search

lacework / go-sdk

A set of tools and libraries written in Go to interact with the Lacework platform.
Apache License 2.0
35 stars 25 forks source link

Ability to filter vulnerability results by CVSS score and fixability #126

Open ekelson-bcove opened 4 years ago

ekelson-bcove commented 4 years ago

for Usage: lacework vulnerability scan run <registry> <repository> <tag|digest> [flags]

It would be great to add two more flags:

Lastly as a possible stretch, it would be great to return a list of packages only that should be upgraded that can be via code

afiune commented 4 years ago

@ekelson-bcove Thank you so much for your feedback! 💯

We are about to start working on this feature, the two flags you mentioned resonate very well with us, though we are curious if you could elaborate a little more about the "possible stretch" feature:

it would be great to return a list of packages only that should be upgraded that can be via code

-- 🤔 Is this extra feature related to listing the packages that could be upgraded since they have a fixed version available?

afiune commented 4 years ago

@ekelson-bcove Hi there! We are still working on some of your feedback.

We recently released a new feature https://github.com/lacework/go-sdk/pull/149 that adds a --packages flag to vulnerability commands, maybe this is something that you can use internally that can help with the stretch feature you mentioned in this issue. As usual, we welcome any feedback! Thank you and we will keep you posted with more updates.

ekelson-bcove commented 4 years ago

Thanks and sorry I never replied. I wrote a response but it never got sent. I’ll try it out tomorrow!

On Tue, Jul 7, 2020 at 6:51 PM Salim Afiune notifications@github.com wrote:

@ekelson-bcove https://github.com/ekelson-bcove Hi there! We are still working on some of your feedback.

We recently released a new feature #149 https://github.com/lacework/go-sdk/pull/149 that adds a --packages flag to vulnerability commands, maybe this is something that you can use internally that can help with the stretch feature you mentioned in this issue. As usual, we welcome any feedback! Thank you and we will keep you posted with more updates.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/lacework/go-sdk/issues/126#issuecomment-655177087, or unsubscribe https://github.com/notifications/unsubscribe-auth/AE6E622YNM2447RGG4TOYQTR2ORI5ANCNFSM4NQ2ZYLA .

-- Eric Kelson Information Security Brightcove