copacetic
copacetic copied to clipboard
project-copacetic
🧵 CLI tool for directly patching container images using reports from vulnerability scanners
### What kind of request is this? New feature ### What is your request or suggestion? investigate wolfi based images https://github.com/chainguard-images/images#chainguard-images cgr.dev/chainguard/go:1.19.4 (fixable vulns in git, openssl, libcrypto) cgr.dev/chainguard/cc-dynamic cgr.dev/chainguard/static...
Describe the changes in this pull request using active verbs such as _Add_, _Remove_, _Replace_ ... This PR has one little issue it is WIP. I am resolving it by...
### What kind of request is this? None ### What is your request or suggestion? https://github.com/project-copacetic/copacetic/blob/d648155f5424a9f4cb13acd7209195846791873b/pkg/pkgmgr/dpkg.go#L239C1-L240C1 Turning copacetic TODO comments into issues from https://docs.google.com/spreadsheets/d/1XwNj1J6e2FrUhlqaIsV10l8_tgov7WodlkvpNZXYZMU/edit#gid=1386834576. ### Are you willing to submit...
### What kind of request is this? None ### What is your request or suggestion? https://github.com/project-copacetic/copacetic/blob/d648155f5424a9f4cb13acd7209195846791873b/pkg/pkgmgr/apk.go#L161 Turning copacetic TODO comments into issues from https://docs.google.com/spreadsheets/d/1XwNj1J6e2FrUhlqaIsV10l8_tgov7WodlkvpNZXYZMU/edit#gid=1386834576. ### Are you willing to submit...
### Version of copa v0.6.2 ### Expected Behavior Given the trivy scan report of vulnerabilities, I would expect copa to patch the image ### Actual Behavior ``` Command failed with...
### What kind of request is this? Tracking Issue for [lfx-mentorship](https://github.com/cncf/mentoring/tree/a002554cea031e901a09d583146727cc399a5394/programs/lfx-mentorship) Jun - Aug 2024 to be worked on by mentee. ### What is your request or suggestion? The following...
adding guardrails for parsing OS version as per discussion Closes #438
Bumps [github.com/quay/claircore](https://github.com/quay/claircore) from 1.5.25 to 1.5.28. Release notes Sourced from github.com/quay/claircore's releases. v1.5.28 Release v1.5.28 - 2024-05-13 datastore: add vuln and enrich stream updates cpe: add match expression support v1.5.27...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.29.3 to 0.30.0. Commits 37988e5 Merge remote-tracking branch 'origin/master' into release-1.30 c857a38 Update x/net for CVE-2023-45288 0407311 followup to allow special characters 25164f7 Merge pull request #123435...
Bumps [github.com/docker/buildx](https://github.com/docker/buildx) from 0.13.1 to 0.14.0. Release notes Sourced from github.com/docker/buildx's releases. v0.14.0 Welcome to the 0.14.0 release of buildx! Please try out the release binaries and report any issues...
Metadata
Owner
Metadata
🧵 CLI tool for directly patching container images using reports from vulnerability scanners