containers icon indicating copy to clipboard operation
containers copied to clipboard
verified publisher icon adoptium

Discuss SSDF related requirements for containers

Open smlambert opened this issue 3 years ago • 2 comments

This is an umbrella issue is to outline SSDF (Secure Software Development Framework) requirements, assess what is already being done upstream in terms of scanning and security, determine any gaps that remain, and then design a best path forward for the project. On-going maintenance burden and approach for handling changes and schedules in the underlying base image need to also be considered.

Related: https://github.com/adoptium/adoptium/issues/120, https://github.com/adoptium/containers/pull/260

smlambert avatar Aug 24 '22 14:08 smlambert

https://github.com/adoptium/containers/issues/275 is another sighting of this.

jerboaa avatar Sep 08 '22 08:09 jerboaa

https://github.com/adoptium/containers/pull/260#issuecomment-1227801055 as relevant comment from a linked draft PR.

smlambert avatar Nov 04 '22 14:11 smlambert