| Info |
|---|
Click the "label" icon at the top of this template and make sure that your labels are correct. This is required to ensure that your topic appears on the relevant pages They should be: vdtf-plenary, YYYY-event, <month> Remove this info box after you have added the label. |
Topic Leader(s)
Topic Overview
...
Topic Leader(s)
Topic Overview
| Excerpt |
|---|
Static scanning is regularly performed on LFN repositories. Unfortunately they only detect potential explicit issues. Most of the projects include their code within a broader context which includes lots of possible dependencies. Hosting and redistributing docker containers have consequences in legal issues. We must have a better control of what we are distributing. Dynamic scanning is then needed. Some tools are available and a feedback shall be given as soon as possible as close as possible in the build chain. Alexander Mazuruk worked on a PoC in ONAP invoving tern+dockviz, the goal would be to include such verification on any docker build jobs |
Slides & Recording
| View file | ||||
|---|---|---|---|---|
|
| View file | ||||
|---|---|---|---|---|
|