-
See https://apk.dag.dev/https/packages.wolfi.dev/os/aarch64/libcap-2.69-r1.apk@sha1:770a2cb5273333ca8122f08b0b65db1aab9dd689/.PKGINFO?all=true
We have a `depend = so:libpsx.so.2` line, but if you l…
-
When using server like artifactory, that maintains the `.rsa.pub` keys on URL like:
```
https://artifactoryHostFoo/artifactory/api/security/keypair/public/repositories/development-alpine-virtual
`…
-
With this config in my ghaction:
```
- name: Cache Docker images.
uses: ScribeMD/docker-cache@0.3.3
with:
key: docker-${{ runner.os }}-${{ hashFiles('Makefile', 'd…
-
**What would you like to be added**:
Hello again Benji!
So I am wanting to install xeol via `go install` or `go get`. I think I am probably just doing something wrong but if not just wanted to see i…
-
**Describe the bug**
The command to verify SBOMs using `cosign verify-attestation` returns an saying that `--platform` is an unknown flag.
**To Reproduce**
Steps to reproduce the behavior:
1. Go…
-
It would be nice to see a base image which could be used to generate distroless docker images which contain an app which was build using [GraalVM SubstrateVM](https://github.com/oracle/graal/tree/mast…
-
### What happened?
I scanned the docker image of chromadb via [trivy](https://github.com/aquasecurity/trivy) and found that there are 325 vulnerabilties. [scan-result.json](https://github.com/chroma-…
-
We need to add license boilerplates to the code. Before doing it, we need to think who will be the collective holder of the copyright. Ideas? I propose this but feel free to suggest other ideas below…
-
https://github.com/chainguard-dev/rules_apko provides a nice solution for Alpine. We may want something similar for Debian.
apt-get does things like:
- install transitive packages
- write to `/…
-
- Record created and lastUpdated timestamps on autodocs-generated pages
- Show information about when the doc was last updated
- Add link to the chainguard registry explorer tool (tags history page) s…