Offline functionality for air-gapped environments #83
Assignees
Labels
enhancement
New feature or request
Comments
|
That's an interesting idea. Depends on if you have a vulnerability scanner that accepts PURLs in their API. What vulnerability scanners do you use? |
|
Sorry for the delayed answer. Currently we are using trivy, which has a very nice Support for airgapped environments |
|
I took a look at Trivvy but it doesn't look like it is going to be able to find the vulnerabilities for the purls bomber parses out of a SBOM. I know there are some standalone services that will match a purl to a vulnerability but I think those require regular signature updates from the public internet. |
|
Issue #98 should make this a reality. |
|
This will be covered by #98 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Are there any plans to support offline functionality for air-gapped environments?
The text was updated successfully, but these errors were encountered: