mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
5968e7199f
(cherry picked from commit6d03ce5f2d
) Additional changes on top of:6d03ce5f2d
- Build and use zot from the same branch do not use a container image as scan target, use the binary - Fix typo in rules filename - Add the full rule list to the rules config file - Ignore some of the specific rules and add reasons - Add security-related headers to fix some of the issues identified by the scan - Update UI it includes the latest fixes for zap scan issues Signed-off-by: Andrei Aaron <aaaron@luxoft.com> Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com>
3.4 KiB
3.4 KiB
1 | # zap-baseline rule configuration file |
---|---|
2 | # Change WARN to IGNORE to ignore rule or FAIL to fail if rule matches |
3 | # Only the rule identifiers are used - the names are just for info |
4 | # You can add your own messages to each rule by appending them after a tab on each line. |