Secure policy

Prevent packages flagged for known vulnerabilities to be added to any registry.

The Secure policy prevents packages with known vulnerabilities to be added to any registry where the policy is enabled.

When this policy is enabled for a registry that also uses the vulnerability scanner plugin, any new packages will be scanned before this policy takes action (allowing or preventing the addition).

Use cases

  • Secure registries - Prevent packages with known vulnerabilities from being added to registries