log4shell documention for building from source is incorrect

lunasec-io / lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

https://www.lunasec.io/

Other

1.44k stars 164 forks source link

log4shell documention for building from source is incorrect #1162

Closed aregier closed 8 months ago

aregier commented 1 year ago

https://github.com/lunasec-io/lunasec/tree/master/lunatrace/cli/cmd/log4shell

This page states that the following build steps should work:

docker build . -t log4shell
docker run --network=host log4shell

However, there isn't even a Dockerfile in this project folder, so the steps don't work.

Short of that, would it be possible for lunasec to sign their executables in the download page with Apple so they are trusted binaries?

breadchris commented 1 year ago

hey @aregier thanks for raising this issue. Unfortunately we are not capable of maintaining this project anymore. The dockerfile you are looking for is located here https://github.com/lunasec-io/lunasec/blob/master/lunatrace/cli/docker/log4shell.dockerfile