Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
https://github.com/goodwithtech/dockle
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.10 to 1....
e3f1396fca8b873f997c9fd51e1db455bdc501a8 authored 8 months ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>61a2fccb44fd4bac8f4825e74854acf3f4fac7a2 authored 9 months ago by qiangxuhui <[email protected]>
* update library version and go version
* update go version in dev envs
b08d9a3800bdaf5fb21c010a8dea371e36fa5ca8 authored 9 months ago by Tomoya Amachi <[email protected]>9f6e9000d466d138579607526922da930cd56902 authored 9 months ago by RoseSecurity <[email protected]>
e8d60f47c5029808aa10dfd6cbaf92646cf69ea7 authored about 1 year ago by qiangxuhui <[email protected]>
99677e8f23e23b06256136bb5dcedf81b3da4b67 authored about 1 year ago by guangwu <[email protected]>
2766b1e7cab221dcde0fd7998efba2b87d8a0bd3 authored about 1 year ago by Tomoya Amachi <[email protected]>
f15f69c76557469ab685966ca62433580ac56e73 authored about 1 year ago by Tomoya Amachi <[email protected]>
ecfb9e5a4baf3c258139a9b46e140372e0fbaa46 authored about 1 year ago by Tomoya Amachi <[email protected]>
a104d5d7de0dad7d8d1144532fe428a9c17a6c29 authored about 1 year ago by Tomoya Amachi <[email protected]>
3c8fd181d33d9eb6ec7697311af2531bf5f1a744 authored over 1 year ago by guangwu <[email protected]>
a63473bf21562bd498076eba368bc1e360318718 authored over 1 year ago by Tomoya Amachi <[email protected]>
3f380523388923ed83da475f394cd2be818d8147 authored over 1 year ago by Tomoya Amachi <[email protected]>
e90eb9d501f50c7dcc162e7cc8009683813369e3 authored over 1 year ago by Tomoya Amachi <[email protected]>
53e02954cabfcac325bedb0ff66407755d83579a authored over 1 year ago by Tomoya Amachi <[email protected]>
a8fc62332976eaff8f53f93d6ac6b2c416854c92 authored over 1 year ago by Tomoya Amachi <[email protected]>
Noticed the license in the README was wrong...
62645c1b068034bbdc79fd935bc82a7178104efe authored over 1 year ago by lior-orca <[email protected]>8d04827b063fe0ab412574498dc962439b6573a3 authored almost 2 years ago by Tomoya Amachi <[email protected]>
7ebf66313da139513d5cc694458be83236a97eb4 authored almost 2 years ago by Tomoya Amachi <[email protected]>
* update go version
* update dockerfile
* update github.com/sylabs/sif/v2 for CVE-2022-39237
refs: https://avd.aquasec.com/nvd/cve-20...
09d597ce1e5d92e9050ea4867ea07f78ef4ad33b authored almost 2 years ago by Kazuhiko Yamashita <[email protected]>This should allow them to be uploaded to GitHub.
Fixes #197
7d067d8b8a241453c146421a908a3fafe7dc8039 authored almost 2 years ago by Skip Baney <[email protected]>3fbe4cf09cfdf6cae0172151418491a81ee7acae authored almost 2 years ago by Tomoya Amachi <[email protected]>
87ae7130f6a319ac967ee6af0e7a8b36aa2a214e authored about 2 years ago by Tomoya Amachi <[email protected]>
43736af84d3b621827a7f4043f604cf7e70a1b46 authored about 2 years ago by Tomoya AMACHI <[email protected]>
ff13dd0e96b38d828660a07aa13b64d39b120ed8 authored about 2 years ago by Tomoya Amachi <[email protected]>
* Add version-up confirmation flag and skip the latest version confirmation by default
* fix ...
d62b9635f33d9913283e30f55ee912d5d1c53031 authored about 2 years ago by Tomoya Amachi <[email protected]>* pkg/assessor/manifest: Add sensitive/suspicious vars checking to history cmds
Signed-off-by...
b7b64e3bd005889bfd65e61eca2f5eff67d1535f authored about 2 years ago by Alvaro Frias <[email protected]>da1a15cbf83b6b686beb355080b0acce6cdd3f3d authored about 2 years ago by Masaya Suzuki <[email protected]>
These are the necessary instructions for downloading Dockle for Windows 64bit using Microsoft Po...
fce73ce0ea5b0ccb42acc4f357f6492951191ed5 authored over 2 years ago by Richard Bairwell <[email protected]>becf0d81c4c1acea0e58efddf31b12b5745a6f2c authored over 2 years ago by ru5j4r0 <[email protected]>
Current "not found version patterns" does not provide any clue about what response payload it is...
d8c63cb3d5c2a85e77a93a245fb5009986afcefe authored over 2 years ago by jhvaras <[email protected]>08071c0fe32c528380e8ea8dcd8463a2c57b80fa authored over 2 years ago by Masaya Suzuki <[email protected]>
b9072c973f637e4f62b8c0bf49df705b118c4637 authored over 2 years ago by lior-orca <[email protected]>
* update modules
f39e9320bd979325b2fbea9b1ce40192be751183 authored over 2 years ago by Tomoya Amachi <[email protected]>5a874fba26150648075036b0eb5bea99da20b4e3 authored over 2 years ago by Joshua Oster-Morris <[email protected]>
* feat: accept docker daemon host via flag
Fixes #170
Signed-off-by: Batuhan Apaydın <batuha...
ed3312ad7cc5095ad37928b267c3657b68007efe authored over 2 years ago by Batuhan Apaydın <[email protected]>* update docker login in action
* add allowedlist.yaml
a4295a7c9bc4e5f276bd21a9ff0186bbff9da2f1 authored over 2 years ago by Tomoya Amachi <[email protected]>* add sponsored link to readme
081a52be2139586966e4b4d75a6e4471286b5656 authored over 2 years ago by Tomoya Amachi <[email protected]>Updating to v2 opens up the potential to write fuller SARIF reports
88a6bf7245de02193b5313ce0443dc14b3c38a31 authored over 2 years ago by Owen Rumney <[email protected]>555c918bdcb161660955b5f2acb21ccb8527cf7c authored over 2 years ago by Peter Mosmans <[email protected]>
* Add the option to run Dockle programmatically
09a495f7ac0e4c25d12b3787959e563913a910a2 authored almost 3 years ago by lior-orca <[email protected]>15cfad27dfcff96e3209dc7495bb7f98b7baebf6 authored almost 3 years ago by Amin Vakil <[email protected]>
7d78eb3ca0552bff2f86a18438f7538413eca6d1 authored almost 3 years ago by Mathew Fleisch <[email protected]>
* stop to check file extensions that high likelihood of false positives
* ignore config.json
6b27dc5dcdf5e7d3a8dc4d0bd8cf3d3b2fcecb7b authored about 3 years ago by Tomoya Amachi <[email protected]>a80c45b2ac1755206ad01f071a51ca1b26ca56dd authored about 3 years ago by Tomoya Amachi <[email protected]>
4e1ad0d1596db9181fd75590e52ab7848b58370d authored about 3 years ago by Tomoya Amachi <[email protected]>
* bugfix: DKL-DI-0005 false positive #151
* test failed rondomly if apt command check orders
ff9e964ce455d8e684177b6684aae8c4a386a77f authored about 3 years ago by Tomoya Amachi <[email protected]>* check files with file extension and add accept-key option
* add accept-file-extension optio...
bba0267871bb25a17e8dd2fac318fb3fa846090e authored about 3 years ago by Tomoya Amachi <[email protected]>b68ff92da2e7d6c9fc908b45b375230fa9613833 authored about 3 years ago by Tomoya Amachi <[email protected]>
* IGNORE level results only show in debug mode
* add test code
d873a3dcc2a81ae58c7d3034d976ffe96107836b authored about 3 years ago by Tomoya Amachi <[email protected]>3feabf00b50ea8489da79f01f3da7ef9bc5ef138 authored about 3 years ago by Tomoya Amachi <[email protected]>
a5e41602ee5ef50488dd14927fcc2d06dd8d358e authored about 3 years ago by Tomoya Amachi <[email protected]>
ab4d6f16e86163b2310da0491b04258d881e5889 authored about 3 years ago by Tomoya Amachi <[email protected]>
565c55ff52716396157b53e235ead1cc52337fe8 authored about 3 years ago by Tomoya Amachi <[email protected]>
5b8359779266c841c2fcf604bab87da9b66e5fb7 authored about 3 years ago by Tomoya Amachi <[email protected]>
deee6fe89423505925331b9d04995153c50f3d93 authored about 3 years ago by Tomoya Amachi <[email protected]>
d619c56f3907eb8efc419a929ba1e23dca6bca58 authored about 3 years ago by Tomoya Amachi <[email protected]>
0e44bbb29a3ac40923810a62f7ebe2d8fad0b825 authored about 3 years ago by Tomoya Amachi <[email protected]>
* check about ADD statement even if built by buildkit
* add manifest test
* use alpine:3.14
delete $ prefix from command examples
2f941a8c8a889559c0953e8272870136f34bfd78 authored about 3 years ago by VishalLahane <[email protected]>According to the SARIF Standard section 3.27.10, "warning" should be used instead of "warn"
4298b9d9ef29db21937696b3294974d4378fdf2a authored about 3 years ago by Malte Laukötter <[email protected]>f5b52b0896169d248664d1d0b422a6a99fa889bb authored over 3 years ago by Tomoya Amachi <[email protected]>
53d608fe639ccd384403375d2ecd264c1ba7c4a8 authored over 3 years ago by Tomoya Amachi <[email protected]>
* add SarifWriter
* use severity-threshold
20257ec3c17debfdcbd854873e4d152297d5c3a4 authored over 3 years ago by Tomoya Amachi <[email protected]>
4737e6650b1ac813c4d283562ae094f3eb9b162d authored over 3 years ago by Tomoya Amachi <[email protected]>
6f1457a8652a0c6d615bacf9d91d83bf607b8107 authored over 3 years ago by Tomoya Amachi <[email protected]>
* remove alerts for upgrade and relabel dist-upgrade to warn level
ed895e7bd196edf1c76d328a26b652dbd9c114e2 authored over 3 years ago by Tomoya Amachi <[email protected]>* bugfix: read user/pass from environment variables
* add DOCKLE_INSECURE env var
94101bdcf6b7654db7dd934cf1544a1bb3c96a2b authored over 3 years ago by Tomoya Amachi <[email protected]>139710238d4622d5efa4b8d4dc7d7f915e07833c authored over 3 years ago by Tomoya Amachi <[email protected]>
8e4e03c54ad9c0c97c3f9f1448657a20e5cd93ed authored over 3 years ago by Tomoya Amachi <[email protected]>
0be38abb0e2bf5c2a00497f0fbdf73564b4fcf82 authored over 3 years ago by Tomoya Amachi <[email protected]>
* create Dockerfile.releaser
835f41a0335ae9d91fb76412c00bad317efbd801 authored over 3 years ago by Tomoya Amachi <[email protected]>bc9c5a6a624855271b294212f6967f1979db9925 authored over 3 years ago by Tomoya Amachi <[email protected]>
* ci only runs on github actions
* fix releasebuild.yaml
36bf038ca99a532b8492e647b182600b96aed0c8 authored over 3 years ago by Tomoya Amachi <[email protected]>
* replace github to tap
* goreleaser set macOS
ce6517e747a7b89ca0a4281a2f609ca5d2c34e65 authored over 3 years ago by Tomoya Amachi <[email protected]>
* update alpine image version
861181174c2445414c7bfec9d04ce80b146b6c11 authored over 3 years ago by Tomoya Amachi <[email protected]>aa9cdd46f02d5dde0195ccf6c550fa2d46893ae2 authored over 3 years ago by Tomoya Amachi <[email protected]>
9e2f6e91a6bbe7c4fddcbeb4b509a1d9cc1e72b7 authored over 3 years ago by Tomoya Amachi <[email protected]>
46b6219e05831fd1ce27a9b2ce7d791e9d74ffaa authored over 3 years ago by Tomoya Amachi <[email protected]>
* Create main.yml
* Create build-scan-on-push.yml
* Update Dockerfile
The output looks cleaner (file modes are more probably fixed-width)
and is in line with the out...
4ed260e4e88249d725375cf25ce456d2f33e74e0 authored about 4 years ago by Tomoya AMACHI <[email protected]>
* fix goreleaser
* only build for darwin, linux, windows
2c5e9cb73fa496a25282702aa7571900964a02f1 authored about 4 years ago by Tomoya Amachi <[email protected]>3362779bb1af6d10b762089cc9bb5c5c10399760 authored about 4 years ago by Tomoya AMACHI <[email protected]>
d6850e4209d0619f96c7d5af498c5164abca7abc authored about 4 years ago by Tomoya AMACHI <[email protected]>
16403624d06144bd8ad292bd550248d4040494ac authored about 4 years ago by Tomoya Amachi <[email protected]>
81a98616bfc3dd264397a0614492dc888e39059e authored over 4 years ago by Tomoya Amachi <[email protected]>
* use opencontainers
* update circleci
a061c5500fa6300a34f0a41d1280253ecb8135f4 authored almost 5 years ago by Tomoya AMACHI <[email protected]>
be387ef6ad83d68dcc3f2e65a03e422a608d4775 authored almost 5 years ago by Tomoya AMACHI <[email protected]>
165eed9c99690764e88c253f66357cde6e478e4d authored almost 5 years ago by Tomoya Amachi <[email protected]>
44e9a38667dff5fabaf8e7cb2a638ae71925fd01 authored almost 5 years ago by Tomoya Amachi <[email protected]>
* add description to skip level struct
* fix writer packages
* add scratch test and use ta...
45652a8321f61108caa7f6c74982059fb67659e5 authored almost 5 years ago by Tomoya Amachi <[email protected]>* scan with context
* change structure
a0f80691c9b6a6d095480f26622892cbd0ec45f4 authored almost 5 years ago by Tomoya Amachi <[email protected]>445f106d08b6510e486629cbabea97233a20ff28 authored almost 5 years ago by Tomoya Amachi <[email protected]>
* check permissions in any dir
* check all setuid, setgid & fix test
e5d05a2fc212901e32ceaac6c7959b1e3fa6b13a authored almost 5 years ago by Tomoya Amachi <[email protected]>Suspitcious -> Suspicious
9f1048c757e52c67a284e058f3f02c01aa405c29 authored almost 5 years ago by Max Wittig <[email protected]>