Flatpak-cve-checker Alternatives
Similar projects and alternatives to flatpak-cve-checker
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
flatpak-cve-checker reviews and mentions
-
Update from the world of Fedora Workstation
Parsing the manifest for vulns is doable. Here I wrote one: https://github.com/TingPing/flatpak-cve-checker
-
Flaptak (and Snap) is not the future
If Debian (or whatever org/group/project/initiative that) provides the images has a security policy, they can extend that to the images too.
Users don't run CVE checkers [0], at best they reluctantly click on the update button. Of course the authoritarian evergreen auto-update thing is what actually works in practice.
For example as much as snap's UX sucks it does auto update by default.
[0] Though they could, as files in container images are trivially accessible, after all it's their purpose. Plus there are metadata based approaches: https://github.com/TingPing/flatpak-cve-checker (plus the Flatpak project already spends some energy on ensuring that the base image is chechekd against CVEs https://gitlab.com/freedesktop-sdk/freedesktop-sdk/-/jobs/18... ) of course duplicating this effort, and building a parallel world besides packages is not ideal, but
Stats
TingPing/flatpak-cve-checker is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.
The primary programming language of flatpak-cve-checker is Python.
Popular Comparisons
Sponsored