wiseadvice_public_repos
/
bundle-audit-results
3
0
Fork 0
Code Wiki
13 Commits
1 Branch
1,329 Tags
3.9 MiB
Text 100%
 
Go to file
Holger Wasem cde2021339 Merge branch 'master' of git.service.wiseadvice.eu:wiseadvice_public_repos/bundle-audit-results 2023-10-30 10:44:09 +01:00
README.md commit by to_remotes 2023-10-30 10:44:08 +0100 from vmdevhw 2023-10-30 10:44:08 +01:00
bundle-audit-time.txt commit by to_remotes 2023-10-30 10:43:15 +0100 from vmdevac 2023-10-30 10:43:15 +01:00
bundle-audit.json commit by to_remotes 2023-10-30 10:43:15 +0100 from vmdevac 2023-10-30 10:43:15 +01:00
git_tag updated git_tag file with 2.10.1 2023-10-30 09:41:32 +0100 vmdevac 2023-10-30 09:41:32 +01:00
report.txt no message given 2023-10-27 17:07:55 +0200 from vmdevhw 2023-10-27 17:07:55 +02:00
update-info.txt no message given 2023-10-27 17:07:55 +0200 from vmdevhw 2023-10-27 17:07:55 +02:00

README.md

How to read the information of a given Commit

By audit we mean checking for vulnerabilities.

bundle-audit.json: This file contains audit information in JSON format

report.txt: In a text format it is described which vulnerabilities have been detected

update-info.txt: Contains Information as of which date the vulnerabilities database is that has been used to perform the checks.

bundle-audit-time.txt: contains time stamp auf audit in ISO format

git_tag: The tag of the application/image/audit at the time audit

What is being checked and how?

The application being checked is Xalimo Teamplay which is a Rails application provided by a docker image. Basis for the check is the set of used packages (called Gems). These are being tested against a constantantly updated database of know vulnerabilities.