dockle
klar
Our great sponsors
| dockle | klar | |
|---|---|---|
| 2 | 1 | |
| 1,897 | 501 | |
| 3.1% | 0.6% | |
| 6.4 | 0.0 | |
| 10 days ago | 10 months ago | |
| Go | Go | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dockle
-
A beginner's question : am I doing things the right way ?
Check out dockle; https://github.com/goodwithtech/dockle
-
21 Best Practises in 2021 for Dockerfile
Dockle
klar
What are some alternatives?
trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
hadolint - Dockerfile linter, validate inline bash, written in Haskell
gitleaks - Scan git repos (or files) for secrets using regex and entropy 🔑
argocd-image-updater - Automatic container image update for Argo CD
dnstake - DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
grype - A vulnerability scanner for container images and filesystems
repo-security-scanner - CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
turbo-scanner - A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts's ip or fqdn with the sole purpose of testing your own network to ensure there are no malicious services running.
wrapcheck - A Go linter to check that errors from external packages are wrapped
argslen - Go linter that warns about the number of arguments in functions.
errchkjson - Go linter that checks types that are json encoded - reports unsupported types and unnecessary error checks