You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While I completely respect and understand the stance of gosu author that vulnerability scanners are naïve and show false positive, I think that much time is wasted by postgres consumers understanding all the details and even move time is spent explaining that the critical issues in postgresql images are false positives.
Therefore this (another thread) on the subject. However the question I would like to ask here is
Do you know of a replacement for gosu which can be used and give postresql project the same functionality?
the alternative MUST be actively maintained, in the way that all security issues are actively addressed in a way that even naïve vulnerabiltity scanners understand (at least docker scout and trivy)
Please let's focus this discussion on alternatives to gosu in this image.For comments that mention to fix gosu itself, make those comments in the gosu project.
aggeboe, dlehammer, cnwaldron, sorenfalch, tukez and 5 more