vendor: github.com/docker/scout-cli v1.3.0

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-01-18 17:33:00 +01:00 · 2024-01-18 17:33:00 +01:00 · 32a5565693
parent 1da0617fa5
commit 32a5565693
5 changed files with 30 additions and 28 deletions
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
@ -64,7 +64,7 @@ options:
    - option: format
      value_type: string
      default_value: packages
-      description: "Output format of the generated vulnerability report:\n- packages: default output, plain text with vulnerabilities grouped by packages\n- sarif: json Sarif output\n- spdx: json SPDX output \n- markdown: markdown output (including some html tags like collapsible sections)"
+      description: "Output format of the generated vulnerability report:\n- packages: default output, plain text with vulnerabilities grouped by packages\n- sarif: json Sarif output\n- spdx: json SPDX output \n- markdown: markdown output (including some html tags like collapsible sections)\n- sbom: json SBOM output"
      deprecated: false
      hidden: false
      experimental: false
--- a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
@ -10,11 +10,11 @@ Display CVEs identified in a software artifact
 ### Options

 | Name                   | Type          | Default    | Description                                                                                                                                                                                                                                                                                                            |
-|:-----------------------|:--------------|:-----------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+|:-----------------------|:--------------|:-----------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `--details`            |               |            | Print details on default text output                                                                                                                                                                                                                                                                                   |
 | `--env`                | `string`      |            | Name of environment                                                                                                                                                                                                                                                                                                    |
 | `-e`, `--exit-code`    |               |            | Return exit code '2' if vulnerabilities are detected                                                                                                                                                                                                                                                                   |
-| `--format`             | `string`      | `packages` | Output format of the generated vulnerability report:<br>- packages: default output, plain text with vulnerabilities grouped by packages<br>- sarif: json Sarif output<br>- spdx: json SPDX output <br>- markdown: markdown output (including some html tags like collapsible sections)<br> |
+| `--format`             | `string`      | `packages` | Output format of the generated vulnerability report:<br>- packages: default output, plain text with vulnerabilities grouped by packages<br>- sarif: json Sarif output<br>- spdx: json SPDX output <br>- markdown: markdown output (including some html tags like collapsible sections)<br>- sbom: json SBOM output<br> |
 | `--ignore-base`        |               |            | Filter out CVEs introduced from base image                                                                                                                                                                                                                                                                             |
 | `--locations`          |               |            | Print package locations including file paths and layer diff_id                                                                                                                                                                                                                                                         |
 | `--multi-stage`        |               |            | Show packages from multi-stage Docker builds                                                                                                                                                                                                                                                                           |
--- a/_vendor/modules.txt
+++ b/_vendor/modules.txt
@ -1,6 +1,6 @@
 # github.com/moby/moby v24.0.8-0.20240109122856-854ca341c0f6+incompatible
 # github.com/moby/buildkit v0.13.0-beta1.0.20240116143623-28ce478b1fde
 # github.com/docker/buildx v0.12.1
-# github.com/docker/scout-cli v1.2.0
+# github.com/docker/scout-cli v1.3.0
 # github.com/docker/cli v25.0.0-rc.3+incompatible
 # github.com/docker/compose/v2 v2.24.1
--- a/go.mod
+++ b/go.mod
@ -8,7 +8,7 @@ require (
 	github.com/docker/buildx v0.12.1 // indirect
 	github.com/docker/cli v25.0.0-rc.3+incompatible // indirect
 	github.com/docker/compose/v2 v2.24.1 // indirect
-	github.com/docker/scout-cli v1.2.0 // indirect
+	github.com/docker/scout-cli v1.3.0 // indirect
 	github.com/moby/buildkit v0.13.0-beta1.0.20240116143623-28ce478b1fde // indirect
 	github.com/moby/moby v24.0.8-0.20240109122856-854ca341c0f6+incompatible // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -119,6 +119,8 @@ github.com/docker/scout-cli v1.0.9 h1:P2Rs+HhVOIoSJZ1fcVuSDaxvV/8dCJTFdb3shrQtj5
 github.com/docker/scout-cli v1.0.9/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
 github.com/docker/scout-cli v1.2.0 h1:cjtsf7s2f6NO9OxgXWPW3DGxaTKVU58JKmVtaVMc0RA=
 github.com/docker/scout-cli v1.2.0/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
+github.com/docker/scout-cli v1.3.0 h1:mL9y1yB/DR/dAar71z0w8u8et9o2272Mrjxtb59ds3M=
+github.com/docker/scout-cli v1.3.0/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
 github.com/elazarl/goproxy v0.0.0-20191011121108-aa519ddbe484/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
 github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=