osv-scanner icon indicating copy to clipboard operation
osv-scanner copied to clipboard
verified publisher icon google

Improve container scanning.

Open oliverchang opened this issue 3 years ago • 3 comments

Currently the focus of OSV-Scanner is on lockfiles, with preliminary support for Debian container scanning.

We will extend this to better container scanning as well:

  • Better package extraction from container images .
  • Filesystem scanning.
  • More distro support.

oliverchang avatar Dec 16 '22 00:12 oliverchang

This would be amazing! Really appreciate what you're doing here :)

A few questions, out of curiosity:

  1. Is there currently work planned for Debian container scanning? (I imagine this would align well with gLinux scanning work, so I'm hoping yes.)
  2. Has work been planned for other distros, and if so, which?
  3. What other distros do you realistically see this getting extended to?

sxlijin avatar Jan 06 '23 08:01 sxlijin

This issue has not had any activity for 60 days and will be automatically closed in two weeks

github-actions[bot] avatar Jul 25 '24 18:07 github-actions[bot]

This is being actively worked on by @another-rex and @hogo6002, with features planned around:

  • Layer # attribution for packages
  • Base image identification
  • Full filesystem accountability

oliverchang avatar Jul 25 '24 21:07 oliverchang