{"id":20148291,"url":"https://github.com/chainguard-dev/text4shell-policy","last_synced_at":"2025-05-06T22:30:46.785Z","repository":{"id":61621129,"uuid":"553199087","full_name":"chainguard-dev/text4shell-policy","owner":"chainguard-dev","description":"ClusterImagePolicy demo for cve-2022-42889 text4shell  ","archived":true,"fork":false,"pushed_at":"2023-06-21T11:06:51.000Z","size":2725,"stargazers_count":4,"open_issues_count":1,"forks_count":1,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-03-17T15:58:30.955Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chainguard-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-10-17T21:49:13.000Z","updated_at":"2024-03-10T21:00:23.000Z","dependencies_parsed_at":"2023-02-02T20:46:10.446Z","dependency_job_id":null,"html_url":"https://github.com/chainguard-dev/text4shell-policy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Ftext4shell-policy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Ftext4shell-policy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Ftext4shell-policy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Ftext4shell-policy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chainguard-dev","download_url":"https://codeload.github.com/chainguard-dev/text4shell-policy/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252778858,"owners_count":21802839,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T22:36:47.348Z","updated_at":"2025-05-06T22:30:46.183Z","avatar_url":"https://github.com/chainguard-dev.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Text4Shell Demo\nThis demo shows how you can use Sigstore to validate your signed SBOMs against text4shell policies in Kubernetes or on the command line\n\n## Option 1: Check if your remote OCI image is affected using cue with cosign 2.0\n```\ncosign verify-attestation --policy policy/text4shell.cue --type https://cyclonedx.org/bom --certificate-identity-regexp=.* --certificate-oidc-issuer-regexp=.* ghcr.io/chainguard-dev/text4shell-policy:main\n```\n\n## Option 2: Check using Enforce for Kubernetes with image built from this repo\n```\nchainctl policies create --group $DEMO_GROUP -f policy/text4shell-policy.yaml\nkubectl label ns default policy.sigstore.dev/include=true --overwrite\nkubectl run text4shell --image=ghcr.io/chainguard-dev/text4shell-policy:main\n```\n![text4shell diagnostic](https://user-images.githubusercontent.com/9351962/196332575-2ac25720-0262-4768-8854-615fb6f3c686.png)\n\n### Clean Up\n```\nkubectl delete pod text4shell --grace-period=0\nchainctl policy delete -y $(chainctl policy list -o json | jq -r '[.items[] | select(.name == \"vuln-cve-2022-42889-text4shell\")][0].id')\nkubectl label ns default policy.sigstore.dev/include-\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainguard-dev%2Ftext4shell-policy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchainguard-dev%2Ftext4shell-policy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainguard-dev%2Ftext4shell-policy/lists"}