Skip to content

[FEATURE-011] Add End-of-Life warning analysis for Images #123

New issue
New issue
Open
Feature
Open
[FEATURE-011] Add End-of-Life warning analysis for Images#123
Feature
Labels
enhancementNew feature or request
@Almaz-KG

Description

@Almaz-KG
Almaz-KG
opened on Aug 28, 2025

Is your feature request related to a problem? Please describe.

Currently, users have no visibility into whether their images contain software or dependencies that are approaching or have reached end-of-life (EOL). This poses significant security and compliance risks as EOL software may contain unpatched vulnerabilities and security issues. Users need proactive warnings to identify and update images before they become security liabilities.

Describe the solution you'd like

Implement an End-of-Life warning system for images that:

  1. EOL Detection Engine: Integrate with [xeol-io']s-like scanning capabilities to analyze image layers and detect EOL software/dependencies

  2. Visual Indicators: Add EOL status badges and warnings in the Images page:

    • 🟡 Yellow badge for images approaching EOL (within 30 days)
    • 🔴 Red badge for images with EOL software
    • ⚠️ Warning icon for critical EOL packages

  3. EOL Details Panel: Expandable section showing:

    • List of EOL packages with their EOL dates
    • Severity levels (Critical, High, Medium, Low)
    • Recommended actions (update to specific versions)
    • Links to security advisories

  4. Bulk EOL Analysis: Allow users to scan multiple images simultaneously for EOL status

  5. EOL History: Track EOL status changes over time for compliance reporting

Additional context

  • Security Impact: EOL software is a major security risk factor in containerized environments
  • Compliance: Many organizations require tracking of EOL software for audit purposes
  • Integration: xeol-io provides excellent Go-based EOL detection that can be integrated via Tauri backend
  • Performance: EOL scanning should be async and non-blocking for large image collections
  • User Experience: Warnings should be actionable with clear next steps for remediation
  • Data Sources: Integrate with multiple EOL databases (NIST, vendor advisories, community sources)

Technical Implementation Notes:

  • Extend Image interface to include EOL status and package information
  • Add EOL scanning endpoints to Tauri backend
  • Implement caching for EOL scan results to avoid repeated API calls
  • Add EOL status to image filtering and sorting options
  • Consider implementing EOL scanning as a background task for large image collections

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions