Example Gemfile.lock raising AWS Inspector vulnerabilities
#393
Comments
|
It's just occurred to me that the file doesn't need to be edited at all, it just needs to be excluded in the gemspec. |
|
Does #392 resolve the issue? |
|
I think it probably does, but I haven't been able to check it. If I find time I'll test with master. We've possibly already got an exclusion added to AWS Inspector to ignore this file, so not sure if it will flag up now either way. It would be better to just exclude the file from the Gem, which would avoid this triggering again in the future. |
|
Thanks @matthewtusker. That's a good idea. I've created a PR #394 to exclude the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The example Gemfile.lock is raising up as an error in AWS Inspector. The file is found inside one of our Docker images, which causes it to panic that a bunch of vulnerabilities exist, when of course they don't.
Can this file be updated/removed?
The text was updated successfully, but these errors were encountered: