mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
fb152b9114
## Summary This pull request is created by [Secure Repo](https://app.stepsecurity.io/securerepo) at the request of @zwass. Please merge the Pull Request to incorporate the requested changes. Please tag @zwass on your message if you have any questions related to the PR. You can also engage with the [StepSecurity](https://github.com/step-security) team by tagging @step-security-bot. ## Security Fixes ### Secure Dockerfiles Pin image tags to digests in Dockerfiles. With the Docker v2 API release, it became possible to use digests in place of tags when pulling images or to use them in FROM lines in Dockerfiles. - [The Open Source Security Foundation (OpenSSF) Security Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies) ## Feedback For bug reports, feature requests, and general feedback; please create an issue in [step-security/secure-repo](https://github.com/step-security/secure-repo). To create such PRs, please visit https://app.stepsecurity.io/securerepo. Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Zach Wasserman <zach@fleetdm.com> |
||
|---|---|---|
| .. | ||
| .keep | ||
| 9921-cis-win-10-2.3.10.x | ||
| 10104-policy-tab-click-bug | ||
| 10137-show-query-policy-results | ||
| issue-9124-orbit-enroll-match-by-serial | ||
| issue-9400-add-disk-encryption-fleetctl-apply | ||
| issue-10126-mdm-info | ||
| pin-dockerfiles | ||