-
Hi Team,
We are using the following confluent images which are having vulnerability issues when scanned through twist cli & snyk. This restricts us from using the images for production environment.…
-
We aim to meet the OpenSSF Best Practices passing or higher badge level. One of the requirements is to run static code analysis on the project's source code.
See the "Analysis" section here: https:…
-
Hi!
Have this GitHub Action:
```
env:
LIC: ${{secrets.LIC}}
SNYK_TOKEN: ${{secrets.SNYK_TOKEN}}
REVIEWDOG_GITHUB_API_TOKEN: ${{secrets.REVIEWDOG_GITHUB_API_TOKEN}}
name: Review
on:…
-
There are two supposedly obsolete Dockerfiles in ot-ui-apps:
thehyve/ot-ui-apps:apps/genetics/Dockerfile
thehyve/ot-ui-apps:apps/platform/Dockerfile
We should remove them (open PR to EBI repo) and, i…
-
Snyk scan shows there are critical vulnerabilities in the following packages:
- dpkg (update to @1.19.8)
- glicb/libc6 (update to (@2.28.10+deb10u2)
- gnutls28/libgnutls30 (update to @3.6.7-4+deb1…
-
## Details
Doing a security scan on a website made using the latest version from Apostrohe v2, I've noticed that the moment.js version which is being imported on apostrophe-assets module is outdate…
-
Using your test data I see the following:
```
$ bomber scan bomber.spdx.json
██▄ ▄▀▄ █▄ ▄█ ██▄ ██▀ █▀▄
█▄█ ▀▄▀ █ ▀ █ █▄█ █▄▄ █▀▄
DKFM - DevOps Kung Fu Mafia
https://github.com/devops-kung-…
-
**Describe the bug**
https://snyk.io/vuln/SNYK-JS-JQUERY-565129 or search for jQuery vulnerability
**To Reproduce**
Accunetix security scan report indicates jQuery 2.4.2 has moderate risk vulnera…
-
👋 We use `grpc-health-probe` in the [OpenFGA project](https://www.cncf.io/projects/openfga/), and we actually embed the binary in our [built images](https://github.com/openfga/openfga/blob/main/Docker…
-
Requested by security
- Automate generation of report that demonstrates security controls/compliance
----------------------------------
Relevant recurity controls
Before allowing productio…