Option to prevents containers from being online if they have a vulnerable package/library.

[Pikachubolk]

Hi, after recently seeing the news about React2Shell and alot of people self hosting their apps/sites through coolify, I thought it'd be nice to have a option which you can toggle which prevents & warns users if their build contains a vulnerable package or library.

And prevents the container from being online until the user updates the package.

Sorry if this was already a feature, as I didn't check.

[Cinzya]

Looks like there are even open source databases for vulnerabilities that could be utilized for this to automate this process: https://osv.dev

[Cinzya]

I'm kind of wondering how to handle cases where people might want to deploy apps with vulnerabilities purposefully and need an override for this feature.
(either people might not care, have a WAF or similar and place to already protect themselves, or they need more time to update a vulnerability before brining an app offline)

So I'm thinking of the following:

• Server / application wide override: Disable entirely per server or application
• Threat filter: only enable when the vulnerability is of a certain score

Would love to hear people's opinions on this and whether or not they want such settings per application or a server wide.