pandora/image-copy.woodpecker
3
0
Fork 0
generated from pandora/woodpecker-plugin.template
Code Issues 2 Pull requests Projects Releases 2 Packages 1 Wiki Activity Actions

Vulnerability dashboard #1

New issue
Open
opened 2026-04-12 01:28:05 +00:00 by bot-ci · 0 comments
bot-ci commented 2026-04-12 01:28:05 +00:00
Owner
Copy link

This issue list updates about vulnerabilites that are detected by trivy.woodpecker plugin.

Summary

Severity Count
CRITICAL 0
HIGH 0
MEDIUM 0
LOW 0
UNKNOWN 0

Detected packages and vulnerabilites

Packages

code.thinkaboutit.tech/pandora/image-copy.woodpecker:latest (debian 13.4):

Name Version
base-files 13.8+deb13u4
media-types 13.0.0
netbase 6.5
tzdata 2026a
tzdata-legacy 2026a

go.mod:

Name Version
code.thinkaboutit.tech/pandora/skopeo.woodpecker
code.thinkaboutit.tech/pandora/woodpecker-utils.gopack v1.2.0
github.com/google/go-containerregistry v0.21.5
github.com/containerd/stargz-snapshotter/estargz v0.18.2
github.com/docker/cli v29.4.0+incompatible
github.com/docker/docker-credential-helpers v0.9.5
github.com/klauspost/compress v1.18.5
github.com/mitchellh/go-homedir v1.1.0
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.1.1
github.com/sirupsen/logrus v1.9.4
github.com/vbatts/tar-split v0.12.2
golang.org/x/sync v0.20.0
golang.org/x/sys v0.43.0
gotest.tools/v3 v3.5.2

usr/local/bin/image-copy.woodpecker:

Name Version
code.thinkaboutit.tech/pandora/skopeo.woodpecker 1.0.1-SNAPSHOT-36045d9
stdlib v1.26.2
code.thinkaboutit.tech/pandora/woodpecker-utils.gopack v1.2.0
github.com/containerd/stargz-snapshotter/estargz v0.18.2
github.com/docker/cli v29.4.0+incompatible
github.com/docker/docker-credential-helpers v0.9.5
github.com/google/go-containerregistry v0.21.5
github.com/klauspost/compress v1.18.5
github.com/mitchellh/go-homedir v1.1.0
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.1.1
github.com/sirupsen/logrus v1.9.4
github.com/vbatts/tar-split v0.12.2
golang.org/x/sync v0.20.0
golang.org/x/sys v0.43.0
Vulnerabilities
This issue list updates about vulnerabilites that are detected by [trivy.woodpecker](https://code.thinkaboutit.tech/pandora/trivy.woodpecker) plugin. ## Summary | Severity | Count | | -------- | ----- | | CRITICAL | 0 | | HIGH | 0 | | MEDIUM | 0 | | LOW | 0 | | UNKNOWN | 0 | ## Detected packages and vulnerabilites <details><summary>Packages</summary> **code.thinkaboutit.tech/pandora/image-copy.woodpecker:latest (debian 13.4)**: | Name | Version | | ---- | ------- | | base-files | 13.8+deb13u4 | | media-types | 13.0.0 | | netbase | 6.5 | | tzdata | 2026a | | tzdata-legacy | 2026a | **go.mod**: | Name | Version | | ---- | ------- | | code.thinkaboutit.tech/pandora/skopeo.woodpecker | | | code.thinkaboutit.tech/pandora/woodpecker-utils.gopack | v1.2.0 | | github.com/google/go-containerregistry | v0.21.5 | | github.com/containerd/stargz-snapshotter/estargz | v0.18.2 | | github.com/docker/cli | v29.4.0+incompatible | | github.com/docker/docker-credential-helpers | v0.9.5 | | github.com/klauspost/compress | v1.18.5 | | github.com/mitchellh/go-homedir | v1.1.0 | | github.com/opencontainers/go-digest | v1.0.0 | | github.com/opencontainers/image-spec | v1.1.1 | | github.com/sirupsen/logrus | v1.9.4 | | github.com/vbatts/tar-split | v0.12.2 | | golang.org/x/sync | v0.20.0 | | golang.org/x/sys | v0.43.0 | | gotest.tools/v3 | v3.5.2 | **usr/local/bin/image-copy.woodpecker**: | Name | Version | | ---- | ------- | | code.thinkaboutit.tech/pandora/skopeo.woodpecker | 1.0.1-SNAPSHOT-36045d9 | | stdlib | v1.26.2 | | code.thinkaboutit.tech/pandora/woodpecker-utils.gopack | v1.2.0 | | github.com/containerd/stargz-snapshotter/estargz | v0.18.2 | | github.com/docker/cli | v29.4.0+incompatible | | github.com/docker/docker-credential-helpers | v0.9.5 | | github.com/google/go-containerregistry | v0.21.5 | | github.com/klauspost/compress | v1.18.5 | | github.com/mitchellh/go-homedir | v1.1.0 | | github.com/opencontainers/go-digest | v1.0.0 | | github.com/opencontainers/image-spec | v1.1.1 | | github.com/sirupsen/logrus | v1.9.4 | | github.com/vbatts/tar-split | v0.12.2 | | golang.org/x/sync | v0.20.0 | | golang.org/x/sys | v0.43.0 | </details> <details><summary>Vulnerabilities</summary> </details>
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
1.0.1
1.0.0
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
pandora/image-copy.woodpecker#1
No description provided.