You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With at least one entrypoint annotation being made the norm in #154, this unlocks some new project level analytics capabilities. The one I think would be most useful is this:
For each entrypoint rule or package, programmatically run somethine like opa deps on each entrypoint.
Aggregate the dependencies reported from each invocation, and the rule "names" from each input policy.
If there are any rules in policy which aren't in the aggregated dependencies, report it as unused.
We'll need to make an exception for dynamic "general refs" rules here, and possibly some other dynamic constructs, but that's a drop in the ocean most policy projects. Some issues in how deps are calculated — there's a few open issues about this in OPA — could act as blockers here, but all the more reason to have these fixed upstream if so.
Some opa deps equivalence isn't likely be possible to pull of using only Rego and the AST, so this feels like a candidate for a second Go rule following the opa fmt one.
The text was updated successfully, but these errors were encountered:
With at least one entrypoint annotation being made the norm in #154, this unlocks some new project level analytics capabilities. The one I think would be most useful is this:
opa depson each entrypoint.We'll need to make an exception for dynamic "general refs" rules here, and possibly some other dynamic constructs, but that's a drop in the ocean most policy projects. Some issues in how deps are calculated — there's a few open issues about this in OPA — could act as blockers here, but all the more reason to have these fixed upstream if so.
Some
opa depsequivalence isn't likely be possible to pull of using only Rego and the AST, so this feels like a candidate for a second Go rule following theopa fmtone.The text was updated successfully, but these errors were encountered: