Utilizing these supported package manifest formats will net some free security auditing.
For example, I know I'm currently installing some things using pip install <pkgname> via dockerfile RUN commands -- I should convert those to pip install -r /requirements.txt and move the deps into the requirements file.
Utilizing these supported package manifest formats will net some free security auditing.
For example, I know I'm currently installing some things using
pip install <pkgname>via dockerfileRUNcommands -- I should convert those topip install -r /requirements.txtand move the deps into the requirements file.