Skip to content

Latest commit

 

History

History
64 lines (39 loc) · 1.47 KB

safety.md

File metadata and controls

64 lines (39 loc) · 1.47 KB

Configuration for safety

Supported environments/languages

  • python packaging

Configuration

var purpose type default
SCA_BLACKLIST_safety Blacklist filter for this tool space-separated-list ""
SCA_SAFETY_EXTRA_FATAL Extra error-IDs leading to build termination when found space-separated-list "":
SCA_SAFETY_EXTRA_SUPPRESS Extra error-IDs to be suppressed space-separated-list ""

Supports

  • suppression of IDs
  • terminate build on fatal
  • run on recipe
  • run on image
  • run with SCA-layer default settings (see SCA_AVAILABLE_MODULES)

Requires

  • requires online access

Notes

Currently only the free Safety DB is supported. The paid Safety API maybe added later.

Known error-IDs

safety.safety.vulnerability - a vulnerability was detected in referenced packages

Checking scope

  • security
  • functional defects
  • compliance
  • style issues

Statistics

  • ⬛⬛⬜⬜⬜⬜⬜⬜⬜⬜ 02/10 Build Speed
  • ⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛ 10/10 Execution Speed
  • ⬛⬛⬛⬛⬛⬛⬛⬛⬛⬜ 09/10 Quality

Score mapping

Error considered as security relevant

  • safety.safety.vulnerability

Error considered as functional defect

  • n.a.

Error consired as compliance issue

  • n.a.

Error considered as style issue

  • n.a.