You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
host a list (json) at https://api.woodpecker-ci.org/vuln/plugins.json or so ... so we could also count the api access counts to get some estimations of server installations.
also the list should be compiled into the binary for offline/air-gapped systems and updated by the server once a day.
the list should contain:
image name and tag
if it's criticall or not (linter throw a warning or error (fail))
the reason (text to be displayed) like links to an CVE etc ...
that file should be managed within the git repo like we do with our plugin list for the website ...
The text was updated successfully, but these errors were encountered:
well yes we can use if for that too ... for now we dont have any infra so i would just serve what we would then have checked into your git repo ... and it is easy to disable by pointing to the github raw content of the potential file ...
host a list (json) at
https://api.woodpecker-ci.org/vuln/plugins.json
or so ... so we could also count the api access counts to get some estimations of server installations.also the list should be compiled into the binary for offline/air-gapped systems and updated by the server once a day.
the list should contain:
that file should be managed within the git repo like we do with our plugin list for the website ...
The text was updated successfully, but these errors were encountered: