Hi @atripp
Thanks for your reply.
For testing purposes, im running in a Windows host, with internet access.
So, i have a clean install via Inedo Hub. Just entered the trial License Key, created a feed, connected it to registry.hub.docker.com and pulled vulnerables/web-dvwa (latest). I can see the error/warn in the executions.
I'm not sure this is the intended way to use it.
Hi,
Im testing Proget (2024.32) for my company, and one of the features i was really excited about having was the image scanning, when an image is pushed to the repository (or pulled via connector).
Im having some trouble with this. The image enters the feed, the blob scanner starts, but then it ends with:
Error scanning blob <blob identifier> (id=<id>) TarBuffer.ReadBlock - no input stream defined.
The error changes from the previous, to
Cannot be less than zero (Parameter 'value')
or
Header checksum is invalid
All the images that were pulled/pushed into the feed have "Not scanned" and shows no vulnerabilities, even the ones i know they have. No information on the packages tab of the image.
Am i missing some configuration? What can i do?
Other question, is there a way to populate the vulnerabilities database with a script? My instalation will have no internet access, so it will not be able to update the database.
Thanks!