Filippo Valsorda :go: on Nostr: Trivy 0.52.1 on age v1.1.1 > Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, ...
Trivy 0.52.1 on age v1.1.1
> Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)
govulncheck v1.1.2
> No vulnerabilities found.
govulncheck is correct. All the vulns reported by the other thing are provably false positives.
When I did the initial design of govulncheck, I made minimizing noise a priority, to give devs a chance to actually triage potential vulns.
I suspect I was wrong: if the tool is too good, it will find nothing most of the time, and devs will not trust it.
Published at
2024-06-16 15:28:03Event JSON
{
"id": "8150b60f2497e463683fe49a33768c961aa9f785a800a19a0ec9211d6b39dd5d",
"pubkey": "9096f6e1a06dc4f6ed31358e994e9ab2eb46833b5f45a1805b2930412a817cc4",
"created_at": 1718544483,
"kind": 1,
"tags": [
[
"proxy",
"https://abyssdomain.expert/@filippo/112626531259021350",
"web"
],
[
"proxy",
"https://abyssdomain.expert/users/filippo/statuses/112626531259021350",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://abyssdomain.expert/users/filippo/statuses/112626531259021350",
"pink.momostr"
]
],
"content": "Trivy 0.52.1 on age v1.1.1\n\n\u003e Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)\n\ngovulncheck v1.1.2\n\n\u003e No vulnerabilities found.\n\ngovulncheck is correct. All the vulns reported by the other thing are provably false positives.\n\nWhen I did the initial design of govulncheck, I made minimizing noise a priority, to give devs a chance to actually triage potential vulns.\n\nI suspect I was wrong: if the tool is too good, it will find nothing most of the time, and devs will not trust it.",
"sig": "e9cd0391f283a3d2f159bbca01926b5f3941a5d44a46ae2d928bbf5ec9362f48fab48c34b0ec3acd9f8cb4eaee97cb14841e2f54c52bd967d5d633e381971b61"
}