Andrew O.
Andrew O.
@l0rd @amisevsk Thank you both for the thoughtful input. > In addition, we could consider whether we want to allow configuration at a workspace level or a per-project level (or...
/remove-lifecycle stale
@tolusha I'm actually (slowly) still working on this issue, though it's low priority since no one has actively requested for it.
/remove-lifecycle stale
/remove-lifecycle stale
I can't comment on whether the security vulnerabilities currently present in the UDI are acceptable for your use case. However, I see that at least 5 high severity vulnerabilities are...
/remove-lifecycle stale
> Thanks for your reply.. I did check the redhat UDI image ..it is also have the vulnerabilities. Sorry for the very slow reply. There are [0 critical vulnerabilities](https://catalog.redhat.com/software/containers/devspaces/udi-rhel8/622bce914a14c05796114be4?q=universal%20developer%20image&architecture=amd64&image=6639fcdc52e542169783fee1&container-tabs=security) in...
Copying some information from a [downstream UDI issue](https://issues.redhat.com/projects/CRW/issues/CRW-4812) that was actually detailing a CVE present in the upstream UDI: The upstream UDI image [quay.io/devfile/universal-developer-image:ubi8-latest](http://quay.io/devfile/universal-developer-image:ubi8-latest) currently has the critical security vulnerability...
> hey @AObuchow thanks for the reply. may be it is because of chmod for passwd file. > > TR Deb Yes, this is something we are currently looking into....