Welcome | FAQ | Add Repo | Add Chart | Roadmap | Security Tab | Mitigation Notes | JFrog Container Registry
Attention: Deprecation Notice for Bintray, GoCenter, ChartCenter, and JCenter. Learn More
Explore the issues we're considering to add to the next version of ChartCenter:
Currently, chart maintainers can provide mitigation notes for the vulnerabilities provided on the security tab using a YAML file spec that allows them to tag individual CVE IDs. We're considering a more robust UI solution to allow maintainers to login and create these mitigation notes using modal windows where they can save their comments and see a log of old comments that may have been provided for the same CVE in the past.
The current inclusion process is done using a pull request process and can be found here. Our next goal is to provide maintainers the option of including helm charts from source -- allowing developers to push directly from their git repository straight into ChartCenter.
Issues that must be discussed include:
- Versioning Considerations
- Namespaces
- Verification
Another consideration for inclusion and namespaces includes how we should prioritize namespace reservations and whether maintainers want a 2nd tier verification process to signify that a namespace is an official one from the organization. We would provide extra assurance that an organization repository is owned by the business and perhaps show an official icon signifying this to be the case. The process for 2nd Tier inclusion needs to be discussed.