Go to file

ag e3d74f8e72 updated git_tag file with add [1A[2K[1Gadd portal_render_change_2.11.4 2023-11-27 14:10:17 +0100 vmdevac		2023-11-27 14:10:17 +01:00
README.md	commit by to_remotes 2023-10-30 10:44:08 +0100 from vmdevhw	2023-10-30 10:44:08 +01:00
bundle-audit-time.txt	commit by to_remotes 2023-11-27 14:06:15 +0100 from vmdevac	2023-11-27 14:06:15 +01:00
bundle-audit.json	commit by to_remotes 2023-11-27 14:06:15 +0100 from vmdevac	2023-11-27 14:06:15 +01:00
git_tag	updated git_tag file with add	2023-11-27 14:10:17 +01:00
report.txt	commit by to_remotes 2023-11-17 08:21:59 +0100 from vmdevac	2023-11-17 08:21:59 +01:00
update-info.txt	commit by to_remotes 2023-11-24 07:37:39 +0100 from vmdevac	2023-11-24 07:37:39 +01:00

README.md

How to read the information of a given Commit

By audit we mean checking for vulnerabilities.

bundle-audit.json: This file contains audit information in JSON format

report.txt: In a text format it is described which vulnerabilities have been detected

update-info.txt: Contains Information as of which date the vulnerabilities database is that has been used to perform the checks.

bundle-audit-time.txt: contains time stamp auf audit in ISO format

git_tag: The tag of the application/image/audit at the time audit

What is being checked and how?

The application being checked is Xalimo Teamplay which is a Rails application provided by a docker image. Basis for the check is the set of used packages (called Gems). These are being tested against a constantantly updated database of know vulnerabilities.