OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
vdb6 is switching to a sqlite db from the current file-based one. xz compression seems to be performing well with sqlite compared to nydus rafs - 174MB vs 496MB with the latest.
/mnt/work ls -lh rafs_out total 497M
-rw-r--r-- 1 prabhu prabhu 496M Mar 19 14:16 data.rafs
-rw-r--r-- 1 prabhu prabhu 1.2M Mar 19 14:16 meta.rafs
/mnt/work ls -lh vdb total 13G
-rw-r--r-- 1 prabhu prabhu 434M Mar 19 14:15 data.index.vdb6
-rw-r--r-- 1 prabhu prabhu 34M Mar 19 14:15 data.index.vdb6.tar.xz
-rw-r--r-- 1 prabhu prabhu 13G Mar 19 14:15 data.vdb6
-rw-r--r-- 1 prabhu prabhu 140M Mar 19 14:15 data.vdb6.tar.xz
vdb6 is switching to a sqlite db from the current file-based one. xz compression seems to be performing well with sqlite compared to nydus rafs - 174MB vs 496MB with the latest.