Add limitations of container scanning

c18831a0 · dappelt · ngaskill · 1b3b056a · c18831a0
Commit c18831a0 authored Jun 15, 2020 by dappelt Committed by ngaskill Jun 24, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

doc/development/integrations/secure.md doc/development/integrations/secure.md +12 -0

No files found.
--- a/doc/development/integrations/secure.md
+++ b/doc/development/integrations/secure.md
@@ -575,3 +575,15 @@ remediation. `fixes[].id` contains a fixed vulnerability's [unique identifier](#

 The `diff` field is a base64-encoded remediation code diff, compatible with
 [`git apply`](https://git-scm.com/docs/git-format-patch#_discussion). This field is required.
+
+## Limitations
+
+### Container Scanning
+
+Container Scanning currently has these limitations:
+
+- Although the Security Dashboard can display scan results from multiple images, if multiple
+  vulnerabilities have the same fingerprint, only the first instance of that vulnerability is
+  displayed. We're working on removing this limitation. You can follow our progress on the issue
+  [Change location fingerprint for Container Scanning](https://gitlab.com/gitlab-org/gitlab/-/issues/215466).
+- Different scanners may each report the same vulnerability, resulting in duplicate findings.