-
Notifications
You must be signed in to change notification settings - Fork 0
Current Status
dev-mondoshawan edited this page May 18, 2026
·
1 revision
Last updated: 2026-05-18
- Core scan workflow and report generation are stable.
- Docker runtime is hardened with a multi-stage image and reduced runtime footprint.
- Container scanning policy now blocks non-base
critical/highfindings in CI.
- Remaining container CVEs are currently inherited from base image supply chain packages.
- Base-image policy and review cadence are documented in
docs/SECURITY_CONTAINER_ALLOWLIST.mdin the main repo. - Medusa is intentionally treated as optional in runtime containers until upstream dependency risk is resolved.
- GitHub Actions billing/spend limit must be active.
- Repository secrets must be configured:
SNYK_TOKENSNYK_ORG
After billing and secrets are in place, run Counterscarp Security Audit on main and confirm:
- tests and lint jobs execute,
- container guardrail runs and enforces policy,
- advisory scan artifact uploads successfully.
Scarpshield Wiki (Counterscarp Engine)
- Home
- Current Status
- Getting Started
- CLI Reference
- Configuration
- Web App Guide
- Deployment
- Report Formats
- Rules Catalog
- Architecture
- Plugin Development
- Contributing
- Security & Licensing
- Pricing & Pro Features
- FAQ & Troubleshooting
GitHub Repo | Web App | PyPI