Container scanning

[marwin1991]

Fixes #22

Introduce severity in name #16

Some small steps forward #11

I've proposed new object oriented model to represent vulnerability adjust to reports version 15.0.2

[marwin1991]

@angrymeir If you will find some time take a look at this change :)

[angrymeir]

As always, it's a true pleasure to browse through the code you write! :)

[angrymeir]

With json.dumps, the report (see below) is a bit difficult to read for humans (due to formatting), especially compared to the SAST report.

I'd suggest, we change the output to yaml, this way the report is easier to read for the human eye :)

import yaml
...
return yaml.dump(self._raw_object, width=1000, ident=4,sort_keys=False)

# Explanation:
# *width* needs to be set, as yaml otherwise inserts linebreaks after 80 characters which messes up the description and the urls
# *sort_keys* is True by default, which moves the description to the top and the links to the middle of the report

What do you think?

[marwin1991]

You are the BOSS!!! Super idea!

[angrymeir]

Cool, then once this is changed, we can merge :)

[marwin1991]

Done :)

[angrymeir]

Btw: You basically solved #11 with this PR

Only thing thats missing is versioning...So to decide whether we want to support multiple report versions or only the latest. And if so, a mechanism to check for breaking changes in the report formats ^^ (But thats a story for another day)

[marwin1991]

Btw: You basically solved #11 with this PR

Only thing thats missing is versioning...So to decide whether we want to support multiple report versions or only the latest. And if so, a mechanism to check for breaking changes in the report formats ^^ (But thats a story for another day)

Lastly I was reading about overenginnering and maybe we are to early in development process to define such hard to implement system?