diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml
index 27c087b748..73f479e30a 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml
@@ -11,7 +11,9 @@ cname:
- docker scout cves
- docker scout enroll
- docker scout environment
+ - docker scout help
- docker scout integration
+ - docker scout policy
- docker scout quickview
- docker scout recommendations
- docker scout repo
@@ -23,7 +25,9 @@ clink:
- docker_scout_cves.yaml
- docker_scout_enroll.yaml
- docker_scout_environment.yaml
+ - docker_scout_help.yaml
- docker_scout_integration.yaml
+ - docker_scout_policy.yaml
- docker_scout_quickview.yaml
- docker_scout_recommendations.yaml
- docker_scout_repo.yaml
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
index 8e81045d93..825153c4c7 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
@@ -124,6 +124,17 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: only-metric
+ value_type: stringSlice
+ default_value: '[]'
+ description: |
+ Comma separated list of CVSS metrics (like AV:N or PR:L) to filter CVEs by
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: only-package
value_type: stringSlice
default_value: '[]'
@@ -176,6 +187,16 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: only-vex-affected
+ value_type: bool
+ default_value: "false"
+ description: Filter CVEs by VEX statements with status not affected
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: only-vuln-packages
value_type: bool
default_value: "false"
@@ -239,8 +260,8 @@ options:
value_type: bool
default_value: "false"
description: Apply VEX statements to filter CVEs
- deprecated: false
- hidden: false
+ deprecated: true
+ hidden: true
experimental: false
experimentalcli: false
kubernetes: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml
new file mode 100644
index 0000000000..48994c7238
--- /dev/null
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml
@@ -0,0 +1,23 @@
+command: docker scout help
+short: Display information about the available commands
+long: Display information about the available commands
+usage: docker scout help
+pname: docker scout
+plink: docker_scout.yaml
+inherited_options:
+ - option: debug
+ value_type: bool
+ default_value: "false"
+ description: Debug messages
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
+deprecated: false
+experimental: false
+experimentalcli: false
+kubernetes: false
+swarm: false
+
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml
index c1eba650e8..ac0e5642bc 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml
@@ -2,10 +2,21 @@ command: docker scout repo disable
short: Disable Docker Scout
long: |
The docker scout repo disable command disables Docker Scout on repositories.
-usage: docker scout repo disable REPOSITORY
+usage: docker scout repo disable [REPOSITORY]
pname: docker scout repo
plink: docker_scout_repo.yaml
options:
+ - option: all
+ value_type: bool
+ default_value: "false"
+ description: |
+ Disable all repositories of the organization. Can not be used with --filter.
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: filter
value_type: string
description: Regular expression to filter repositories by name
@@ -15,6 +26,15 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: integration
+ value_type: string
+ description: Name of the integration to use for enabling an image
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: org
value_type: string
description: Namespace of the Docker organization
@@ -44,6 +64,30 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+examples: |-
+ ### Disable a specific repository
+
+ ```console
+ $ docker scout repo disable my/repository
+ ```
+
+ ### Disable all repositories of the organization
+
+ ```console
+ $ docker scout repo disable --all
+ ```
+
+ ### Disable some repositories based on a filter
+
+ ```console
+ $ docker scout repo disable --filter namespace/backend
+ ```
+
+ ### Disable a repository from a specific registry
+
+ ```console
+ $ docker scout repo disable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com
+ ```
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml
index 516c7eb435..d93026e6fb 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml
@@ -1,10 +1,21 @@
command: docker scout repo enable
short: Enable Docker Scout
long: The docker scout repo enable command enables Docker Scout on repositories.
-usage: docker scout repo enable REPOSITORY
+usage: docker scout repo enable [REPOSITORY]
pname: docker scout repo
plink: docker_scout_repo.yaml
options:
+ - option: all
+ value_type: bool
+ default_value: "false"
+ description: |
+ Enable all repositories of the organization. Can not be used with --filter.
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: filter
value_type: string
description: Regular expression to filter repositories by name
@@ -14,6 +25,15 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: integration
+ value_type: string
+ description: Name of the integration to use for enabling an image
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: org
value_type: string
description: Namespace of the Docker organization
@@ -43,6 +63,30 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+examples: |-
+ ### Enable a specific repository
+
+ ```console
+ $ docker scout repo enable my/repository
+ ```
+
+ ### Enable all repositories of the organization
+
+ ```console
+ $ docker scout repo enable --all
+ ```
+
+ ### Enable some repositories based on a filter
+
+ ```console
+ $ docker scout repo enable --filter namespace/backend
+ ```
+
+ ### Enable a repository from a specific registry
+
+ ```console
+ $ docker scout repo enable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com
+ ```
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml
index df48a07b0b..486cc0888e 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml
@@ -42,6 +42,7 @@ options:
Output format:
- list: list of packages of the image
- json: json representation of the SBOM
+ - spdx: spdx representation of the SBOM
deprecated: false
hidden: false
experimental: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout.md b/_vendor/github.com/docker/scout-cli/docs/scout.md
index 93c6d45389..3cb23f2f0d 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout.md
@@ -17,6 +17,7 @@ Command line tool for Docker Scout
| [`cves`](scout_cves.md) | Display CVEs identified in a software artifact |
| [`enroll`](scout_enroll.md) | Enroll an organization with Docker Scout |
| [`environment`](scout_environment.md) | Manage environments (experimental) |
+| [`help`](scout_help.md) | Display information about the available commands |
| [`integration`](scout_integration.md) | Commands to list, configure, and delete Docker Scout integrations |
| [`policy`](scout_policy.md) | Evaluate policies against an image and display the policy evaluation results (experimental) |
| [`push`](scout_push.md) | Push an image or image index to Docker Scout (experimental) |
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
index f52c6332ab..b1f3e8b5d0 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
@@ -20,17 +20,18 @@ Display CVEs identified in a software artifact
| `--multi-stage` | | | Show packages from multi-stage Docker builds |
| `--only-cve-id` | `stringSlice` | | Comma separated list of CVE ids (like CVE-2021-45105) to search for |
| `--only-fixed` | | | Filter to fixable CVEs |
+| `--only-metric` | `stringSlice` | | Comma separated list of CVSS metrics (like AV:N or PR:L) to filter CVEs by |
| `--only-package` | `stringSlice` | | Comma separated regular expressions to filter packages by |
| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) |
| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by |
| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names |
| `--only-unfixed` | | | Filter to unfixed CVEs |
+| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected |
| `--only-vuln-packages` | | | When used with --format=only-packages ignore packages with no vulnerabilities |
| `--org` | `string` | | Namespace of the Docker organization |
| `-o`, `--output` | `string` | | Write the report to a file. |
| `--platform` | `string` | | Platform of image to analyze |
| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive. |
-| `--vex` | | | Apply VEX statements to filter CVEs |
| `--vex-author` | `stringSlice` | | List of VEX statement authors to accept |
| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements |
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_help.md b/_vendor/github.com/docker/scout-cli/docs/scout_help.md
new file mode 100644
index 0000000000..ec152c6aaf
--- /dev/null
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_help.md
@@ -0,0 +1,8 @@
+# docker scout help
+
+
+Display information about the available commands
+
+
+
+
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md
index df03711155..24842906b8 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md
@@ -5,12 +5,39 @@ Disable Docker Scout
### Options
-| Name | Type | Default | Description |
-|:-------------|:---------|:--------|:--------------------------------------------------|
-| `--filter` | `string` | | Regular expression to filter repositories by name |
-| `--org` | `string` | | Namespace of the Docker organization |
-| `--registry` | `string` | | Container Registry |
+| Name | Type | Default | Description |
+|:----------------|:---------|:--------|:-----------------------------------------------------------------------------|
+| `--all` | | | Disable all repositories of the organization. Can not be used with --filter. |
+| `--filter` | `string` | | Regular expression to filter repositories by name |
+| `--integration` | `string` | | Name of the integration to use for enabling an image |
+| `--org` | `string` | | Namespace of the Docker organization |
+| `--registry` | `string` | | Container Registry |
+## Examples
+
+### Disable a specific repository
+
+```console
+$ docker scout repo disable my/repository
+```
+
+### Disable all repositories of the organization
+
+```console
+$ docker scout repo disable --all
+```
+
+### Disable some repositories based on a filter
+
+```console
+$ docker scout repo disable --filter namespace/backend
+```
+
+### Disable a repository from a specific registry
+
+```console
+$ docker scout repo disable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com
+```
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md
index 44330d05cd..3065a68bcc 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md
@@ -5,12 +5,39 @@ Enable Docker Scout
### Options
-| Name | Type | Default | Description |
-|:-------------|:---------|:--------|:--------------------------------------------------|
-| `--filter` | `string` | | Regular expression to filter repositories by name |
-| `--org` | `string` | | Namespace of the Docker organization |
-| `--registry` | `string` | | Container Registry |
+| Name | Type | Default | Description |
+|:----------------|:---------|:--------|:----------------------------------------------------------------------------|
+| `--all` | | | Enable all repositories of the organization. Can not be used with --filter. |
+| `--filter` | `string` | | Regular expression to filter repositories by name |
+| `--integration` | `string` | | Name of the integration to use for enabling an image |
+| `--org` | `string` | | Namespace of the Docker organization |
+| `--registry` | `string` | | Container Registry |
+## Examples
+
+### Enable a specific repository
+
+```console
+$ docker scout repo enable my/repository
+```
+
+### Enable all repositories of the organization
+
+```console
+$ docker scout repo enable --all
+```
+
+### Enable some repositories based on a filter
+
+```console
+$ docker scout repo enable --filter namespace/backend
+```
+
+### Enable a repository from a specific registry
+
+```console
+$ docker scout repo enable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com
+```
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md b/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md
index 3bfa0dd0c7..b691df74ce 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md
@@ -5,13 +5,13 @@ Generate or display SBOM of an image
### Options
-| Name | Type | Default | Description |
-|:----------------------|:--------------|:--------|:--------------------------------------------------------------------------------------------------------------------------|
-| `--format` | `string` | `json` | Output format:
- list: list of packages of the image
- json: json representation of the SBOM |
-| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)
Can only be used with --format list |
-| `-o`, `--output` | `string` | | Write the report to a file. |
-| `--platform` | `string` | | Platform of image to analyze |
-| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive. |
+| Name | Type | Default | Description |
+|:----------------------|:--------------|:--------|:----------------------------------------------------------------------------------------------------------------------------------------------|
+| `--format` | `string` | `json` | Output format:
- list: list of packages of the image
- json: json representation of the SBOM
- spdx: spdx representation of the SBOM |
+| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)
Can only be used with --format list |
+| `-o`, `--output` | `string` | | Write the report to a file. |
+| `--platform` | `string` | | Platform of image to analyze |
+| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive. |
diff --git a/_vendor/modules.txt b/_vendor/modules.txt
index eaadd2ecba..e84adaec27 100644
--- a/_vendor/modules.txt
+++ b/_vendor/modules.txt
@@ -1,7 +1,7 @@
# github.com/moby/moby v24.0.5+incompatible
# github.com/moby/buildkit v0.13.0-beta1.0.20231011101155-c444964c2e8f
# github.com/docker/buildx v0.11.2
-# github.com/docker/scout-cli v1.0.2
+# github.com/docker/scout-cli v1.0.9
# github.com/docker/cli v24.0.6+incompatible
# github.com/docker/compose-cli v1.0.35
# github.com/compose-spec/compose-spec v0.0.0-20230927132538-f223c5150d5d
diff --git a/go.mod b/go.mod
index 3e7d137d72..bd6a3d6de6 100644
--- a/go.mod
+++ b/go.mod
@@ -10,7 +10,7 @@ require (
github.com/docker/cli v24.0.6+incompatible // indirect
github.com/docker/compose-cli v1.0.35 // indirect
github.com/docker/compose/v2 v2.23.0 // indirect
- github.com/docker/scout-cli v1.0.2 // indirect
+ github.com/docker/scout-cli v1.0.9 // indirect
github.com/moby/buildkit v0.13.0-beta1.0.20231011101155-c444964c2e8f // indirect
github.com/moby/moby v24.0.5+incompatible // indirect
)
diff --git a/go.sum b/go.sum
index d9bc1dd4f2..1e5d91baa3 100644
--- a/go.sum
+++ b/go.sum
@@ -89,6 +89,8 @@ github.com/docker/scout-cli v0.24.1 h1:ga1J6dsKXfhBQ98wKbb+GWncuMdqErxhpLMxPSMqH
github.com/docker/scout-cli v0.24.1/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
github.com/docker/scout-cli v1.0.2 h1:KweJ2S/WXncRIv+9+GrNI4bq/5TjcWY8WyWqgfV1zdM=
github.com/docker/scout-cli v1.0.2/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
+github.com/docker/scout-cli v1.0.9 h1:P2Rs+HhVOIoSJZ1fcVuSDaxvV/8dCJTFdb3shrQtj5E=
+github.com/docker/scout-cli v1.0.9/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
github.com/elazarl/goproxy v0.0.0-20191011121108-aa519ddbe484/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=