Sertaç Özercan
Sertaç Özercan
I like this idea! It might be good to collect/consume this info from [KBOM](https://aquasecurity.github.io/trivy/v0.50/docs/target/kubernetes/#kbom) (and/or pluggable other sources) instead of querying cluster(s) directly. An operator running in cluster(s) (like trivy-operator)...
@jimmyraywv There's no mechanism to disable audit selectively per constraint today (it can only be disabled as a whole or on a namespace level). There's a design doc that we...
@DmitriyLewen thanks for reply! Prometheus has over [2k+ dependants](https://github.com/prometheus/prometheus/network/dependents?dependent_type=REPOSITORY&package_id=UGFja2FnZS0yMjY0ODE1OTI5), it will be a breaking change for anyone using it as a library. Adding to .trivyignore will work for our CI...
not stale but i am not sure if there is a fix for this
Options are different personas here; for ratify, it would be admin while handing in rego is policy author as a Gatekeeper external data provider. If ratify wants to validate SLSA...
tracked in https://github.com/containerd/containerd/pull/7944 now
looks like containerd pr got merged
@inFocus7 sounds great! i don't think anyone has been working on this. assigned to you. thanks!
Closing this for now since we don't support Windows at this time due to no scanner available.