logpresso / CVE-2021-44228-Scanner

Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
Apache License 2.0
852 stars 173 forks source link

Readonly Scanner Version #236

Closed ket000 closed 2 years ago

ket000 commented 2 years ago

Is there a possibility to just create a version that is without the fix option. This will help enterprise to give it to their project team members to safely run it without accidentally overwriting the configuration. I know user need to use --fix to enable the overwriting of file, but I will prefer a simple read only scanner with no capability to update the file.

xeraph commented 2 years ago

@ket000 Download package file from https://github.com/logpresso/CVE-2021-44228-Scanner/actions/runs/1656515197 It is automatically built by github action, so there is no digital sign of Logpresso.

thl-cmk commented 2 years ago

would be great to have this as an aditional regular build.

ket000 commented 2 years ago

Thanks for providing readonly scanner version. I agree, if we can eventually create a read only version for using it as a scanner. But for now this will work.