I believe that S6497: Using a container image based on its digest is security-sensitive advises users to do the opposite of what they should be doing, so I’ve created a topic requesting that the rule be changed: "S6497: Pulling an image based on its digest is security-sensitive" is harmful to security
1 Like