RH8-minimal and version "pinning" (!33) · Merge requests · Iron Bank Containers / GrammaTech / CodeSonar / codesonar-hub

Nathan Chadwick requested to merge nchadwick/pin_packages into development Nov 18, 2021

This MR is an attempt to reduce false positives. This was done by switching to the RH8-minimal image, updating only the packages with issues identified by anchore and twistlock, and even removing a couple packages. The end result is that more of the vulnerabilities found come from CodeSonar and not the base OS.

#13 (closed)

Edited Nov 18, 2021 by Nathan Chadwick

RH8-minimal and version "pinning"

Merge request reports