You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+1-9Lines changed: 1 addition & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,18 +13,10 @@ You define a list of allowed domains, and only connections to those domains are
13
13
14
14
## Why Use buildcage?
15
15
16
-
### The Problem
17
-
18
16
When you run `RUN npm install` or `RUN apt-get install` in a Dockerfile, these commands can connect to any server on the internet. **You have no visibility or control over where they connect.**
19
17
20
-
### Types of Supply Chain Threats
21
-
22
-
-**Supply chain attacks**: Malicious or compromised dependencies can make unauthorized outbound connections during builds (as seen in the event-stream incident)
23
-
-**Data exfiltration**: Environment variables, source code, or secrets could be sent to external servers during builds
24
-
-**Typosquatting attacks**: Installing a misspelled package name that redirects to attacker-controlled servers
25
-
-**Unauthorized tracking**: Analytics or telemetry sent without your consent
18
+
buildcage solves this by restricting outbound network access during builds to only the domains you explicitly allow.
0 commit comments