cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sewechad
Level 4

Scanning Docker Files

The Flexera CodeInsight product datasheet (https://www.flexerasoftware.com/media/datasheets/datasheet-fci.pdf) says it can identify open source components in Docker Containers. After some testing, I am seeing results that are incomplete in identifying open source components within a simple project.

 

I found an article which discusses containers and license compliance (https://lwn.net/Articles/752982/). The article mentioned that VMWare has started a project to be able to the create of a bill of materials (BOM) for a container image (https://github.com/vmware/tern). Flexera can look how to use this tool to improve their product.

(1) Reply
dmcloughlin
Revenera
Revenera

Thanks for the suggestion.  I'll pass it along to our product team!!

 

Cheers,

 

Dave McLoughlin

0 Kudos