Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up known-vulnerability scanning for container images #184

Open
ericcornelissen opened this issue Jan 11, 2024 · 0 comments
Open

Set up known-vulnerability scanning for container images #184

ericcornelissen opened this issue Jan 11, 2024 · 0 comments
Labels
help wanted Extra attention is needed security Relates to security

Comments

@ericcornelissen
Copy link
Owner

ericcornelissen commented Jan 11, 2024
edited
Loading

Relates to #136

Summary

Create a default audit command to audit container images (i.e. Containerfile.dev) so as to stay on secure base images.

Suggestions, tips, thoughts are welcome.

Goals

The solution:

  • (must) be runnable by anyone.
  • (must) allow for ignoring specific vulnerabilities manually.
  • (ideally) allows for ignoring vulnerabilities without fixes.
@ericcornelissen ericcornelissen added help wanted Extra attention is needed security Relates to security labels Jan 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed security Relates to security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ericcornelissen