vulnerabilities

I note that there is a check whether the cluster is deployed into Azure Cloud .. see below.

I don't have a problem with that per se except that in a corporate environment I don't want to request a proxy whitelist exception with my CISO for an endpoint that we have no use for (http://www.azurespeed.com). Moreover, whilst this test will eventually timeout and the checks resume, it delays the pro

Context

• This is part of release-1.5 #148
• MEDIUM priority task

Tasks

• Remove dependency bcrypt-nodejs in package.json
• Add dependency bcrypt in package.json
• Migrate file app/data/user-dao.js to bcrypt
• Validate the instalation with the local test
• Add and submit the chang

Is this a request for help?: Yes

Is this a BUG REPORT or a FEATURE REQUEST? (choose one): FEATURE REQUEST

Can we add a option to allow the engine update vulnerabilities database through specific proxy ser

The current swagger definition is autogenerated. The automatically generated definitions rely on reflection and annotations to create the documentation. The reflection capabilities are poor at best and lead to missing API parameters. Annotations can help in some cases, but the only fix for Swagger is to create individual POJOs for every possible request. This will lead to unnecessary large number

OpenCVE update is great but sometime you could want to launch an import of the database manually.
Give OpenCVE the capability to do a opencve update-cve for example

Our current documentation for using templates points users to the JSON output to learn about what data is available to the template author. This is insufficient, because although it currently describes the correct shape of data, it leaves users guessing at the correct casing for field names.

A better source of truth than the JSON output is the