baude
commented
9 years ago Adding a little granular input:
- Add small helper to determine if the inbound ID is a image or container ... using the statefile to determine that.
- Add key to the summary dict for d_type
- Add key to the summary for the container or image ID
-
Extra credit, make the cve list in the summary to including information of the cve itself, like maybe the title. so cves list could end up being a list of dicts. The extra information can be found in the results of a call to get_cve_info.
i.e. 'cves': [{'cve':'20151115', 'title': 'A super bad CVE'}, ...]
ajcollins0
Create a way to use xml_parse for a passive scan by passing it an image ID or container ID
Force the usage of a docker_state_file (which will allow us to parse without using the docker client) that will iterate through what the previous scan's information and list the affected Cid's and Iid's along with the time of the previous scan.
Return the edited summary as a dict from the summarize_cves function in xml_parse