Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/goodwithtech/dockle

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
https://github.com/goodwithtech/dockle

Censor suspicious environment variables

hilariocoelho opened this pull request 4 days ago
Add parameters for sensitive files and sensitive file extensions

hilariocoelho opened this pull request 5 days ago
Add .env file to suspicious files list

hilariocoelho opened this pull request 5 days ago
Add support for $DOCKLE_REJECT_FILES

hilariocoelho opened this issue 10 days ago
add /.vex

tomoyamachi opened this pull request about 2 months ago
Dockle Error while scanning an Image built on a Gitlab SaaS Runner

raghur-orca opened this issue 2 months ago
Dockle Error while scanning Images with its Manifest Digest

raghur-orca opened this issue 2 months ago
#260 change documented level for CIS-DI-0006 to be INFO

BertelBB opened this pull request 3 months ago
CIS-DI-0006 is incorrectly documented as being of level WARN in project README

BertelBB opened this issue 3 months ago
Create codeql.yml

tomoyamachi opened this pull request 6 months ago
Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible

dependabot[bot] opened this pull request 7 months ago
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0

dependabot[bot] opened this pull request 7 months ago
dockle stopped working when updating docker to version 25

tgquan67 opened this issue 8 months ago
Bump github.com/containerd/containerd from 1.7.0 to 1.7.11

dependabot[bot] opened this pull request 8 months ago
chore: update stereoscope

pbalogh-sa opened this pull request 8 months ago
Bump github.com/opencontainers/runc from 1.1.10 to 1.1.12

dependabot[bot] opened this pull request 9 months ago
Invalid detection of CIS-DI-0010 if specfic versions are installed

030 opened this issue 10 months ago
How to use CIS-DI-0002 ?

nakatani2023 opened this issue 11 months ago
Add Windows release artifacts

AdrianDsg opened this pull request 11 months ago
Remove `tmp/` as a Suspicious Directory and Include Cloud Specific Configuration Files

RoseSecurity opened this pull request 12 months ago
Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible

dependabot[bot] opened this pull request 12 months ago
add archives release for loong64

qiangxuhui opened this pull request almost 1 year ago
"E2E-Testing" - recommended complementary use with other tools?

manuschillerdev opened this issue about 1 year ago
Bump golang.org/x/net from 0.7.0 to 0.17.0

dependabot[bot] opened this pull request about 1 year ago
Replace deckoder to stereoscope

pbalogh-sa opened this pull request about 1 year ago
Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4

dependabot[bot] opened this pull request about 1 year ago
add loong64 build support

qiangxuhui opened this pull request about 1 year ago
DKL-LI-0001 erroneously reported for Wolfi images

jemag opened this issue about 1 year ago
fix referred typo

testwill opened this pull request about 1 year ago
all flag use EnvVars

tomoyamachi opened this pull request about 1 year ago
add result summary at the sarif part

tomoyamachi opened this pull request about 1 year ago
action files use go v1.20

tomoyamachi opened this pull request about 1 year ago
update go version to v1.20

tomoyamachi opened this pull request about 1 year ago
chore: remove refs to deprecated io/ioutil

testwill opened this pull request over 1 year ago
update goreleaser format

tomoyamachi opened this pull request over 1 year ago
update deckoder for package updates

tomoyamachi opened this pull request over 1 year ago
check password format in Password assessor

tomoyamachi opened this pull request over 1 year ago
allow first add statement in config files

tomoyamachi opened this pull request over 1 year ago
I get an invalid error about ADD/COPY

GoliTech opened this issue over 1 year ago
How does Dockle work against multi-platform images?

rlaiola opened this issue over 1 year ago
Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible

dependabot[bot] opened this pull request over 1 year ago
Panic failure for amazon/dynamodb-local:1.13.1 image

ayala-orca opened this issue over 1 year ago
Bump github.com/docker/docker from 20.10.23+incompatible to 20.10.24+incompatible

dependabot[bot] opened this pull request over 1 year ago
Bump github.com/opencontainers/runc from 1.1.4 to 1.1.5

dependabot[bot] opened this pull request over 1 year ago
Include --no-network as well as --no-cache in DKL-DI-0004

philnichol opened this issue over 1 year ago
Bump golang.org/x/net from 0.5.0 to 0.7.0

dependabot[bot] opened this pull request over 1 year ago
Scanning ubuntu:22.04 failed

dtfans opened this issue over 1 year ago
update docker version for #211

tomoyamachi opened this pull request over 1 year ago
Change CIS-DI-0009's level from FATAL to WARN

dyferx opened this issue over 1 year ago
Problem scanning ubuntu images

zfLQ2qx2 opened this issue over 1 year ago
Update README to fix wrong license listing

lior-orca opened this pull request over 1 year ago
Stop alerting /tmp as suspicious directory (DKL-LI-0003)

zfLQ2qx2 opened this issue almost 2 years ago
add github action to readme

tomoyamachi opened this pull request almost 2 years ago
remove docker scheme from filename

tomoyamachi opened this pull request almost 2 years ago
Update go version v1.19

tomoyamachi opened this pull request almost 2 years ago
failure building with btrfs-progs 6.1

aminvakil opened this issue almost 2 years ago
FIX some vulnerbilities with go packages.

pyama86 opened this pull request almost 2 years ago
Is there an official GitHub Action for Dockle?

loganmarchione opened this issue almost 2 years ago
False-positive detection of CIS-DI-0009 for focal based dotnet images

ThorstenHans opened this issue almost 2 years ago
Sarif upload failure to GitHub action upload-sarif@v2

ndoell opened this issue almost 2 years ago
update modules

tomoyamachi opened this pull request almost 2 years ago
update github.com/sylabs/sif/v2 for CVE-2022-39237

pyama86 opened this pull request almost 2 years ago
fix: Include artifact locations in SARIF reports

twelvelabs opened this pull request almost 2 years ago
env key should not contain space

tomoyamachi opened this pull request almost 2 years ago
False positive : php:8.1.X-alpine

tomoyamachi opened this issue almost 2 years ago
add use-xdg option

tomoyamachi opened this pull request about 2 years ago
Stop using XDG_RUNTIME_DIR by default

tomoyamachi opened this issue about 2 years ago
Support Azure Container Registry

tomoyamachi opened this issue about 2 years ago
docker image scan error

masabow123 opened this issue about 2 years ago
Outputted SARIF file cannot be uploaded to Github Advanced Security

meriouma opened this issue about 2 years ago
CIS-DI-0010 Suspicious ENV key found

zfLQ2qx2 opened this issue about 2 years ago
scan the docker image error-unable to retrieve auth token

masabow123 opened this issue about 2 years ago
Skip assessment if environment variable is empty

tomoyamachi opened this pull request about 2 years ago
Add version-up confirmation flag and skip the latest version confirmation by default

tomoyamachi opened this pull request about 2 years ago
Avoid casting the result of fetchLocation

massongit opened this pull request over 2 years ago
Windows: Unable to initialize a image struct

rbairwell opened this issue over 2 years ago
Add instructions for Microsoft PowerShell

rbairwell opened this pull request over 2 years ago
pkg/assessor/manifest: Add sensitive variable names checks

qequ opened this pull request over 2 years ago
Using XDG_RUNTIME_DIR to get DOCKLE_HOST not working in GitHub runner

arman1371 opened this issue over 2 years ago
fix command of removing setgid permission

ru5j4r0 opened this pull request over 2 years ago
Add flag to skip latest version check progress.

steven-zou opened this issue over 2 years ago
CVE Need to be fixed

stefyvarghese opened this issue over 2 years ago
Verbose "not found version patterns" error

varas opened this pull request over 2 years ago
Fix fetch of latest version

massongit opened this pull request over 2 years ago
[CIS-DI-0010] -af option should support full path ?

romainPrignon opened this issue over 2 years ago
Dockle 0.4.6 release request

lior-orca opened this issue over 2 years ago
CIS-DI-0010 reported even when environment variable is empty

SIPR-octo opened this issue over 2 years ago
Missing releases after v0.4.2?

erzz opened this issue over 2 years ago
Move new app initialization out of main

lior-orca opened this pull request over 2 years ago
update modules

tomoyamachi opened this pull request over 2 years ago
Add docker tcp certificate path. Issue #175

craftyc0der opened this pull request over 2 years ago
Add docker tcp certificate path argument to dockle.

craftyc0der opened this issue over 2 years ago
Move new app initialization out of main

lior-orca opened this pull request over 2 years ago
containerd library update

l00zak opened this issue over 2 years ago
update docker login in action

tomoyamachi opened this pull request over 2 years ago
feat: accept docker daemon host via flag

developer-guy opened this pull request over 2 years ago
Support of Docker TCP port to scan local cache images on host machine

Dentrax opened this issue over 2 years ago
Gitlab CodeQuality style format output

romanqqpr opened this issue over 2 years ago
Add sponsorship

tomoyamachi opened this pull request over 2 years ago
[chore] Update go-sarif version

owenrumney opened this pull request over 2 years ago