fridex
commented
2 years ago Open fridex opened 2 years ago
fridex
commented
2 years ago 
goern
commented
2 years ago /sig stack-guidance
codificat
commented
2 years ago Testing if project assignment works: /project SIG-Stack-Guidance
codificat
commented
2 years ago /project SIG-Stack-Guidance New
goern
commented
2 years ago /priority backlog
mayaCostantini
commented
2 years ago /assign
codificat
commented
2 years ago Reviewed in sig-sg meeting 2022-06-27:
sesheta
commented
1 year ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
/lifecycle stale
harshad16
commented
1 year ago /remove-lifecycle stale /lifecycle frozen
Is your feature request related to a problem? Please describe.
As a user of Thoth, I would like to submit my container image to Thoth services and Thoth should give me results of analyses that will tell me if content in the containerized environment is known and if there are any issues associated with the container image and its security.
Describe the solution you'd like
Extend container image analyses so that it not only explores what is present in the containerized environment, but can judge if the container image is find with respect to its content, libraries installed, provenance, and so.
Describe alternatives you've considered
Let users validate their container images, but that is too prone to errors.
Related: https://github.com/thoth-station/micropipenv/issues/206 Related: https://discuss.python.org/t/pip-installation-reports/12316