-
Hi,
My team is building mcr.microsoft.com/devcontainers/python:3.11 as our base image. But the security scan alert our built image has vulnerability _Python (Pip) Security Update for setuptools (GH…
-
The current Maven ecosystem definition is "The Maven Java package ecosystem. The name field is a Maven package name.", which is a little vague.
We should clarify that this is referring to Maven Ce…
-
Describe your problem
---------------------
Use [trivy](https://github.com/aquasecurity/trivy) to scan the security issues in vineyardd image and get the following result.
```shell
$ trivy ima…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/5134
Originally posted by **ngraef** September 7, 2023
### Description
Trivy is giving inconsistent results between succe…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/6076
Originally posted by **d-t-w** February 7, 2024
### Description
Container scan fails with a permissions issue relate…
d-t-w updated
8 months ago
-
### User Story
As a developer
I expect to run docker images which contain library updates
So that we keep software upto date and reduce the vulnerability footprint
### Value / Purpose
Some recent i…
-
Hello, the [semantics of limit events](https://ossf.github.io/osv-schema/#limit-events) in the spec is very clear, but the logic behind it, and hence how to use it correctly in the real world, way les…
-
Hello
Thanks for your superb work. Ran into some bother with the latest user agent list...
**Removal Request**
https://uptimerobot.com/help/locations/
[Mozilla/5.0+(compatible; UptimeRobo…
-
#### What happened:
Trying to scan a pod containing a private image and it fails, public images are scanned.
```
$ oc logs scanner-zap2docker-stable-b72cafcd-4ccc-47cd-8e79-1fb6--1-jpr67 -n sbu-dev…
-
#43958 is the accepted proposal for introducing the x509.SetFallbackRoots API, and had a rough outline of the bundle module. We want to have a slightly different API for the bundle package than was or…