Closed timflyio closed 2 months ago
One more thing I just noticed is that the registry returns the same response for
When scantron gets that response, it returns a 500. Flyctl should probably collect these errors and report them, but not fail the whole vulnsummary command.
I also got a 400 scanning another org with this log line in scantron
level=warning msg="bad digest" client="172.16.1.98:41518" error="unsupported digest algorithm: " method=GET path=//@
Change Summary
What and Why: Add support for fetching SBOMs and vuln scans from scantron and presenting them to the user. This allows users to quickly determine if they may be affected by security issues.
How: add new commands "scan sbom" and "scan vulns", which query scantron fro sboms and scan data, and present them to the user.
Related to: scantron
Documentation