Open
Description
SUMMARY
Installing ansible-collections creates the following files that introduce failures in vulnerability scans:
/opt/ansible/.ansible/collections/ansible_collections/community/crypto/tests/unit/plugins/module_utils/acme/fixtures/privatekey_1.pem
/opt/ansible/.ansible/collections/ansible_collections/community/general/tests/integration/targets/mail/files/smtpserver.key
/opt/ansible/.ansible/collections/ansible_collections/community/general/tests/integration/targets/setup_tls/files/ca_key.pem
/opt/ansible/.ansible/collections/ansible_collections/community/general/tests/integration/targets/setup_tls/files/client_key.pem
/opt/ansible/.ansible/collections/ansible_collections/community/general/tests/integration/targets/setup_tls/files/server_key.pem
/opt/ansible/.ansible/collections/ansible_collections/community/crypto/plugins/module_utils/crypto/pem.py
ISSUE TYPE
- Security
COMPONENT NAME
ansible collections 1.2.1
Questions: Are these files needed? Can they be removed after installing collections? All but last seem to be related to tests.