicates with the server via Thrift, and on a Jenkins docker image, I have tried to use it to get run information from a local CodeChecker server. The output of the CodeChecker cmd runs command was just the help message. I have found out that using a proxy is not supported right now, and the issue was solved by disabling proxy via unsetting the environmental

Is this a request for help?: Yes

Is this a BUG REPORT or a FEATURE REQUEST? (choose one): FEATURE REQUEST

Can we add a option to allow the engine update vulnerabilities database through specific proxy ser

Right now (in precommit.py) we only enable a few checks (E9, F63, F7, F82).

Looks like there are a lot of other useful ones in there; investigate moving to a set of blocklisted checks.

Hi,

Are there any plans to support junitxml output support? This would make it easier to integrate into CI/CD pipelines with reports and metrics.

Thanks