Reply to post: Re: Age old problem.

DevOps to DevOops: Docker Hub proves so secure that 430 Docker images out of 2,500 have no vulnerabilities

Tom 38 Silver badge

Re: Age old problem.

You'd think there'd be some kind of automated dependency/security tool by now that realises that a dependency is out of date, updates it and rebuilds everything that was reliant on it (or contains an unannounced copy of it, which is far more likely!). But no.

You mean like dependabot or renovate? Combined with trivy for SAST scanning? Running on a schedule so you're aware of new vulnerabilities in existing code? No?

Docker doesn't hide things behind complexity/obscurity, its simply a tool for packaging an application as an immutable container. Once you've got this container, you can apply things like trivy to it very simply. It actually makes all this stuff a lot easier.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020