Short description
Hi, I built an "insecure" image based in node:10.19.0-buster and https://github.com/Snyk/snyk-demo-todo.
The scan result does not find any vulnerabilities in the NPM project, only OS vulnerabilities.
See attached result
2020_05_17_insecure.dagda.json.txt
Reproduction steps
- Start Dagda server with the parameters 'python dagda.py start -d -m image-scanner.*. -mp ***' (private domain)
- Type the Dagda CLI command '.docker exec python dagda.py check -i registry.local:443/insecure'
Expected results
NPM audit reports:
found 216 vulnerabilities (124 low, 16 moderate, 75 high, 1 critical) in 4255 scanned packages
Actual results
See attached file
On which platforms did you notice this:
Docker Image: 3grander/dagda:0.8.0
Short description
Hi, I built an "insecure" image based in node:10.19.0-buster and https://github.com/Snyk/snyk-demo-todo.
The scan result does not find any vulnerabilities in the NPM project, only OS vulnerabilities.
See attached result
2020_05_17_insecure.dagda.json.txt
Reproduction steps
Expected results
NPM audit reports:
found 216 vulnerabilities (124 low, 16 moderate, 75 high, 1 critical) in 4255 scanned packagesActual results
See attached file
On which platforms did you notice this:
Docker Image: 3grander/dagda:0.8.0