MODIFICATION OF A DOCKERFILE TO REPAIR VULNERABILITIES EXISTING IN THE DOCKERFILE

MODIFICATION OF A DOCKERFILE TO REPAIR VULNERABILITIES EXISTING IN THE DOCKERFILE

A method, computer program product, and computer system for repairing a Dockerfile. Library versions containing initial version numbers of libraries are extracted from the Dockerfile. A Monte Carlo tree search (MCTS) is executed, using the extracted library versions as input, which generates a tree...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Wang, Yong, Wang, Ye, Luo, Deng Xin, Yang, Xiang Yu, Yuan, Zhong Fang, Jia, Zhi Yong
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method, computer program product, and computer system for repairing a Dockerfile. Library versions containing initial version numbers of libraries are extracted from the Dockerfile. A Monte Carlo tree search (MCTS) is executed, using the extracted library versions as input, which generates a tree that includes multiple levels populated with noses. Each node in a level represents the generic library name of a library version in the Dockrerfile and an associated randomly selected version number. At least one of the randomly selected version numbers associated with at least one node in a level differs from the initial version number associated with a versionf. A best successful installation path is selected from the at least one successful installation path. The Dockerfile is repaired by inserting randomly selected version numbers into Dockerfile as replacements for some of the initial version numbers.