default_branch_all_build_steps_as_codedefault_branch_blocks_force_pushdefault_branch_code_change_review_dismissal_restrictionsdefault_branch_must_dismiss_stale_approvalsdefault_branch_pipeline_locks_external_dependencies_for_build_processdefault_branch_pipeline_must_have_jobs_with_sbom_generationdefault_branch_pipelines_scan_for_vulnerabilitiesdefault_branch_pipelines_scanners_set_to_prevent_sensitive_datadefault_branch_protections_apply_to_adminsdefault_branch_requires_2_pull_request_reviewsdefault_branch_requires_code_owners_reviewdefault_branch_requires_signed_commitsdefault_branch_requires_status_checksdefault_branch_restrict_push_and_mergedefault_branch_setting_block_deletionorg_default_repo_permission_noneorg_default_repo_permission_none_readorg_domain_verifiedorg_member_mfa_enabledorg_members_cannot_create_reposorg_minimum_administrators_setorg_two_factor_requiredpublic_repo_has_security_md_filerepo_delete_branch_on_merge_enabledrepo_deletion_limited_to_trusted_usersrepo_inactive_members_reviewrepo_inactive_more_than_90_daysrepo_issue_deletion_limited_to_trusted_usersrepo_linear_history_enabledrepo_no_open_commentsrepo_open_branches_are_upto_date_before_mergerepo_should_have_two_adminsrepo_webhook_package_registery_security_settings_enabled
Query: repo_webhook_package_registery_security_settings_enabled
Usage
powerpipe query github_compliance.query.repo_webhook_package_registery_security_settings_enabled
Steampipe Tables
SQL
with hooks_info as ( select login as name, url, h as hook from github_my_organization, jsonb_array_elements(hooks) h union select name, url, h as hook from github_my_repository, jsonb_array_elements(hooks) h)select -- Required Columns url as resource, case when ( hook ->> 'active' = 'true' and ( hook -> 'config' ->> 'insecure_ssl' = '1' or hook -> 'config' ->> 'secret' is null or hook -> 'config' ->> 'url' not like '%https:%' ) ) then 'alarm' else 'ok' end as status, case when ( hook ->> 'active' = 'true' and ( hook -> 'config' ->> 'insecure_ssl' = '1' or hook -> 'config' ->> 'secret' is null or hook -> 'config' ->> 'url' not like '%https:%' ) ) then (hook ->> 'id') || ' is an insecure hook.' else (hook ->> 'id') || ' is a secure hook.' end as reason, -- Additional Dimensions namefrom hooks_info;
Controls
The query is being used by the following controls: