azure-sdk-for-cpp icon indicating copy to clipboard operation
azure-sdk-for-cpp copied to clipboard
verified publisher icon Azure

Fix Secure Supply Chain Warning in Release builds

Open gearama opened this issue 3 years ago • 0 comments

Daniel has another bug related to this thus this is obsolete Starting: Secure Supply Chain Analysis (auto-injected by policy)

Task : Secure Supply Chain Analysis Description : A task to scan for vulnerabilities in your software supply chain. Formerly "NuGet Security Analysis". Version : 0.2.108 Author : Microsoft Corporation Help : See https://aka.ms/nugetsecurityanalysis for more information. Please contact [email protected] if you run into problems or have questions with this task.

For more information please visit: https://aka.ms/nugetsecurityanalysis Starting Multifeed Nuget Security Analysis: Starting Multifeed Python Security Analysis: Starting CFS NuGet Analysis: Starting CFS NPM Analysis: Starting DockerFile Analysis: .devcontainer/Dockerfile - Container usage from external registry 'docker.io' found. Dockerfile - Container usage from external registry 'docker.io' found. Dockerfile.src - Container usage from external registry 'docker.io' found. samples/integration/vcpkg-keyvault/.devcontainer/Dockerfile - Container usage from external registry 'docker.io' found. samples/integration/vcpkg-storage/.devcontainer/Dockerfile - Container usage from external registry 'docker.io' found. ##[warning]Container security analysis found 5 violations. This repo has one or more docker files having references to images from external registries. Please review https://aka.ms/containers-security-guidance to remove the reference of container images from external registries. Please reach out via teams (https://aka.ms/cssc-teams) or email ([email protected]) for any questions or clarifications. Finishing: Secure Supply Chain Analysis (auto-injected by policy)

gearama avatar May 20 '22 19:05 gearama