Vulnerability Static Analysis for Containers
An open source trusted cloud native registry project that stores, signs, and scans content.
harbor brings a lot of this functionality if you happen to look for a registry also.
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
a bit late to the party but ahab's pretty cool - add it to your dockerfile and it just does the scanning for you
Hosting my own docker registry, any recommendations on UI and authentication service?
3 projects | reddit.com/r/selfhosted | 8 Jan 2022
Java eclipse temurin:18.0.1_10-jre-alpine is out ! Now what ?
2 projects | dev.to | 4 May 2022
Upgrade Help Thread
6 projects | reddit.com/r/pop_os | 26 Apr 2022
About Java Bytecode, native binaries & security (short Grype benchmark)
3 projects | dev.to | 7 Apr 2022
Show HN: Coolify v2 An open-source and self-hostable Heroku/Netlify alternative
10 projects | news.ycombinator.com | 30 Mar 2022