How StackRox Analyzes Node JS images
Updated -
StackRox only looks at the package.json files of what’s actually deployed into the image.
For node.js, all installed dependencies will be in a node_modules
directory, and will have their own subdirectory, which contains a package.json
file. These package.json
files will have metadata for just the specific dependency that’s in their containing di...
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.