We have built and published our Docker image. Let’s view these results in the JFrog Platform.
pagerduty-workshop-app
.Scroll down to the References section to access links to documentation that can help you remediate the issue.
In many cases, you just need to update the component and Xray will indicate this.
Xray supports all major package types, understands how to unpack them, and uses recursive scanning to see into all of the underlying layers and dependencies of components, even those packaged in Docker images, and zip files. The comprehensive vulnerability intelligence databases are constantly updated giving the most up-to-date understanding of the security and compliance of your binaries.
Close the Issue Details tab.
View the Docker configuration for the image in the Docker Layers tab.
On the Builds tab, click on npm_build in the list.
Then click on your most recent build.
In the Published Modules tab, view the set of artifacts and dependencies for your build.
Our JFrog CI/CD “pipeline” provided an overview of a typical build, docker build and push, security scan and promotion process using JFrog Pipelines, Artifactory and Xray. With the JFrog Platform, you can view the results of your software build from versions to vulnerabilities.