Puppet-lint check for vulnerable exec strings
Puppet code that uses exec resources that execute interpolated string commands are often vulnerable to shell execution. This new lint check identifies many of these. This talk runs through the check and how it works, how to run the check and how to integrate it into your own CI testing. It will talk about future Forge integrations. And it will go through the process of writing a puppet-lint plugin to encourage others to write more.