remic

Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies

Usage

$ remic -h
NAME:
  remic - A simple and fast tool for detecting vulnerabilities in application dependencies
USAGE:
  remic [options] file
VERSION:
  0.0.2
OPTIONS:
  --format value, -f value    format (table, json) (default: "table")
  --severity value, -s value  severity of vulnerabilities to be displayed (default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL")
  --output value, -o value    output file name
  --exit-code value           Exit code when vulnerabilities were found (default: 0)
  --skip-update               skip db update
  --ignore-unfixed            display only fixed vulnerabilities
  --debug, -d                 debug mode
  --help, -h                  show help
  --version, -v               print the version

Vulnerability Detection

Application Dependencies

Remic automatically detects the following files in the container and scans vulnerabilities in the application dependencies.

Gemfile.lock
Pipfile.lock
composer.lock
package-lock.json
yarn.lock
Cargo.lock

The path of these files does not matter.

Example: https://npm.pkg.github.com/knqyf263/trivy-ci-test/blob/master/Dockerfile

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.gitignore		.gitignore
.travis.yml		.travis.yml
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
goreleaser.yml		goreleaser.yml
main.go		main.go
remic.go		remic.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

remic

Usage

Vulnerability Detection

Application Dependencies

About

Releases 2

Packages

Contributors 3

Languages

License

knqyf263/remic

Folders and files

Latest commit

History

Repository files navigation

remic

Usage

Vulnerability Detection

Application Dependencies

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases 2

Packages 0

Contributors 3

Languages

Packages