Please support scanning the portage tree/kits of ebuilds

mrl5 / vulner

Discover CVEs for packages installed by the portage

Mozilla Public License 2.0

7 stars 1 forks source link

Please support scanning the portage tree/kits of ebuilds #29

Closed seemantk closed 2 years ago

seemantk commented 2 years ago

Hello Jakub. vulner is very useful in its current state to understand the installed packages.

From the perspective of a Linux distro maintainer, I want to use vulner to check all the available packages for vulnerabilities so that we can proactively solve them , instead of waiting for users to run vulner and report issues.

mrl5 commented 2 years ago

after some discord discussion this CLI design looks most promising:

vulner scan --recursive -p /var/git/meta-repo
vulner scan -p /var/git/meta-repo/kits/core-kit

some alternative for meta-repo scan was:

vulner scan --adapter=meta-repo
vulner scan --adapter=meta-repo -p /some/custom/path/to/meta-repo

mrl5 commented 2 years ago

vulner scan --recursive -p /var/git/meta-rep part will be delivered in following commit