-
**Description**
This is related to https://github.com/sigstore/cosign/issues/1905
Currently, when trying to download a sbom attached to an image via a digest, it fails trying to look up for the …
-
Hi! I'm trying to adopt melange and apko for our build processes and found an issue which stops me from that. It is not currently possible to use apk repository with `http` scheme, index just ignored.…
-
**What would you like to be added**:
Every provider has unit tests that assert that it can process a representative sample of records - completeness of our ability to process provider data is asser…
-
Hey there [Chainguard](https://github.com/chainguard-dev) here.
We noticed that you are using [Chainguard Images](https://github.com/chainguard-images/images), thank you! We wanted to make you aware …
-
Hi @amouat , thanks for your presentation at Cloud Native SecurityCon.
As asked in the question time, it would be nice if apko can reproduce images including the versions of the apk package.
But…
-
Hi there. We are noticing a false positive for `CVE-2023-24329` on grype scans against Chainguard Linux images containing the apk package `python-3.11`.
Upon further investigation, it seems that t…
-
In order to make the menu changes needed for #3187, we'll need to move the "Getting Started" image guides to a dedicated "Tutorials" menu and leave the "reference" folder with only auto-generated docs…
-
As explained by one of Alpine's main developers, [glibc Alpine Linux is broken](https://ariadne.space/2021/08/26/there-is-no-such-thing-as-a-glibc-based-alpine-image/) and shouldn't be used. It is use…
-
## Goal
TODO
Today you can use the option `--policies-team` to target apply policies on a team basis. It would be advantageous to do the same but for queries via `--queries-team`.
## Context
…
-
```shell
./grype wolfi-base
✔ Vulnerability DB [no update available]
✔ Loaded image …