Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Security report is confusing
See original GitHub issueI created a helm chart for SFTPGo and published it in a repository on Artifact Hub:
https://artifacthub.io/packages/helm/sagikazarmark/sftpgo/0.0.7
There are two flavors of images published for SFTPGo:
- Debian based
- Alpine based
Both images are added to the chart as annotations in Chart.yaml.
As one could expect, the Debian version is full of packages with reported security vulnerabilities whereas the Alpine version is all green.
When looking at the Security report, it’s a little bit confusing though, because it shows all those red signs and without a few clicks it’s not immediately obvious that there are alternative images which should be “safe” to use.
Publishing images for multiple distributions is a common practice and the “default” is often Debian and not Alpine, so it’s even more important to share that information. I don’t have any ideas how to do that though, I just wanted to raise an issue about it.
Here are some screenshots that show what I tried to describe above:
Issue Analytics
- State:
- Created 3 years ago
- Comments:9
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks for the explanation! Makes sense
@tegioz the new screenshot looks great, thanks!
The security badge could maybe say
Or an information icon next to the summary text saying the same in a popup, pointing to the full report for details.