Skip to main content
Percher is still being built — you can try it out on a free account right now. Create a free account
Percher
← Changelog

Automatic security scanning

Percher now scans every app image for known vulnerabilities, surfaces them in your Security tab, and emails you only when something critical needs a fix.

Every image Percher builds is now scanned for known vulnerabilities, and your live apps keep getting re-scanned after they ship. So a CVE disclosed next week still reaches you.

Findings show up in your app's Security tab, ranked by what actually matters:

  • Red: a critical issue with a fix available, reachable from the

internet. Worth handling soon.

  • Yellow: fixable, but not critical or not exposed. Update when you're

ready.

  • Green: informational, or no fix released yet.

Each finding names the CVE, the affected package, and where it lives in your image, so you can tell at a glance whether it's your dependency or a build tool you can drop. Vulnerabilities in the base image and runtime Percher manages for you are handled on our side, never counted against your app.

We only email you about the red ones, with the fix version and a ready prompt for your AI assistant. Upgrade, redeploy, and the next scan clears it.