{"id":2988678,"url":"https://github.com/baidu-security/app-env-docker","last_synced_at":"2026-01-12T09:26:14.392Z","repository":{"id":29484075,"uuid":"121824671","full_name":"baidu-security/app-env-docker","owner":"baidu-security","description":"基于 Docker 的真实应用测试环境","archived":false,"fork":false,"pushed_at":"2023-08-14T22:05:25.000Z","size":129732,"stargazers_count":263,"open_issues_count":5,"forks_count":50,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-08-09T23:49:16.113Z","etag":null,"topics":["docker","openrasp","security"],"latest_commit_sha":null,"homepage":"https://rasp.baidu.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/baidu-security.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-02-17T03:37:03.000Z","updated_at":"2025-08-07T12:22:34.000Z","dependencies_parsed_at":"2024-06-20T08:37:55.217Z","dependency_job_id":null,"html_url":"https://github.com/baidu-security/app-env-docker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/baidu-security/app-env-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/baidu-security%2Fapp-env-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/baidu-security%2Fapp-env-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/baidu-security%2Fapp-env-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/baidu-security%2Fapp-env-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/baidu-security","download_url":"https://codeload.github.com/baidu-security/app-env-docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/baidu-security%2Fapp-env-docker/sbom","scorecard":{"id":223830,"data":{"date":"2025-08-11","repo":{"name":"github.com/baidu-security/app-env-docker","commit":"33854e17cc9bba2d006234353394499ab91ceea8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.6,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 1/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"27 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2023-120 / GHSA-45c4-8wx5-qw6w","Warn: Project is vulnerable to: PYSEC-2024-24 / GHSA-5h86-8mv2-jq9f","Warn: Project is vulnerable to: GHSA-5m98-qgg9-wh84","Warn: Project is vulnerable to: GHSA-7gpw-8wmc-pm8g","Warn: Project is vulnerable to: GHSA-8495-4g3g-x7pr","Warn: Project is vulnerable to: PYSEC-2024-26 / GHSA-8qpw-xqxj-h4r2","Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj","Warn: Project is vulnerable to: PYSEC-2023-246 / GHSA-gfw2-4jvh-wgfg","Warn: Project is vulnerable to: GHSA-pjjw-qhg8-p2p9","Warn: Project is vulnerable to: PYSEC-2023-250 / GHSA-q3qx-c6g2-7pw2","Warn: Project is vulnerable to: PYSEC-2023-251 / GHSA-qvrw-v9rv-5rjx","Warn: Project is vulnerable to: PYSEC-2021-76 / GHSA-v6wp-4m6f-gcjg","Warn: Project is vulnerable to: PYSEC-2023-247 / GHSA-xx9p-xxvh-7g8j","Warn: Project is vulnerable to: PYSEC-2019-41 / GHSA-qfc5-mcwq-26q8","Warn: Project is vulnerable to: GHSA-v9hf-5j83-6xpp","Warn: Project is vulnerable to: PYSEC-2020-176 / GHSA-3pqx-4fqf-j49f","Warn: Project is vulnerable to: PYSEC-2020-96 / GHSA-6757-jp84-gxfx","Warn: Project is vulnerable to: PYSEC-2021-142 / GHSA-8q59-q68h-6hv4","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q","Warn: Project is vulnerable to: GHSA-753j-mpmx-qq6g","Warn: Project is vulnerable to: GHSA-7cx3-6m66-7c5m","Warn: Project is vulnerable to: GHSA-8w49-h785-mj3c","Warn: Project is vulnerable to: PYSEC-2023-75 / GHSA-hj3f-6gcp-jg8j","Warn: Project is vulnerable to: GHSA-qppv-j76h-2rpx","Warn: Project is vulnerable to: GHSA-w235-7p84-xx57"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: socks5/src/golang.org/x/net/http2/Dockerfile:9: pin your Docker image by updating ubuntu:trusty to ubuntu:trusty@sha256:64483f3496c1373bfd55348e88694d1c4d0c9b660dee6bfef5e12f43b9933b30","Warn: containerImage not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:5: pin your Docker image by updating golang:1.9 to golang:1.9@sha256:8b5968585131604a92af02f5690713efadf029cc8dad53f79280b87a80eb1354","Warn: containerImage not pinned by hash: src/activemq/5.13.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/axis2/1.6.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/centos6/Dockerfile:1: pin your Docker image by updating centos:centos6 to centos:centos6@sha256:a93df2e96e07f56ea48f215425c6f1673ab922927894595bb5c0ee4c5a955133","Warn: containerImage not pinned by hash: src/base/centos7/Dockerfile:1: pin your Docker image by updating centos:centos7 to centos:centos7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4","Warn: containerImage not pinned by hash: src/base/devtoolset-3/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/devtoolset-4/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/java6/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/java7/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/java8/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/jboss4.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/jboss5.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/jboss6.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/jboss7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/node8.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php5.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php5.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php5.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php5.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php7.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php7.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php7.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/php7.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/resin3.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/resin4.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/ruby2.2.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/rvm/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/static-tools/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/tomcat6.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/tomcat7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/tomcat8.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/base/ubuntu16/Dockerfile:1: pin your Docker image by updating ubuntu:16.04 to ubuntu:16.04@sha256:1f1a2d56de1d604801a9671f301190704c25d604a416f59e03c04f5c6ffee0d6","Warn: containerImage not pinned by hash: src/bash/4.0.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/bind/9.9.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/chanzhieps/6.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/cmseasy/5.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/codeignitor/2.1.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/codiad/2.8.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/dedecms/20140313/Dockerfile:1","Warn: containerImage not pinned by hash: src/dedecms/20180109/Dockerfile:1","Warn: containerImage not pinned by hash: src/discuz/7.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/discuz/x3.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/discuz/x3.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/discuz/x3.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/dnsmasq/2.76/Dockerfile:1","Warn: containerImage not pinned by hash: src/drupal/8.1.9/Dockerfile:1","Warn: containerImage not pinned by hash: src/drupal/8.3.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/ecshop/3.0.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/elasticsearch/1.1.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/elasticsearch/1.3.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/empirecms/7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/flink/1.14.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/freemarker/2.3.23/Dockerfile:1","Warn: containerImage not pinned by hash: src/git/1.8.3.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/goahead/3.6.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/google-authenticator/1.0.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/google-chrome/latest/Dockerfile:1","Warn: containerImage not pinned by hash: src/hadoop/2-current/Dockerfile:1","Warn: containerImage not pinned by hash: src/hdwiki/6.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/jenkins/1.636/Dockerfile:1","Warn: containerImage not pinned by hash: src/jenkins/2.121/Dockerfile:1","Warn: containerImage not pinned by hash: src/jolokia/1.3.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/joomla/3.7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/joomla/3.8.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/magento/2.0.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/magento/2.1.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/mallbuilder/5.8/Dockerfile:1","Warn: containerImage not pinned by hash: src/maxscale/1.4.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/metinfo/5.3.17/Dockerfile:1","Warn: containerImage not pinned by hash: src/metinfo/5.3.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/metinfo/6.0.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/mod_security/2.9.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/mod_wsgi/3.4-18/Dockerfile:1","Warn: containerImage not pinned by hash: src/mongodb/3.6.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/mysql/5.7.17/Dockerfile:1","Warn: containerImage not pinned by hash: src/nagios/xi-5.4.12/Dockerfile:1: pin your Docker image by updating centos:centos7 to centos:centos7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4","Warn: containerImage not pinned by hash: src/neo4j-community/3.3.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/net-snmp/5.7.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/node-express/4.13.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/node-serialize/0.0.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/openldap/centos6/Dockerfile:1","Warn: containerImage not pinned by hash: src/openldap/centos7/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/all-in-one/Dockerfile:1: pin your Docker image by updating centos:centos6 to centos:centos6@sha256:a93df2e96e07f56ea48f215425c6f1673ab922927894595bb5c0ee4c5a955133","Warn: containerImage not pinned by hash: src/openrasp-buildenv/iast/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/java6/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/java8/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/panel/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php-ts/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php5.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php5.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php5.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php5.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php7.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php7.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos6-php7.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp-buildenv/php-centos7-php7.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/bwapp-master/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/dvwa-master/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/iast/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/panel/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php5.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php5.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php5.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php5.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php7.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php7.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php7.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/php7.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/tomcat6.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/tomcat7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/tomcat8.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/openrasp/xvwa-master/Dockerfile:1","Warn: containerImage not pinned by hash: src/php-decoder/5.5.38/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpcms/9.6.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpcms/9.6.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpcms/9.6.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpdisk/7.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmailer/5.2.17/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmailer/5.2.21/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmelody/2.6.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmyadmin/3.5.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmyadmin/4.4.15.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmyadmin/4.8.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/phpmywind/5.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/redis/3.2.10/Dockerfile:1","Warn: containerImage not pinned by hash: src/redis/4.0.13/Dockerfile:1","Warn: containerImage not pinned by hash: src/redis/5.0.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/richfaces/3.3.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/rssh/2.3.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/rsync/3.0.9/Dockerfile:1","Warn: containerImage not pinned by hash: src/ruby-rails/4.0.8/Dockerfile:1","Warn: containerImage not pinned by hash: src/seacms/6.45/Dockerfile:1","Warn: containerImage not pinned by hash: src/shiro/1.2.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/smarty/3.1.20/Dockerfile:1","Warn: containerImage not pinned by hash: src/snmpd/5.7.2/Dockerfile:1","Warn: containerImage not pinned by hash: src/solr/7.0.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/splunk/7.0.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/spring-cloud-config/2.0.10/Dockerfile:1","Warn: containerImage not pinned by hash: src/spring-data-commons/2.0.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/spring-messaging/5.0.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/spring-security-oauth2/2.0.10/Dockerfile:1","Warn: containerImage not pinned by hash: src/springboot/1.2.5/Dockerfile:1","Warn: containerImage not pinned by hash: src/struts/2.3.20/Dockerfile:1","Warn: containerImage not pinned by hash: src/struts/2.5.10/Dockerfile:1","Warn: containerImage not pinned by hash: src/struts/2.5.12/Dockerfile:1","Warn: containerImage not pinned by hash: src/subversion/1.7.14/Dockerfile:1","Warn: containerImage not pinned by hash: src/thinkphp/2.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/thinkphp/3.2.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/thinkphp/5.0.16/Dockerfile:1","Warn: containerImage not pinned by hash: src/tinyshop/2.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/tinyshop/3.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/topshop/2.0.8/Dockerfile:1","Warn: containerImage not pinned by hash: src/typecho/1.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/vbulletin/5.1.4/Dockerfile:1","Warn: containerImage not pinned by hash: src/weblogic/10.3.6/Dockerfile:1","Warn: containerImage not pinned by hash: src/weblogic/12.2.1.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/webwolf/8.0.0/Dockerfile:1","Warn: containerImage not pinned by hash: src/wordpress/4.6.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/wordpress/4.9.8/Dockerfile:1","Warn: containerImage not pinned by hash: src/xymon/4.3.21/Dockerfile:1","Warn: containerImage not pinned by hash: src/z-blog-php/1.5.1/Dockerfile:1","Warn: containerImage not pinned by hash: src/zabbix/2.2.10/Dockerfile:1","Warn: containerImage not pinned by hash: src/zentaopms/7.3/Dockerfile:1","Warn: containerImage not pinned by hash: src/zzcms/8.2/Dockerfile:1","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:14-15","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:19-20","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:24-25","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:29-30","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:34-35","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:39-40","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:44-45","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:49-50","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:54-55","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:59-60","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:64-65","Warn: goCommand not pinned by hash: socks5/src/golang.org/x/net/http2/h2demo/Dockerfile.0:68-128","Warn: downloadThenRun not pinned by hash: src/base/php5.3/Dockerfile:13-14","Warn: downloadThenRun not pinned by hash: src/base/php5.4/Dockerfile:13-14","Warn: downloadThenRun not pinned by hash: src/base/php5.5/Dockerfile:18-19","Warn: downloadThenRun not pinned by hash: src/base/php5.6/Dockerfile:34-35","Warn: downloadThenRun not pinned by hash: src/base/php7.0/Dockerfile:22-23","Warn: downloadThenRun not pinned by hash: src/base/php7.1/Dockerfile:22-23","Warn: downloadThenRun not pinned by hash: src/base/php7.2/Dockerfile:22-23","Warn: downloadThenRun not pinned by hash: src/base/php7.3/Dockerfile:22-23","Warn: downloadThenRun not pinned by hash: src/base/php7.4/Dockerfile:22-23","Warn: downloadThenRun not pinned by hash: src/base/rvm/Dockerfile:5-7","Warn: npmCommand not pinned by hash: src/node-express/4.13.1/Dockerfile:10-12","Warn: npmCommand not pinned by hash: src/node-serialize/0.0.4/Dockerfile:5-7","Warn: pipCommand not pinned by hash: src/openrasp-buildenv/iast/Dockerfile:34","Warn: pipCommand not pinned by hash: src/openrasp-buildenv/iast/Dockerfile:38-39","Warn: pipCommand not pinned by hash: src/openrasp/iast/Dockerfile:6","Warn: pipCommand not pinned by hash: src/springboot/1.2.5/Dockerfile:19","Warn: pipCommand not pinned by hash: src/openrasp/iast/start.sh:17","Info:   0 out of 168 containerImage dependencies pinned","Info:   1 out of  13 goCommand dependencies pinned","Info:   0 out of  10 downloadThenRun dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned","Info:   0 out of   5 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-17T03:12:13.664Z","repository_id":29484075,"created_at":"2025-08-17T03:12:13.664Z","updated_at":"2025-08-17T03:12:13.664Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28337713,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T06:09:07.588Z","status":"ssl_error","status_checked_at":"2026-01-12T06:05:18.301Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","openrasp","security"],"created_at":"2024-01-31T03:26:14.949Z","updated_at":"2026-01-12T09:26:14.376Z","avatar_url":"https://github.com/baidu-security.png","language":"Go","funding_links":[],"categories":["LLM分析过程","TSQL","Go (531)","Go"],"sub_categories":[],"readme":"# app-env-docker\n\n基于 Docker 的真实应用测试环境。我们构建这个仓库是为了验证防护效果，并补充到 [CVE 漏洞覆盖说明](https://rasp.baidu.com/doc/usage/cve.html) 里。和网上已有的 [vulhub](https://github.com/vulhub/vulhub)、[vulapps](https://github.com/Medicean/VulApps) 相比，我们不同之处在于:\n\n1. 下载的资源存储在 [https://packages.baidu.com/app/](https://packages.baidu.com/app/)，国内下载快\n2. 完全基于 `Dockerfile`，执行 `make` 启动环境，可定制化强但是首次安装慢\n3. 专注 Web 漏洞，覆盖漏洞更多；可用于扫描器开发或者 OpenRASP 漏洞测试\n4. 使用改造过的 [socks5](socks5/) 代理自动转发请求，比修改DNS方式安全\n\n其他说明文档\n\n* [环境列表 - src](src)\n* [编码规范 - wiki](https://github.com/baidu-security/app-env-docker/wiki)\n\n## 使用方法\n\n构建，并启动指定应用，e.g\n\n```\nmake -C src/zzcms/8.2\n```\n\n启动后，会直接进入一个 bash shell，可以使用 curl 测试应用是否正常，e.g\n\n```\n[ubuntu-server: /share/docker]\n# make -C src/seacms/6.45/\nmake: Entering directory '/share/docker/src/seacms/6.45'\ndocker build -t openrasp/seacms:6.45 .\nSending build context to Docker daemon 23.04 kB\nStep 1/14 : FROM openrasp/php5.4\n ---\u003e 0c8fc9d4a64a\n\n-- 精简掉的内容 --\n\nStep 14/14 : RUN chown mysql -R /var/lib/mysql\n ---\u003e Running in 586aa2f25f15\n ---\u003e 2bc8468709c0\nRemoving intermediate container 586aa2f25f15\nSuccessfully built 2bc8468709c0\ndocker run --rm -it openrasp/seacms:6.45\n[-] Starting Apache\nAH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message\n[-] Starting MariaDB\n[-] Waiting for MySQL to start ...\n[-] Accessing 127.0.0.1 for the first time\n[-] Dropping shell\n -  HostName:    f615004ffa66\n -  IP address:  172.17.0.2\n\n[OpenRASP] root@f615004ffa66:/var/www/html #\n```\n\n## 自动化代理方案\n\n### 方案1 - nginx proxy_pass 方式\n\n需要设置转发IP，适合每次只运行一个镜像的场景\n\n```\nserver {\n    listen 81;\n    location / {\n        proxy_set_header Host $http_host;\n        proxy_pass http://172.17.0.2;\n    }\n}\n```\n\n### 方案2 - PAC + xip.io 自动化代理方案\n\n具体请参考 [socks5/readme.md](socks5/readme.md)\n\n界面截屏如下\n\n![screen](socks5/contrib/screenshot.jpg)\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbaidu-security%2Fapp-env-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbaidu-security%2Fapp-env-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbaidu-security%2Fapp-env-docker/lists"}