crazy-max / xgo Goto Github PK
View Code? Open in Web Editor NEWGo CGO cross compiler
Home Page: https://hub.docker.com/r/crazymax/xgo/tags/?page=1&ordering=last_updated
License: MIT License
Go CGO cross compiler
Home Page: https://hub.docker.com/r/crazymax/xgo/tags/?page=1&ordering=last_updated
License: MIT License
I want to compile a go project for iOS arm64 architecture. Original xgo has got support for iOS but the latest go version on it is too old.
Do you plan on adding support for ios/arm64?
After the Ubuntu image update to 21.04
I noticed that when running the compiled binary in Ubuntu 20.04
I get the following error
test-app: /lib/x86_64-linux-gnu/libc.so.6: version 'GLIBC_2.32' not found (required by test-app)
Any suggestions on what can I do to avoid that?
Ubuntu 20:
$ ldd --version ldd
ldd (Ubuntu GLIBC 2.31-0ubuntu9.2) 2.31
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.
Ubuntu 21:
$ ldd --version ldd
ldd (Ubuntu GLIBC 2.33-0ubuntu5) 2.33
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.
Docker Scout reports one hundred and eleven CVE's for the xgo Docker image. That's the bad news.
The good news is that the majority of these vulnerabilities appear to spring from the base Debian operating system. Debian seems to lag way behind regarding security patches. Neither testing nor sid include all the Python 3 security patches, for example.
Additionally, the official golang Docker images appear to have some CVE's of their own, though not as many.
When I roll my own images, I have better luck regarding vulnerabilities by using a Fedora base image.
$ docker scout cves crazymax/xgo:1.21
i New version 1.2.2 available (installed version is 1.2.0) at https://github.com/docker/scout-cli
✓ Provenance obtained from attestation
✓ Pulled
✓ Image stored for indexing
✓ Indexed 570 packages
✗ Detected 22 vulnerable packages with a total of 108 vulnerabilities
## Overview
│ Analyzed Image
────────────────────┼─────────────────────────────────────────────
Target │ crazymax/xgo:1.21
digest │ b19f1b7fc2c2
platform │ linux/arm64
provenance │ https://github.com/crazy-max/xgo
│ de20bfd1d4ce282c13b051b23ac15ceb5b6e761b
vulnerabilities │ 0C 4H 57M 50L
size │ 1.3 GB
packages │ 570
## Packages and Vulnerabilities
0C 2H 36M 35L linux 5.4.0-169.187
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ HIGH CVE-2023-4244
https://scout.docker.com/v/CVE-2023-4244
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ HIGH CVE-2023-20569
https://scout.docker.com/v/CVE-2023-20569
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.7
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
✗ MEDIUM CVE-2023-26242
https://scout.docker.com/v/CVE-2023-26242
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2023-2007
https://scout.docker.com/v/CVE-2023-2007
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2023-0030
https://scout.docker.com/v/CVE-2023-0030
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-39189
https://scout.docker.com/v/CVE-2022-39189
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2020-12362
https://scout.docker.com/v/CVE-2020-12362
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-25836
https://scout.docker.com/v/CVE-2022-25836
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
✗ MEDIUM CVE-2022-0400
https://scout.docker.com/v/CVE-2022-0400
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-2961
https://scout.docker.com/v/CVE-2022-2961
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-1247
https://scout.docker.com/v/CVE-2022-1247
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2021-3864
https://scout.docker.com/v/CVE-2021-3864
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-29900
https://scout.docker.com/v/CVE-2022-29900
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
✗ MEDIUM CVE-2020-26144
https://scout.docker.com/v/CVE-2020-26144
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
✗ MEDIUM CVE-2015-8553
https://scout.docker.com/v/CVE-2015-8553
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
✗ MEDIUM CVE-2023-45863
https://scout.docker.com/v/CVE-2023-45863
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.4
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2023-39198
https://scout.docker.com/v/CVE-2023-39198
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.4
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-1280
https://scout.docker.com/v/CVE-2022-1280
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.3
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
✗ MEDIUM CVE-2023-31082
https://scout.docker.com/v/CVE-2023-31082
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2023-28327
https://scout.docker.com/v/CVE-2023-28327
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2023-23004
https://scout.docker.com/v/CVE-2023-23004
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2023-23000
https://scout.docker.com/v/CVE-2023-23000
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-4543
https://scout.docker.com/v/CVE-2022-4543
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
✗ MEDIUM CVE-2022-40133
https://scout.docker.com/v/CVE-2022-40133
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-38457
https://scout.docker.com/v/CVE-2022-38457
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-38096
https://scout.docker.com/v/CVE-2022-38096
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-36402
https://scout.docker.com/v/CVE-2022-36402
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-3344
https://scout.docker.com/v/CVE-2022-3344
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-0480
https://scout.docker.com/v/CVE-2022-0480
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2020-36310
https://scout.docker.com/v/CVE-2020-36310
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2020-24504
https://scout.docker.com/v/CVE-2020-24504
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2016-8660
https://scout.docker.com/v/CVE-2016-8660
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-3523
https://scout.docker.com/v/CVE-2022-3523
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2023-1582
https://scout.docker.com/v/CVE-2023-1582
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.7
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2020-27835
https://scout.docker.com/v/CVE-2020-27835
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.4
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2018-17977
https://scout.docker.com/v/CVE-2018-17977
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.4
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2023-34324
https://scout.docker.com/v/CVE-2023-34324
Affected range : >=0
Fixed version : not fixed
✗ MEDIUM CVE-2013-7445
https://scout.docker.com/v/CVE-2013-7445
Affected range : >=0
Fixed version : not fixed
✗ LOW CVE-2023-33053
https://scout.docker.com/v/CVE-2023-33053
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2023-22995
https://scout.docker.com/v/CVE-2023-22995
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2022-47519
https://scout.docker.com/v/CVE-2022-47519
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2022-47518
https://scout.docker.com/v/CVE-2022-47518
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2021-39801
https://scout.docker.com/v/CVE-2021-39801
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2021-26934
https://scout.docker.com/v/CVE-2021-26934
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2019-19814
https://scout.docker.com/v/CVE-2019-19814
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
✗ LOW CVE-2019-19378
https://scout.docker.com/v/CVE-2019-19378
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
✗ LOW CVE-2018-12931
https://scout.docker.com/v/CVE-2018-12931
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2018-12930
https://scout.docker.com/v/CVE-2018-12930
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2017-13165
https://scout.docker.com/v/CVE-2017-13165
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2019-14899
https://scout.docker.com/v/CVE-2019-14899
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.4
CVSS Vector : CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
✗ LOW CVE-2021-32078
https://scout.docker.com/v/CVE-2021-32078
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.1
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
✗ LOW CVE-2023-1989
https://scout.docker.com/v/CVE-2023-1989
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2022-45885
https://scout.docker.com/v/CVE-2022-45885
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2022-45884
https://scout.docker.com/v/CVE-2022-45884
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.0
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2022-44034
https://scout.docker.com/v/CVE-2022-44034
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.4
CVSS Vector : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2022-44033
https://scout.docker.com/v/CVE-2022-44033
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.4
CVSS Vector : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
✗ LOW CVE-2018-1121
https://scout.docker.com/v/CVE-2018-1121
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.9
CVSS Vector : CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
✗ LOW CVE-2023-4133
https://scout.docker.com/v/CVE-2023-4133
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2022-0854
https://scout.docker.com/v/CVE-2022-0854
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
✗ LOW CVE-2021-44879
https://scout.docker.com/v/CVE-2021-44879
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-12364
https://scout.docker.com/v/CVE-2020-12364
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-12363
https://scout.docker.com/v/CVE-2020-12363
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2018-12929
https://scout.docker.com/v/CVE-2018-12929
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2018-12928
https://scout.docker.com/v/CVE-2018-12928
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2017-13693
https://scout.docker.com/v/CVE-2017-13693
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
✗ LOW CVE-2023-33288
https://scout.docker.com/v/CVE-2023-33288
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.7
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2017-0537
https://scout.docker.com/v/CVE-2017-0537
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.7
CVSS Vector : CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
✗ LOW CVE-2019-15213
https://scout.docker.com/v/CVE-2019-15213
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.6
CVSS Vector : CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-14304
https://scout.docker.com/v/CVE-2020-14304
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.4
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
✗ LOW CVE-2022-41848
https://scout.docker.com/v/CVE-2022-41848
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.2
CVSS Vector : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-35501
https://scout.docker.com/v/CVE-2020-35501
Affected range : >=0
Fixed version : not fixed
CVSS Score : 3.4
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
✗ LOW CVE-2023-4134
https://scout.docker.com/v/CVE-2023-4134
Affected range : >=0
Fixed version : not fixed
✗ LOW CVE-2021-34981
https://scout.docker.com/v/CVE-2021-34981
Affected range : >=0
Fixed version : not fixed
0C 1H 3M 0L urllib3 1.25.8
pkg:pypi/[email protected]
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ HIGH CVE-2021-33503 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2021-33503
Affected range : >=1.25.4
: <1.26.5
Fixed version : 1.26.5
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2020-26137 [Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')]
https://scout.docker.com/v/CVE-2020-26137
Affected range : <1.25.9
Fixed version : 1.25.9
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
✗ MEDIUM CVE-2023-43804 [Exposure of Sensitive Information to an Unauthorized Actor]
https://scout.docker.com/v/CVE-2023-43804
Affected range : <1.26.17
Fixed version : 1.26.17
CVSS Score : 5.9
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
✗ MEDIUM CVE-2023-45803 [Exposure of Sensitive Information to an Unauthorized Actor]
https://scout.docker.com/v/CVE-2023-45803
Affected range : <1.26.18
Fixed version : 1.26.18
CVSS Score : 4.2
CVSS Vector : CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
0C 1H 1M 0L certifi 2019.11.28
pkg:pypi/[email protected]
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ HIGH CVE-2023-37920 [Insufficient Verification of Data Authenticity]
https://scout.docker.com/v/CVE-2023-37920
Affected range : >=2015.4.28
: <2023.7.22
Fixed version : 2023.7.22
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
✗ MEDIUM CVE-2022-23491 [Insufficient Verification of Data Authenticity]
https://scout.docker.com/v/CVE-2022-23491
Affected range : >=2017.11.05
: <2022.12.07
Fixed version : 2022.12.07
CVSS Score : 6.8
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
0C 0H 9M 4L binutils 2.34-6ubuntu1.7
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2022-47695
https://scout.docker.com/v/CVE-2022-47695
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-45703
https://scout.docker.com/v/CVE-2022-45703
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-44840
https://scout.docker.com/v/CVE-2022-44840
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2022-48065
https://scout.docker.com/v/CVE-2022-48065
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-48063
https://scout.docker.com/v/CVE-2022-48063
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-47011
https://scout.docker.com/v/CVE-2022-47011
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-47010
https://scout.docker.com/v/CVE-2022-47010
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-47008
https://scout.docker.com/v/CVE-2022-47008
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2022-47007
https://scout.docker.com/v/CVE-2022-47007
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2018-20657
https://scout.docker.com/v/CVE-2018-20657
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.5
CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ LOW CVE-2022-48064
https://scout.docker.com/v/CVE-2022-48064
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2019-1010204
https://scout.docker.com/v/CVE-2019-1010204
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2017-13716
https://scout.docker.com/v/CVE-2017-13716
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0C 0H 1M 0L requests 2.22.0
pkg:pypi/[email protected]
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2023-32681 [Exposure of Sensitive Information to an Unauthorized Actor]
https://scout.docker.com/v/CVE-2023-32681
Affected range : >=2.3.0
: <2.31.0
Fixed version : 2.31.0
CVSS Score : 6.1
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
0C 0H 1M 0L gcc-mingw-w64 22~exp1ubuntu4
pkg:deb/ubuntu/gcc-mingw-w64@22~exp1ubuntu4?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2020-13844
https://scout.docker.com/v/CVE-2020-13844
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0C 0H 1M 0L gcc-9-cross-ports 18ubuntu5
pkg:deb/ubuntu/gcc-9-cross-ports@18ubuntu5?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2020-13844
https://scout.docker.com/v/CVE-2020-13844
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0C 0H 1M 0L gcc-defaults 1.185.1ubuntu2
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2020-13844
https://scout.docker.com/v/CVE-2020-13844
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0C 0H 1M 0L gcc-9-cross 21ubuntu7
pkg:deb/ubuntu/gcc-9-cross@21ubuntu7?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2020-13844
https://scout.docker.com/v/CVE-2020-13844
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0C 0H 1M 0L apparmor 2.13.3-7ubuntu5.3
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2016-1585
https://scout.docker.com/v/CVE-2016-1585
Affected range : >=0
Fixed version : not fixed
CVSS Score : 9.8
CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0C 0H 1M 0L libssh 0.9.3-2ubuntu2.3
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2023-48795
https://scout.docker.com/v/CVE-2023-48795
Affected range : <0.9.3-2ubuntu2.4
Fixed version : 0.9.3-2ubuntu2.4
0C 0H 1M 0L python3.8 3.8.10-0ubuntu1~20.04.9
pkg:deb/ubuntu/[email protected]~20.04.9?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ MEDIUM CVE-2023-27043
https://scout.docker.com/v/CVE-2023-27043
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0C 0H 0M 2L shadow 1:4.8.1-1ubuntu5.20.04.4
pkg:deb/ubuntu/shadow@1:4.8.1-1ubuntu5.20.04.4?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2013-4235
https://scout.docker.com/v/CVE-2013-4235
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.7
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
✗ LOW CVE-2023-29383
https://scout.docker.com/v/CVE-2023-29383
Affected range : >=0
Fixed version : not fixed
CVSS Score : 3.3
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
0C 0H 0M 1L coreutils 8.30-3ubuntu2
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2016-2781
https://scout.docker.com/v/CVE-2016-2781
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
0C 0H 0M 1L dbus 1.12.16-2ubuntu2.3
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2023-34969
https://scout.docker.com/v/CVE-2023-34969
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0C 0H 0M 1L pcre3 2:8.39-12ubuntu0.1
pkg:deb/ubuntu/pcre3@2:8.39-12ubuntu0.1?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2017-11164
https://scout.docker.com/v/CVE-2017-11164
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.5
CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 0H 0M 1L systemd 245.4-4ubuntu3.22
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2023-26604
https://scout.docker.com/v/CVE-2023-26604
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0C 0H 0M 1L git 1:2.43.0-0ppa1~ubuntu20.04.1
pkg:deb/ubuntu/git@1:2.43.0-0ppa1~ubuntu20.04.1?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2018-1000021
https://scout.docker.com/v/CVE-2018-1000021
Affected range : >=0
Fixed version : not fixed
CVSS Score : 8.8
CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0C 0H 0M 1L gnupg2 2.2.19-3ubuntu2.2
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2022-3219
https://scout.docker.com/v/CVE-2022-3219
Affected range : >=0
Fixed version : not fixed
CVSS Score : 3.3
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
0C 0H 0M 1L policykit-1 0.105-26ubuntu1.3
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2016-2568
https://scout.docker.com/v/CVE-2016-2568
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.8
CVSS Vector : CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
0C 0H 0M 1L glibc 2.31-0ubuntu9.14
pkg:deb/ubuntu/[email protected]?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2016-20013
https://scout.docker.com/v/CVE-2016-20013
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 0H 0M 1L openldap 2.4.49+dfsg-2ubuntu1.9
pkg:deb/ubuntu/[email protected]+dfsg-2ubuntu1.9?os_distro=focal&os_name=ubuntu&os_version=20.04
Dockerfile (85:98)
RUN <<EOT
set -e
export GOXX_SKIP_APT_PORTS=1
export DEBIAN_FRONTEND="noninteractive"
apt-get update
apt-get install --no-install-recommends -y git zip
for p in $PLATFORMS; do
TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
done
apt-get -y autoremove
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ln -sf /usr/include/asm-generic /usr/include/asm
EOT
✗ LOW CVE-2023-2953
https://scout.docker.com/v/CVE-2023-2953
Affected range : >=0
Fixed version : not fixed
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
111 vulnerabilities found in 22 packages
LOW 50
MEDIUM 57
HIGH 4
CRITICAL 0
What's Next?
View base image update recommendations → docker scout recommendations crazymax/xgo:1.21
If I clone a repository locally and run xgo on it, it generates a binary as expected:
git clone [email protected]:wealdtech/ethdo
cd ethdo
xgo --targets="windows/amd64" .
However if I try to do the same thing with a referenced repository it fails:
xgo --targets="windows/amd64" github.com/wealdtech/ethdo
The main difference appears to be that the former sets GO111MODULE to on and the latter sets GO111MODULE to off. The repository uses the go module system, so unsure why this is happening. If you could shed any light on this issue it would be much appreciated.
Hi, build error when I use xgo, seems it's github action vul limit. actions/checkout#760
may be need set safe dir
before build with golang
git config --global --add safe.directory /source
here's my build error info.
Run crazy-max/ghaction-xgo@v1
✅ xgo version found: v0.14.0
⬇️ Downloading https://github.com/crazy-max/xgo/releases/download/v0.14.0/xgo_0.14.0_linux_x86_64.tar.gz...
📦 Extracting xgo...
......
Building /source/go.mod...
Compiling for windows-4.0/amd64...
+ CC=x86_64-w64-mingw32-gcc
+ CXX=x86_64-w64-mingw32-g++
+ GOOS=windows
+ GOARCH=amd64
+ CGO_ENABLED=1
+ CGO_CFLAGS=-D_WIN32_WINNT=0x0400
+ CGO_CXXFLAGS=-D_WIN32_WINNT=0x0400
+ go build -v '--ldflags=-v -s -w' -o /build/hack-browser-data-windows-4.0-amd64.exe ./cmd/hack-browser-data
go: downloading github.com/urfave/cli/v2 v2.4.0
go: downloading github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db
# cd /source; git status --porcelain
fatal: unsafe repository ('/source' is owned by someone else)
To add an exception for this directory, call:
git config --global --add safe.directory /source
error obtaining VCS status: exit status 128
Use -buildvcs=false to disable VCS stamping.
......
here's my github actions script with crazy-max/ghaction-xgo
Hello I am running into this weird issue where it says go.mod not found, even though there's a go.mod in that folder
INFO: go.mod not found. Skipping go modules
INFO: Cross compiling github.com/coinbase/rosetta-cli package...
INFO: Docker run --rm -v /Users/madhurshrimal/go/src/github.com/coinbase/rosetta-cli:/build -v /var/folders/sc/0crln36d57j1zx_dkp18spn40000gn/T/xgo-cache:/deps-cache:ro -e REPO_REMOTE= -e REPO_BRANCH= -e PACK= -e DEPS= -e ARGS= -e OUT=rosetta-cli-0.7.0 -e FLAG_V=false -e FLAG_X=false -e FLAG_RACE=false -e FLAG_TAGS= -e FLAG_LDFLAGS= -e FLAG_BUILDMODE=default -e TARGETS=darwin/. windows/. linux/. -v /Users/madhurshrimal/go/src:/ext-go/1/src:ro -e EXT_GOPATH=/ext-go/1 ghcr.io/crazy-max/xgo:1.16 github.com/coinbase/rosetta-cli
Building locally github.com/coinbase/rosetta-cli...
Compiling for darwin-10.12/amd64...
go: go.mod file not found in current directory or any parent directory; see 'go help modules'
ERROR: Failed to cross compile package: exit status 1.
I am using xgo -go 1.16 --targets="darwin/*,windows/*,linux/*" -out "rosetta-cli-0.7.0" .
Just to add more clarity, It does work when I do xgo -go 1.16 --targets="darwin/*,windows/*,linux/*" -out "rosetta-cli-0.7.0" github.com/coinbase/rosetta-cli
but it doesn't work when I do that in current directory
Interestingly I was not getting this when I was using https://github.com/karalabe/xgo
The following error was encountered while building with go 1.18.x. Project structure: https://github.com/dnote/dnote
Command:
xgo -go 1.18.x -targets=linux/amd64 -ldflags '-X main.foo=bar' -tags fts5 -dest=/my/workspace/dnote/scripts/cli/../
../build/cli/linux-amd64 -pkg pkg/cli -x -v /my/workspace/dnote/scripts/cli/../..
Output:
...
Building /source/go.mod...
Compiling for linux/amd64...
+ CC=x86_64-linux-gnu-gcc
+ CXX=x86_64-linux-gnu-g++
+ GOOS=linux
+ GOARCH=amd64
+ CGO_ENABLED=1
+ go build -v -x --tags fts5 '--ldflags=-v -X -X main.foo=bar' -o /build/github.com/dnote/dnote-linux-amd64 ./pkg/cli
WORK=/tmp/go-build2750829226
cd /source
git status --porcelain
# cd /source; git status --porcelain
fatal: not a git repository: /source/../.git/modules/dnote
error obtaining VCS status: exit status 128
Use -buildvcs=false to disable VCS stamping.
Any ideas for a way forward?
Can we please introduce parallel build jobs, in order to speed up long sequences of multi-target builds?
For example, a default of 2-4 concurrent Docker runs would dramatically accelerate xgo runs, without breaking the average dev host.
I'm getting these errors when cross compiling to darwin using the latest 1.16 docker image:
/osxcross/target/bin/../SDK/MacOSX11.1.sdk/usr/include/os/availability.h:105:33: note: expanded from macro 'API_UNAVAILABLE_END'
#define API_UNAVAILABLE_END _Pragma("clang attribute pop")
I'd read it could be that the version of clang being used is too old to support new pragmas. Any ideas?
How can I specify the GCC version?
The logs don't give much insight.
Here is what I've tried:
xgo --targets='windows/*' .
This builds amd64 and 386.
xgo -v --targets='windows/arm64' .
This one finishes without doing a build:
INFO: Checking for required docker image ghcr.io/crazy-max/xgo:latest...
not found!
INFO: Pulling ghcr.io/crazy-max/xgo:latest from docker registry...
latest: Pulling from crazy-max/xgo
Digest: sha256:09cec1384666f81150304ab86fca2c95d5f31a5fdaae2604c8e7eaa4a2b4a4b8
Status: Image is up to date for ghcr.io/crazy-max/xgo:latest
ghcr.io/crazy-max/xgo:latest
DBG: config: &{Repository:. Package: Prefix: Remote: Branch: Dependencies: Arguments: Targets:[windows/arm64]}
DBG: flags: &{Verbose:true Steps:false Race:false Tags: LdFlags: Mode:default VCS:}
INFO: Cross compiling . package...
INFO: Docker run --rm -v /home/user/proj:/build -v /tmp/xgo-cache:/deps-cache:ro -e REPO_REMOTE= -e REPO_BRANCH= -e PACK= -e DEPS= -e ARGS= -e OUT= -e FLAG_V=true -e FLAG_X=false -e FLAG_RACE=false -e FLAG_TAGS
= -e FLAG_LDFLAGS= -e FLAG_BUILDMODE=default -e FLAG_BUILDVCS= -e TARGETS=windows/arm64 -e GO111MODULE=on -v /home/user/go:/go -v /home/user/proj:/source ghcr.io/crazy-max/xgo:latest .
Building /source/go.mod...
Cleaning up build environment...
INFO: Completed!
It looks like that fork supports more platforms? I would be interested in hearing about the differences.
How do I get xgo to first run the bootstrap step of libyara (https://yara.readthedocs.io/en/stable/gettingstarted.html) for compiling the CGO dependency https://github.com/hillu/go-yara/blob/master/README.cross-building.md
set -goproxy https://goproxy.cn
but still got # get https://proxy.golang.org/github...
Hello, since the new release yesterday I have this issue for my golang project:
My project compiles locally without any problem but does not work with xgo 0.6.6. I've been using your project for 3 months and I never had any problem with it before.
Here is the link of the project in case you want to try: https://github.com/EwenQuim/renpy-graphviz
Please add support for ppc64le, thank you
The latest release files don't contain the xgo_<version>_linux_x86_64.tar.gz
file.
It was present in 0.23 but not in 0.24. I noticed this because https://github.com/crazy-max/ghaction-xgo looks for it, and the workflow fails when its not present.
Hi,
I enjoy using xgo to build my MIDI application :)
I would like to add support for more Linux architectures. Can we please publish xgo images for more architectures?
I have made a tool to assist with multiarch Docker images:
How can I mount the current directory rather than being forced to use a repo URL?
I have statically compiled assets, but xgo does not mount the current directory.
Hi, thanks for your great work. I'm trying to cross-compile blockchain repositories to Android libraries. Most of them are written in Go with C/C++ dependencies. I checked out the Dockerfile in this xgo repo, it seems this xgo can cross-compile the blockchain repositories for arm architecture, but not for specific usage on the Android.
The cross-compile for Android usually involves Android NDK during the compilation process. Do you plan to add this part soon in the future or you already add that part? Thanks.
Start build with xgo ....
Stop running command after a few secounds with ctrl + c
Docker Container is still building in background.
使用mac ventura 13.2交叉编译本地项目报错,是什么问题,有解决方案吗?
(Cross-compiling local projects with mac ventura 13.2 occurs an error. What is the problem and is there a solution?)
·> xgo -targets=linux/amd64 -tags='nodb2' ./cmd/tool/encrypt.go
INFO: Starting xgo/dev
INFO: Checking docker installation...
Client: Docker Engine - Community
Version: 23.0.0
API version: 1.41 (downgraded from 1.42)
Go version: go1.19.5
Git commit: e92dd87c32
Built: Tue Jan 31 16:45:07 2023
OS/Arch: darwin/arm64
Context: default
Server: Docker Desktop 4.16.2 (95914)
Engine:
Version: 20.10.22
API version: 1.41 (minimum version 1.12)
Go version: go1.18.9
Git commit: 42c8b31
Built: Thu Dec 15 22:25:43 2022
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.6.14
GitCommit: 9ba4b250366a5ddde94bb7c9d1def331423aa323
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
INFO: Checking for required docker image ghcr.io/crazy-max/xgo:latest...
INFO: Docker image found!
DBG: config: &{Repository:./cmd/tool/encrypt.go Package: Prefix: Remote: Branch: Dependencies: Arguments: Targets:[linux/amd64]}
DBG: flags: &{Verbose:false Steps:false Race:false Tags:nodb2 LdFlags: Mode:default VCS: TrimPath:false}
INFO: Cross compiling ./cmd/tool/encrypt.go package...
INFO: Completed!
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x28 pc=0x1010ed298]
goroutine 1 [running]:
main.compile({0x14000094000, 0x1c}, 0x140000a4000, 0x14000092050, {0x14000028084, 0x3c})
/Users/engfall/Documents/90-Develop/go-src/pkg/mod/github.com/crazy-max/[email protected]/xgo.go:333 +0xc48
main.main()
/Users/engfall/Documents/90-Develop/go-src/pkg/mod/github.com/crazy-max/[email protected]/xgo.go:188 +0x920
xgcc .
Hello, I wrote an Alibaba Cloud image container and software based on your xgo, please forgive me if I have offended you
Hi and thx for the great tool!
Currently the go application contains only main
package that directly reads command line args and outputs to stdout.
If one wants to re-use it in inside an own go build application its impossible to do
It would be nice to decompose to
pkg
with the all the logic:
Build
function that accepts the configs and optional logger and returns error
main
package that
Build
from pkg
connecting logger to stdout and prints an error if anyThe resulting behavior will not change, but it will be possible to reuse pkg
in other tools
I made the changes in a separate repo at the moment: https://github.com/cardinalby/xgo-as-library, but would like to create a PR to implement it inside your repo instead if you like the idea
If GOPATH contains multiple colon-separated paths, xgo fails because the bind mount is invalid.
For example, the default GOPATH in CircleCI's ubuntu-2204:2023.07.2 machine image is /home/circleci/.go_workspace:/usr/local/go_workspace
. xgo generates a parameter to docker of -v /home/circleci/.go_workspace:/usr/local/go_workspace:/go
, resulting in a error, docker: Error response from daemon: invalid mode: /go.
without use docker, go mod would use the $GOPATH/pkg/mod/cache, I haven't figure out how to config to surport it with docker yet.
so how to config to reuse the cache otherwise go download package everytime?
Android and ios don't support it
/usr/local/go/pkg/tool/linux_arm64/link: running x86_64-linux-gnu-gcc failed: exit status 1 /usr/lib/gcc-cross/x86_64-linux-gnu/9/../../../../x86_64-linux-gnu/bin/ld: cannot find /usr/lib/x86_64-linux-gnu/libm-2.31.a /usr/lib/gcc-cross/x86_64-linux-gnu/9/../../../../x86_64-linux-gnu/bin/ld: cannot find /usr/lib/x86_64-linux-gnu/libmvec.a
I discovered by looking inside the Docker container, that the relevant libraries were located in /usr/x86_64-linux-gnu/lib/
Tried a few things to fix, but ended up with modifying the Dockerfile and adding this near the end:
RUN ln -s /usr/x86_64-linux-gnu/lib/* /usr/lib/x86_64-linux-gnu/
Seems a bit clunky but works...
Excuse me, will the image be cleaned up after every compilation?
sed -i "s|ghcr.io/crazy-max/xgo|registry.cn-hangzhou.aliyuncs.com/xrsec/xgo|g" xgo.go
I only modified this part
I compile a go application which uses sqlite and treesitter native libraries. It all works fine on other platforms but the arm64 binaries for the new Macs gets immediately killed. The x86 darwin version works fine on the arm Mac.
I somewhere read that static binaries do not work on on the arm Macs.
Is there some specific option I have to set to get this working?
ipsw macho info mzbinary-darwin-arm64
Magic = 64-bit MachO
Type = EXECUTE
CPU = AARCH64, ARM64
Commands = 25 (Size: 3616)
Flags = NoUndefs, DyldLink, TwoLevel, WeakDefines, BindsToWeak, PIE
000: LC_SEGMENT_64 sz=0x00000000 off=0x00000000-0x00000000 addr=0x000000000-0x100000000 ---/--- __PAGEZERO
001: LC_SEGMENT_64 sz=0x0112c000 off=0x00000000-0x0112c000 addr=0x100000000-0x10112c000 r-x/r-x __TEXT
sz=0x00abe478 off=0x00003b10-0x00ac1f88 addr=0x100003b10-0x100ac1f88 __TEXT.__text PureInstructions|SomeInstructions
sz=0x00000a68 off=0x00ac1f88-0x00ac29f0 addr=0x100ac1f88-0x100ac29f0 __TEXT.__stubs PureInstructions|SomeInstructions (SymbolStubs)
sz=0x00000a68 off=0x00ac29f0-0x00ac3458 addr=0x100ac29f0-0x100ac3458 __TEXT.__stub_helper PureInstructions|SomeInstructions
sz=0x004a1438 off=0x00ac3460-0x00f64898 addr=0x100ac3460-0x100f64898 __TEXT.__rodata
sz=0x00000078 off=0x00f64898-0x00f64910 addr=0x100f64898-0x100f64910 __TEXT.__objc_methname
(CstringLiterals)
sz=0x001b9678 off=0x00f64910-0x0111df88 addr=0x100f64910-0x10111df88 __TEXT.__const
sz=0x0000c50a off=0x0111df88-0x0112a492 addr=0x10111df88-0x10112a492 __TEXT.__cstring
(CstringLiterals)
sz=0x00000470 off=0x0112a494-0x0112a904 addr=0x10112a494-0x10112a904 __TEXT.__gcc_except_tab
sz=0x00001628 off=0x0112a904-0x0112bf2c addr=0x10112a904-0x10112bf2c __TEXT.__unwind_info
sz=0x000000b4 off=0x0112bf30-0x0112bfe4 addr=0x10112bf30-0x10112bfe4 __TEXT.__eh_frame
002: LC_SEGMENT_64 sz=0x009c4000 off=0x0112c000-0x01af0000 addr=0x10112c000-0x101af0000 rw-/rw- __DATA_CONST ReadOnly
sz=0x00000058 off=0x0112c000-0x0112c058 addr=0x10112c000-0x10112c058 __DATA_CONST.__got
(NonLazySymbolPointers)
sz=0x00000008 off=0x0112c058-0x0112c060 addr=0x10112c058-0x10112c060 __DATA_CONST.__mod_init_func
(ModInitFuncPointers)
sz=0x00005910 off=0x0112c060-0x01131970 addr=0x10112c060-0x101131970 __DATA_CONST.__const
sz=0x00000008 off=0x01131970-0x01131978 addr=0x101131970-0x101131978 __DATA_CONST.__objc_imageinfo
sz=0x0052e230 off=0x01131980-0x0165fbb0 addr=0x101131980-0x10165fbb0 __DATA_CONST.__rodata
sz=0x000049a4 off=0x0165fbc0-0x01664564 addr=0x10165fbc0-0x101664564 __DATA_CONST.__typelink
sz=0x00001898 off=0x01664580-0x01665e18 addr=0x101664580-0x101665e18 __DATA_CONST.__itablink
sz=0x00000000 off=0x01665e18-0x01665e18 addr=0x101665e18-0x101665e18 __DATA_CONST.__gosymtab
sz=0x00489590 off=0x01665e20-0x01aef3b0 addr=0x101665e20-0x101aef3b0 __DATA_CONST.__gopclntab
003: LC_SEGMENT_64 sz=0x00160000 off=0x01af0000-0x01c50000 addr=0x101af0000-0x101c9c000 rw-/rw- __DATA
sz=0x000006f0 off=0x01af0000-0x01af06f0 addr=0x101af0000-0x101af06f0 __DATA.__la_symbol_ptr
(LazySymbolPointers)
sz=0x00000040 off=0x01af06f0-0x01af0730 addr=0x101af06f0-0x101af0730 __DATA.__objc_selrefs NoDeadStrip (LiteralPointers)
sz=0x00000010 off=0x01af0730-0x01af0740 addr=0x101af0730-0x101af0740 __DATA.__objc_classrefs NoDeadStrip
sz=0x00001260 off=0x01af0740-0x01af19a0 addr=0x101af0740-0x101af19a0 __DATA.__go_buildinfo
sz=0x00099ba0 off=0x01af19a0-0x01b8b540 addr=0x101af19a0-0x101b8b540 __DATA.__noptrdata
sz=0x000c13f8 off=0x01b8b540-0x01c4c938 addr=0x101b8b540-0x101c4c938 __DATA.__data
sz=0x0003d3e0 off=0x00000000-0x0003d3e0 addr=0x101c4c940-0x101c89d20 __DATA.__bss
(Zerofill)
sz=0x0000e870 off=0x00000000-0x0000e870 addr=0x101c89d20-0x101c98590 __DATA.__noptrbss
(Zerofill)
sz=0x00000020 off=0x00000000-0x00000020 addr=0x101c98590-0x101c985b0 __DATA.__common
(Zerofill)
004: LC_SEGMENT_64 sz=0x00201e92 off=0x01c50000-0x01e51e92 addr=0x101c9c000-0x101e9de92 r--/r-- __LINKEDIT
005: LC_DYLD_INFO_ONLY
Rebase info: 54752 bytes at offset: 0x01C50000 -> 0x01C5D5E0
Bind info: 712 bytes at offset: 0x01C5D5E0 -> 0x01C5D8A8
Weak info: 72 bytes at offset: 0x01C5D8A8 -> 0x01C5D8F0
Lazy info: 4656 bytes at offset: 0x01C5D8F0 -> 0x01C5EB20
Export info: 14968 bytes at offset: 0x01C5EB20 -> 0x01C62598
006: LC_SYMTAB Symbol offset=0x01C6BC98, Num Syms: 29509, String offset=0x01CDF808-0x01E10718
007: LC_DYSYMTAB
Local Syms: 28568 at 0
External Syms: 705 at 28568
Undefined Syms: 236 at 29273
TOC: No
Modtab: No
External symtab Entries: None
Indirect symtab Entries: 455 at 0x01cdf0e8
External Reloc Entries: None
Local Reloc Entries: None
008: LC_LOAD_DYLINKER /usr/lib/dyld
009: LC_UUID F488848D-1E55-3D09-8B69-7659721A80AF
010: LC_BUILD_VERSION Platform: macOS, SDK: 11.3.0, Tool: ld (609.0.0)
011: LC_SOURCE_VERSION 0.0.0.0.0
012: LC_MAIN Entry Point: 0x000000000006f400, Stack Size: 0x0
013: LC_LOAD_DYLIB /usr/lib/libc++.1.dylib (905.6.0)
014: LC_LOAD_DYLIB /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation (1775.118.101)
015: LC_LOAD_DYLIB /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa (23.0.0)
016: LC_LOAD_DYLIB /usr/lib/libobjc.A.dylib (228.0.0)
017: LC_LOAD_DYLIB /usr/lib/libresolv.9.dylib (1.0.0)
018: LC_LOAD_DYLIB /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation (1775.118.101)
019: LC_LOAD_DYLIB /System/Library/Frameworks/Security.framework/Versions/A/Security (59754.100.106)
020: LC_LOAD_DYLIB /usr/lib/libSystem.B.dylib (1292.100.5)
021: LC_LOAD_DYLIB /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit (2022.44.149)
022: LC_FUNCTION_STARTS offset=0x01c62598-0x01c6bc98 size=38656
023: LC_DATA_IN_CODE offset=0x01c6bc98-0x01c6bc98 size= 0 entries=0
024: LC_CODE_SIGNATURE offset=0x01e10720-0x01e51e92 size=268146
https://github.com/burrowers/garble
Are you interested in creating a new repository for golang code obfuscation? I took a look and it's quite simple.
docker version: 20.10.14
xgo: v0.14.0
Description:
It will fail to detect local docker image even the specific image is already pulled.
The code for detect image is :
// Checks whether a required docker image is available locally.
func checkDockerImage(image string) (bool, error) {
log.Printf("INFO: Checking for required docker image %s... ", image)
out, err := exec.Command("docker", "images", "--no-trunc").Output()
if err != nil {
return false, err
}
return bytes.Contains(out, []byte(image)), nil
}
The commandline "docker images --no-trunc"
just print like:
root@pc:~# docker images --no-trunc
REPOSITORY TAG IMAGE ID CREATED SIZE
ghcr.io/crazy-max/xgo 1.18.0 sha256:2e01e5d9dde575e3177e6f588c5ce0ee0864a776a37bcae6b00ebd2f08ad5428 4 days ago 6.86GB
crazymax/xgo 1.18.0 sha256:2e01e5d9dde575e3177e6f588c5ce0ee0864a776a37bcae6b00ebd2f08ad5428 4 days ago 6.86GB
crazymax/xgo 1.18.1 sha256:239d9ed01b68d93bfc01c7470e7434bba191bebce75601c36781f77d70c0ec0e 5 days ago 6.86GB
crazymax/xgo latest sha256:239d9ed01b68d93bfc01c7470e7434bba191bebce75601c36781f77d70c0ec0e 5 days ago 6.86GB
ghcr.io/crazy-max/xgo 1.18.1 sha256:239d9ed01b68d93bfc01c7470e7434bba191bebce75601c36781f77d70c0ec0e 5 days ago 6.86GB
ghcr.io/crazy-max/xgo latest sha256:239d9ed01b68d93bfc01c7470e7434bba191bebce75601c36781f77d70c0ec0e 5 days ago 6.86GB
mplatform/mquery latest sha256:64a87e5779c93cfea95699e8c3c10734a4a2adbf9f59cec6665ca2b2b325bda9 4 months ago 6.95MB
root@pc:~#
The value of argument "image"
for this function is like "ghcr.io/crazy-max/xgo:1.18.1"
. It always led to a failure while finding string in lines above. The output of "docker images --no-trunc"
is inappropriate to compare strings with argument "image"
.
Just making a little alteration, "docker images --format "{{.Repository}}:{{.Tag}}" ghcr.io/crazy-max/xgo:1.18.1"
. It will print like this if the specific image was pulled.
root@pc:~# docker images --format "{{.Repository}}:{{.Tag}}" ghcr.io/crazy-max/xgo:1.18.1
ghcr.io/crazy-max/xgo:1.18.1
root@pc:~#
And it will print nothing while the specific image is not in local.
root@pc:~# docker images --format "{{.Repository}}:{{.Tag}}" ghcr.io/crazy-max/xgo:1.19.0
root@pc:~#
Just a little alteration for code
// Checks whether a required docker image is available locally.
func checkDockerImage(image string) (bool, error) {
log.Printf("INFO: Checking for required docker image %s... ", image)
out, err := exec.Command("docker", "images", "--format", "\"{{.Repository}}:{{.Tag}}\"", image).Output()
if err != nil || len(out) == 0 {
return false, err
}
return true, nil
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.