diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml
index 73f479e30a..7dd19b5319 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml
@@ -43,6 +43,16 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml
index e9b7585afc..117e922f2c 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml
@@ -20,6 +20,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml
index 2f5a2c8a2b..d9e3b7b809 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml
@@ -1,12 +1,13 @@
command: docker scout cache df
short: Show Docker Scout disk usage
long: |-
- Docker Scout stores temporary files to generate SBOMs of images and cache the results to not generate or fetch them again.
+ Docker Scout uses a temporary cache storage for generating image SBOMs.
+ The cache helps avoid regenerating or fetching resources unnecessarily.
- This `docker scout cache df` command will list all the temporary and cached data on the host. Each is identified by the
- digest of the image.
+ This `docker scout cache df` command shows the cached data on the host.
+ Each cache entry is identified by the digest of the image.
- Those data can be deleted using the `docker scout cache prune` command.
+ You can use the `docker scout cache prune` command to delete cache data at any time.
usage: docker scout cache df
pname: docker scout cache
plink: docker_scout_cache.yaml
@@ -21,6 +22,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### List temporary and cache files
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml
index c1a133e46e..2d5f7de568 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml
@@ -1,12 +1,10 @@
command: docker scout cache prune
short: Remove temporary or cached data
long: |-
- Docker Scout stores temporary files to generate SBOMs of images and cache those SBOMs to not generate or fetch them again.
+ The `docker scout cache prune` command removes temporary data and SBOM cache.
- The `docker scout cache prune` command will remove all the temporary files used while generating the SBOMs.
-
- By default the cached SBOMs will not be deleted are they can be used by the different `docker scout` commands. But the `--sboms`
- flag can be used to delete them.
+ By default, `docker scout cache prune` only deletes temporary data.
+ To delete temporary data and clear the SBOM cache, use the `--sboms` flag.
usage: docker scout cache prune
pname: docker scout cache
plink: docker_scout_cache.yaml
@@ -43,6 +41,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Delete temporary data
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml
index 2611d95215..4f62c6b19a 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml
@@ -2,14 +2,15 @@ command: docker scout compare
aliases: docker scout compare, docker scout diff
short: Compare two images and display differences (experimental)
long: |-
- The `docker scout compare` command analyzes two images and displays a comparison of both.
+ The `docker scout compare` command analyzes two images and displays a comparison.
> This command is **experimental** and its behaviour might change in the future
- The main usage is to compare two versions of the same image.
- For instance when a new image is built and compared to the version running in production.
+ The intended use of this command is to compare two versions of the same image.
+ For instance, when a new image is built and compared to the version running in production.
- If no image is specified, the most recently built image will be used.
+ If no image is specified, the most recently built image is used
+ as a comparison target.
The following artifact types are supported:
@@ -18,8 +19,6 @@ long: |-
- Tarball archives, as created by `docker save`
- Local directory or file
- The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -33,7 +32,7 @@ long: |-
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
- - `archive://` use a tarball archive, as created by docker save
+ - `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
usage: docker scout compare --to IMAGE|DIRECTORY|ARCHIVE [IMAGE|DIRECTORY|ARCHIVE]
pname: docker scout
@@ -44,6 +43,18 @@ options:
value_type: bool
default_value: "false"
description: Return exit code '2' if vulnerability changes are detected
+ deprecated: true
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
+ - option: exit-on
+ shorthand: x
+ value_type: stringSlice
+ default_value: '[]'
+ description: |
+ Comma separated list of conditions to fail the action step if worse, options are: vulnerability, policy
deprecated: false
hidden: false
experimental: false
@@ -253,6 +264,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Compare the most recently built image to the latest tag
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml
index e85a3af953..a83e403100 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml
@@ -4,7 +4,8 @@ long: |-
`docker scout config` allows you to list, get and set Docker Scout configuration.
Available configuration key:
- - `organization`: Namespace of the Docker organization to be used by default if it cannot be inferred from the image reference
+
+ - `organization`: Namespace of the Docker organization to be used by default.
usage: docker scout config [KEY] [VALUE]
pname: docker scout
plink: docker_scout.yaml
@@ -19,6 +20,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### List existing configuration
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
index 825153c4c7..28a8fddd7c 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml
@@ -3,7 +3,7 @@ short: Display CVEs identified in a software artifact
long: |-
The `docker scout cves` command analyzes a software artifact for vulnerabilities.
- If no image is specified, the most recently built image will be used.
+ If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -12,8 +12,6 @@ long: |-
- Tarball archives, as created by `docker save`
- Local directory or file
- The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -27,7 +25,7 @@ long: |-
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
- - `archive://` use a tarball archive, as created by docker save
+ - `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
usage: docker scout cves [OPTIONS] [IMAGE|DIRECTORY|ARCHIVE]
pname: docker scout
@@ -297,6 +295,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Display vulnerabilities grouped by package
@@ -351,7 +359,7 @@ examples: |-
### Display markdown output
- The markdown output also contains HTML tags to have a better rendering. This output can be used for instance in Pull Request comments.
+ The following example shows how to generate the vulnerability report as markdown.
```console
$ docker scout cves --format markdown alpine
@@ -372,11 +380,10 @@ examples: |-
...
```
- ### List all packages of a certain typethat are vulnerable
+ ### List all vulnerable packages of a certain type
- The output will show the list of the packages of the image, that can be filtered, with the summary of vulnerabilities for each.
-
- By default even packages with no vulnerabilities will be displayed.
+ The following example shows how to generate a list of packages, only including
+ packages of the specified type, and only showing packages that are vulnerable.
```console
$ docker scout cves --format only-packages --only-package-type golang --only-vuln-packages golang:1.18.0
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml
index cfd4cc7484..3628d5883a 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml
@@ -16,6 +16,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml
index 79b56fa0c5..8bef89774d 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml
@@ -2,9 +2,16 @@ command: docker scout environment
aliases: docker scout environment, docker scout env
short: Manage environments (experimental)
long: |-
- The `docker scout environment` command lists the environments and records images to it.
+ The `docker scout environment` command lists the environments.
+ If you pass an image reference, the image is recorded to the specified environment.
- Once recorded, environments can be referred to by their name, eg. in the `docker scout compare` command using `--to-env`.`
+ Once recorded, environments can be referred to by their name. For example,
+ you can refer to the `production` environment with the `docker scout compare`
+ command as follows:
+
+ ```console
+ $ docker scout compare --to-env production
+ ```
usage: docker scout environment [ENVIRONMENT] [IMAGE]
pname: docker scout
plink: docker_scout.yaml
@@ -48,6 +55,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### List existing environments
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml
index 48994c7238..9cfcd05a16 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml
@@ -15,6 +15,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml
index cf02faaaf4..389dde2373 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml
@@ -22,6 +22,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml
index bba67767bd..708167f111 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml
@@ -45,6 +45,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml
index 7be74f6956..7a56dd686a 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml
@@ -35,6 +35,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml
index dab6cdb156..00db4ef687 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml
@@ -35,6 +35,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml
index c83f7b4809..fdf59dda4a 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml
@@ -1,8 +1,11 @@
command: docker scout policy
short: |
Evaluate policies against an image and display the policy evaluation results (experimental)
-long: |
- The `docker scout policy` command evaluates policies against an image. The image is indexed into the Scout platform - if it wasn't already - and policies will run against it. The policy results may take a few minutes to become available.
+long: |-
+ The `docker scout policy` command evaluates policies against an image.
+ The image analysis is uploaded to Docker Scout where policies get evaluated.
+
+ The policy evaluation results may take a few minutes to become available.
usage: docker scout policy [IMAGE | REPO]
pname: docker scout
plink: docker_scout.yaml
@@ -10,8 +13,8 @@ options:
- option: env
value_type: string
description: Name of the environment to compare to
- deprecated: false
- hidden: false
+ deprecated: true
+ hidden: true
experimental: false
experimentalcli: false
kubernetes: false
@@ -55,6 +58,25 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: to-env
+ value_type: string
+ description: Name of the environment to compare to
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
+ - option: to-latest
+ value_type: bool
+ default_value: "false"
+ description: Latest image processed to compare to
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
inherited_options:
- option: debug
value_type: bool
@@ -66,6 +88,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Evaluate policies against an image and display the results
@@ -88,7 +120,7 @@ examples: |-
### Compare policy results for a repository in a specific environment
```console
- $ docker scout policy dockerscoutpolicy/customers-api-service --env production
+ $ docker scout policy dockerscoutpolicy/customers-api-service --to-env production
```
deprecated: false
experimental: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml
index 23a7c93f34..96ad7ef425 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml
@@ -1,7 +1,7 @@
command: docker scout push
short: Push an image or image index to Docker Scout (experimental)
long: |
- The `docker scout push` command allows to push an image or image index to Docker Scout.
+ The `docker scout push` command lets you push an image or analysis result to Docker Scout.
usage: docker scout push IMAGE
pname: docker scout
plink: docker_scout.yaml
@@ -64,6 +64,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Push an image to Docker Scout
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml
index a4d3c8f5a1..d459a54561 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml
@@ -3,10 +3,11 @@ aliases: docker scout quickview, docker scout qv
short: Quick overview of an image
long: |-
The `docker scout quickview` command displays a quick overview of an image.
- It displays a summary of the vulnerabilities in the image and the vulnerabilities from the base image.
- If available it also displays base image refresh and update recommendations.
+ It displays a summary of the vulnerabilities in the specified image
+ and vulnerabilities from the base image.
+ If available, it also displays base image refresh and update recommendations.
- If no image is specified, the most recently built image will be used.
+ If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -15,8 +16,6 @@ long: |-
- Tarball archives, as created by `docker save`
- Local directory or file
- The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -30,7 +29,7 @@ long: |-
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
- - `archive://` use a tarball archive, as created by docker save
+ - `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
usage: docker scout quickview [IMAGE|DIRECTORY|ARCHIVE]
pname: docker scout
@@ -45,6 +44,16 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: latest
+ value_type: bool
+ default_value: "false"
+ description: Latest indexed image
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: org
value_type: string
description: Namespace of the Docker organization
@@ -104,6 +113,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Quick overview of an image
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml
index 2ad5d196f9..5430a06cd7 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml
@@ -3,9 +3,10 @@ short: Display available base image updates and remediation recommendations
long: |-
The `docker scout recommendations` command display recommendations for base images updates.
It analyzes the image and display recommendations to refresh or update the base image.
- For each recommendation it shows a list of benefits like less vulnerabilities, smaller image, etc.
+ For each recommendation it shows a list of benefits, such as
+ fewer vulnerabilities or smaller image size.
- If no image is specified, the most recently built image will be used.
+ If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -14,8 +15,6 @@ long: |-
- Tarball archives, as created by `docker save`
- Local directory or file
- The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -29,7 +28,7 @@ long: |-
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
- - `archive://` use a tarball archive, as created by docker save
+ - `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
usage: docker scout recommendations [IMAGE|DIRECTORY|ARCHIVE]
pname: docker scout
@@ -114,6 +113,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Display base image update recommendations
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml
index 2d1645fb1b..dcaf733615 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml
@@ -22,6 +22,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml
index ac0e5642bc..c673b1b703 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml
@@ -64,6 +64,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Disable a specific repository
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml
index d93026e6fb..84439d5015 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml
@@ -63,6 +63,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Enable a specific repository
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml
index 9eaa20d929..796e146599 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml
@@ -69,6 +69,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
deprecated: false
experimental: false
experimentalcli: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml
index 486cc0888e..95b5d8e6fd 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml
@@ -1,11 +1,14 @@
command: docker scout sbom
short: Generate or display SBOM of an image
long: |-
- The `docker scout sbom` command analyzes a software artifact to generate the corresponding Software Bill Of Materials (SBOM).
+ The `docker scout sbom` command analyzes a software artifact to generate a
+ Software Bill Of Materials (SBOM).
- The SBOM can be used to list all packages, or the ones from a specific type (as dep, maven, etc).
+ The SBOM contains a list of all packages in the image.
+ You can use the `--format` flag to filter the output of the command
+ to display only packages of a specific type.
- If no image is specified, the most recently built image will be used.
+ If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -14,8 +17,6 @@ long: |-
- Tarball archives, as created by `docker save`
- Local directory or file
- The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -29,7 +30,7 @@ long: |-
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
- - `archive://` use a tarball archive, as created by docker save
+ - `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
usage: docker scout sbom [IMAGE|DIRECTORY|ARCHIVE]
pname: docker scout
@@ -102,6 +103,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Display the list of packages
@@ -115,13 +126,13 @@ examples: |-
$ docker scout sbom --format list --only-package-type apk alpine
```
- ### Display the full SBOM as json
+ ### Display the full SBOM in JSON format
```console
$ docker scout sbom alpine
```
- ### Display the full SBOM of the most recently buitl image
+ ### Display the full SBOM of the most recently built image
```console
$ docker scout sbom
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml
index 31a307c208..d3e69786a2 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml
@@ -47,6 +47,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### List existing streams
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml
index d8106a46d8..a06659b236 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml
@@ -15,11 +15,40 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
```console
$ docker scout version
- version: v0.2.2 (go1.19.5 - darwin/arm64)
- git commit: c15f374b9a39d993da2e8a1db7edc4be4f7c0c1e
+
+ ⢀⢀⢀ ⣀⣀⡤⣔⢖⣖⢽⢝
+ ⡠⡢⡣⡣⡣⡣⡣⡣⡢⡀ ⢀⣠⢴⡲⣫⡺⣜⢞⢮⡳⡵⡹⡅
+ ⡜⡜⡜⡜⡜⡜⠜⠈⠈ ⠁⠙⠮⣺⡪⡯⣺⡪⡯⣺
+ ⢘⢜⢜⢜⢜⠜ ⠈⠪⡳⡵⣹⡪⠇
+ ⠨⡪⡪⡪⠂ ⢀⡤⣖⢽⡹⣝⡝⣖⢤⡀ ⠘⢝⢮⡚ _____ _
+ ⠱⡱⠁ ⡴⡫⣞⢮⡳⣝⢮⡺⣪⡳⣝⢦ ⠘⡵⠁ / ____| Docker | |
+ ⠁ ⣸⢝⣕⢗⡵⣝⢮⡳⣝⢮⡺⣪⡳⣣ ⠁ | (___ ___ ___ _ _| |_
+ ⣗⣝⢮⡳⣝⢮⡳⣝⢮⡳⣝⢮⢮⡳ \___ \ / __/ _ \| | | | __|
+ ⢀ ⢱⡳⡵⣹⡪⡳⣝⢮⡳⣝⢮⡳⡣⡏ ⡀ ____) | (_| (_) | |_| | |_
+ ⢀⢾⠄ ⠫⣞⢮⡺⣝⢮⡳⣝⢮⡳⣝⠝ ⢠⢣⢂ |_____/ \___\___/ \__,_|\__|
+ ⡼⣕⢗⡄ ⠈⠓⠝⢮⡳⣝⠮⠳⠙ ⢠⢢⢣⢣
+ ⢰⡫⡮⡳⣝⢦⡀ ⢀⢔⢕⢕⢕⢕⠅
+ ⡯⣎⢯⡺⣪⡳⣝⢖⣄⣀ ⡀⡠⡢⡣⡣⡣⡣⡣⡃
+ ⢸⢝⢮⡳⣝⢮⡺⣪⡳⠕⠗⠉⠁ ⠘⠜⡜⡜⡜⡜⡜⡜⠜⠈
+ ⡯⡳⠳⠝⠊⠓⠉ ⠈⠈⠈⠈
+
+
+
+ version: v1.0.9 (go1.21.3 - darwin/arm64)
+ git commit: 8bf95bf60d084af341f70e8263342f71b0a3cd16
```
deprecated: false
experimental: false
diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml b/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml
index 45a572eeaa..30b6dbef47 100644
--- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml
+++ b/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml
@@ -1,8 +1,9 @@
command: docker scout watch
short: |
Watch repositories in a registry and push images and indexes to Docker Scout (experimental)
-long: |
- The `docker scout watch` command watches repositories in a registry and pushes images or image indexes to Docker Scout.
+long: |-
+ The `docker scout watch` command watches repositories in a registry
+ and pushes images or analysis results to Docker Scout.
usage: docker scout watch
pname: docker scout
plink: docker_scout.yaml
@@ -118,6 +119,16 @@ inherited_options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: verbose-debug
+ value_type: bool
+ default_value: "false"
+ description: Verbose debug
+ deprecated: false
+ hidden: true
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
examples: |-
### Watch for new images from two repositories and push them
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md
index a9cf9655c7..71dcf99560 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md
@@ -8,12 +8,13 @@ Show Docker Scout disk usage
## Description
-Docker Scout stores temporary files to generate SBOMs of images and cache the results to not generate or fetch them again.
+Docker Scout uses a temporary cache storage for generating image SBOMs.
+The cache helps avoid regenerating or fetching resources unnecessarily.
-This `docker scout cache df` command will list all the temporary and cached data on the host. Each is identified by the
-digest of the image.
+This `docker scout cache df` command shows the cached data on the host.
+Each cache entry is identified by the digest of the image.
-Those data can be deleted using the `docker scout cache prune` command.
+You can use the `docker scout cache prune` command to delete cache data at any time.
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md
index 2ee9c5a7a4..7292884c7d 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md
@@ -15,12 +15,10 @@ Remove temporary or cached data
## Description
-Docker Scout stores temporary files to generate SBOMs of images and cache those SBOMs to not generate or fetch them again.
+The `docker scout cache prune` command removes temporary data and SBOM cache.
-The `docker scout cache prune` command will remove all the temporary files used while generating the SBOMs.
-
-By default the cached SBOMs will not be deleted are they can be used by the different `docker scout` commands. But the `--sboms`
-flag can be used to delete them.
+By default, `docker scout cache prune` only deletes temporary data.
+To delete temporary data and clear the SBOM cache, use the `--sboms` flag.
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_compare.md b/_vendor/github.com/docker/scout-cli/docs/scout_compare.md
index 4bea8bf313..a32aaf3a2f 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_compare.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_compare.md
@@ -11,7 +11,7 @@ Compare two images and display differences (experimental)
| Name | Type | Default | Description |
|:----------------------|:--------------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `-e`, `--exit-code` | | | Return exit code '2' if vulnerability changes are detected |
+| `-x`, `--exit-on` | `stringSlice` | | Comma separated list of conditions to fail the action step if worse, options are: vulnerability, policy |
| `--format` | `string` | `text` | Output format of the generated vulnerability report:
- text: default output, plain text with or without colors depending on the terminal
- markdown: Markdown output
|
| `--hide-policies` | | | Hide policy status from the output |
| `--ignore-base` | | | Filter out CVEs introduced from base image |
@@ -36,14 +36,15 @@ Compare two images and display differences (experimental)
## Description
-The `docker scout compare` command analyzes two images and displays a comparison of both.
+The `docker scout compare` command analyzes two images and displays a comparison.
> This command is **experimental** and its behaviour might change in the future
-The main usage is to compare two versions of the same image.
-For instance when a new image is built and compared to the version running in production.
+The intended use of this command is to compare two versions of the same image.
+For instance, when a new image is built and compared to the version running in production.
-If no image is specified, the most recently built image will be used.
+If no image is specified, the most recently built image is used
+as a comparison target.
The following artifact types are supported:
@@ -52,8 +53,6 @@ The following artifact types are supported:
- Tarball archives, as created by `docker save`
- Local directory or file
-The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -67,7 +66,7 @@ or if you want to control from where the image will be resolved, you must prefix
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
-- `archive://` use a tarball archive, as created by docker save
+- `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_config.md b/_vendor/github.com/docker/scout-cli/docs/scout_config.md
index 4ff939f337..1a6e8b69c9 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_config.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_config.md
@@ -11,7 +11,8 @@ Manage Docker Scout configuration
`docker scout config` allows you to list, get and set Docker Scout configuration.
Available configuration key:
-- `organization`: Namespace of the Docker organization to be used by default if it cannot be inferred from the image reference
+
+- `organization`: Namespace of the Docker organization to be used by default.
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
index b1f3e8b5d0..51e2e589f8 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md
@@ -42,7 +42,7 @@ Display CVEs identified in a software artifact
The `docker scout cves` command analyzes a software artifact for vulnerabilities.
-If no image is specified, the most recently built image will be used.
+If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -51,8 +51,6 @@ The following artifact types are supported:
- Tarball archives, as created by `docker save`
- Local directory or file
-The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -66,7 +64,7 @@ or if you want to control from where the image will be resolved, you must prefix
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
-- `archive://` use a tarball archive, as created by docker save
+- `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
## Examples
@@ -124,7 +122,7 @@ Analyzing image alpine
### Display markdown output
-The markdown output also contains HTML tags to have a better rendering. This output can be used for instance in Pull Request comments.
+The following example shows how to generate the vulnerability report as markdown.
```console
$ docker scout cves --format markdown alpine
@@ -145,11 +143,10 @@ $ docker scout cves --format markdown alpine
...
```
-### List all packages of a certain typethat are vulnerable
+### List all vulnerable packages of a certain type
-The output will show the list of the packages of the image, that can be filtered, with the summary of vulnerabilities for each.
-
-By default even packages with no vulnerabilities will be displayed.
+The following example shows how to generate a list of packages, only including
+packages of the specified type, and only showing packages that are vulnerable.
```console
$ docker scout cves --format only-packages --only-package-type golang --only-vuln-packages golang:1.18.0
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_environment.md b/_vendor/github.com/docker/scout-cli/docs/scout_environment.md
index 818bb112d4..e8f1960492 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_environment.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_environment.md
@@ -20,9 +20,16 @@ Manage environments (experimental)
## Description
-The `docker scout environment` command lists the environments and records images to it.
+The `docker scout environment` command lists the environments.
+If you pass an image reference, the image is recorded to the specified environment.
-Once recorded, environments can be referred to by their name, eg. in the `docker scout compare` command using `--to-env`.`
+Once recorded, environments can be referred to by their name. For example,
+you can refer to the `production` environment with the `docker scout compare`
+command as follows:
+
+```console
+$ docker scout compare --to-env production
+```
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_policy.md b/_vendor/github.com/docker/scout-cli/docs/scout_policy.md
index 61ddc0cc8a..5da8fca8ba 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_policy.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_policy.md
@@ -7,18 +7,22 @@ Evaluate policies against an image and display the policy evaluation results (ex
| Name | Type | Default | Description |
|:--------------------|:---------|:--------|:------------------------------------------------------------|
-| `--env` | `string` | | Name of the environment to compare to |
| `-e`, `--exit-code` | | | Return exit code '2' if policies are not met, '0' otherwise |
| `--org` | `string` | | Namespace of the Docker organization |
| `-o`, `--output` | `string` | | Write the report to a file |
| `--platform` | `string` | | Platform of image to pull policy results from |
+| `--to-env` | `string` | | Name of the environment to compare to |
+| `--to-latest` | | | Latest image processed to compare to |
## Description
-The `docker scout policy` command evaluates policies against an image. The image is indexed into the Scout platform - if it wasn't already - and policies will run against it. The policy results may take a few minutes to become available.
+The `docker scout policy` command evaluates policies against an image.
+The image analysis is uploaded to Docker Scout where policies get evaluated.
+
+The policy evaluation results may take a few minutes to become available.
## Examples
@@ -43,5 +47,5 @@ $ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --platform l
### Compare policy results for a repository in a specific environment
```console
-$ docker scout policy dockerscoutpolicy/customers-api-service --env production
+$ docker scout policy dockerscoutpolicy/customers-api-service --to-env production
```
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_push.md b/_vendor/github.com/docker/scout-cli/docs/scout_push.md
index e55266ee73..709235f1ec 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_push.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_push.md
@@ -18,7 +18,7 @@ Push an image or image index to Docker Scout (experimental)
## Description
-The `docker scout push` command allows to push an image or image index to Docker Scout.
+The `docker scout push` command lets you push an image or analysis result to Docker Scout.
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md b/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md
index 47afdc9a45..d0de10236e 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md
@@ -12,6 +12,7 @@ Quick overview of an image
| Name | Type | Default | Description |
|:-----------------|:---------|:--------|:---------------------------------------------------------------------------------------------------------|
| `--env` | `string` | | Name of the environment |
+| `--latest` | | | Latest indexed image |
| `--org` | `string` | | Namespace of the Docker organization |
| `-o`, `--output` | `string` | | Write the report to a file. |
| `--platform` | `string` | | Platform of image to analyze |
@@ -23,10 +24,11 @@ Quick overview of an image
## Description
The `docker scout quickview` command displays a quick overview of an image.
-It displays a summary of the vulnerabilities in the image and the vulnerabilities from the base image.
-If available it also displays base image refresh and update recommendations.
+It displays a summary of the vulnerabilities in the specified image
+and vulnerabilities from the base image.
+If available, it also displays base image refresh and update recommendations.
-If no image is specified, the most recently built image will be used.
+If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -35,8 +37,6 @@ The following artifact types are supported:
- Tarball archives, as created by `docker save`
- Local directory or file
-The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -50,7 +50,7 @@ or if you want to control from where the image will be resolved, you must prefix
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
-- `archive://` use a tarball archive, as created by docker save
+- `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md b/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md
index 6f62dcc26e..4a020921c4 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md
@@ -22,9 +22,10 @@ Display available base image updates and remediation recommendations
The `docker scout recommendations` command display recommendations for base images updates.
It analyzes the image and display recommendations to refresh or update the base image.
-For each recommendation it shows a list of benefits like less vulnerabilities, smaller image, etc.
+For each recommendation it shows a list of benefits, such as
+fewer vulnerabilities or smaller image size.
-If no image is specified, the most recently built image will be used.
+If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -33,8 +34,6 @@ The following artifact types are supported:
- Tarball archives, as created by `docker save`
- Local directory or file
-The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -48,7 +47,7 @@ or if you want to control from where the image will be resolved, you must prefix
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
-- `archive://` use a tarball archive, as created by docker save
+- `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
## Examples
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md b/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md
index b691df74ce..2707160ee7 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md
@@ -18,11 +18,14 @@ Generate or display SBOM of an image
## Description
-The `docker scout sbom` command analyzes a software artifact to generate the corresponding Software Bill Of Materials (SBOM).
+The `docker scout sbom` command analyzes a software artifact to generate a
+Software Bill Of Materials (SBOM).
-The SBOM can be used to list all packages, or the ones from a specific type (as dep, maven, etc).
+The SBOM contains a list of all packages in the image.
+You can use the `--format` flag to filter the output of the command
+to display only packages of a specific type.
-If no image is specified, the most recently built image will be used.
+If no image is specified, the most recently built image is used.
The following artifact types are supported:
@@ -31,8 +34,6 @@ The following artifact types are supported:
- Tarball archives, as created by `docker save`
- Local directory or file
-The tool analyzes the provided software artifact, and generates a vulnerability report.
-
By default, the tool expects an image reference, such as:
- `redis`
@@ -46,7 +47,7 @@ or if you want to control from where the image will be resolved, you must prefix
- `local://` use an image from the local image store (don't do a registry lookup)
- `registry://` use an image from a registry (don't use a local image)
- `oci-dir://` use an OCI layout directory
-- `archive://` use a tarball archive, as created by docker save
+- `archive://` use a tarball archive, as created by `docker save`
- `fs://` use a local directory or file
## Examples
@@ -63,13 +64,13 @@ $ docker scout sbom --format list alpine
$ docker scout sbom --format list --only-package-type apk alpine
```
-### Display the full SBOM as json
+### Display the full SBOM in JSON format
```console
$ docker scout sbom alpine
```
-### Display the full SBOM of the most recently buitl image
+### Display the full SBOM of the most recently built image
```console
$ docker scout sbom
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_version.md b/_vendor/github.com/docker/scout-cli/docs/scout_version.md
index ba5fdf5eb1..5365123c05 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_version.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_version.md
@@ -14,6 +14,25 @@ Show Docker Scout version information
```console
$ docker scout version
-version: v0.2.2 (go1.19.5 - darwin/arm64)
-git commit: c15f374b9a39d993da2e8a1db7edc4be4f7c0c1e
+
+ ⢀⢀⢀ ⣀⣀⡤⣔⢖⣖⢽⢝
+ ⡠⡢⡣⡣⡣⡣⡣⡣⡢⡀ ⢀⣠⢴⡲⣫⡺⣜⢞⢮⡳⡵⡹⡅
+ ⡜⡜⡜⡜⡜⡜⠜⠈⠈ ⠁⠙⠮⣺⡪⡯⣺⡪⡯⣺
+ ⢘⢜⢜⢜⢜⠜ ⠈⠪⡳⡵⣹⡪⠇
+ ⠨⡪⡪⡪⠂ ⢀⡤⣖⢽⡹⣝⡝⣖⢤⡀ ⠘⢝⢮⡚ _____ _
+ ⠱⡱⠁ ⡴⡫⣞⢮⡳⣝⢮⡺⣪⡳⣝⢦ ⠘⡵⠁ / ____| Docker | |
+ ⠁ ⣸⢝⣕⢗⡵⣝⢮⡳⣝⢮⡺⣪⡳⣣ ⠁ | (___ ___ ___ _ _| |_
+ ⣗⣝⢮⡳⣝⢮⡳⣝⢮⡳⣝⢮⢮⡳ \___ \ / __/ _ \| | | | __|
+ ⢀ ⢱⡳⡵⣹⡪⡳⣝⢮⡳⣝⢮⡳⡣⡏ ⡀ ____) | (_| (_) | |_| | |_
+ ⢀⢾⠄ ⠫⣞⢮⡺⣝⢮⡳⣝⢮⡳⣝⠝ ⢠⢣⢂ |_____/ \___\___/ \__,_|\__|
+ ⡼⣕⢗⡄ ⠈⠓⠝⢮⡳⣝⠮⠳⠙ ⢠⢢⢣⢣
+ ⢰⡫⡮⡳⣝⢦⡀ ⢀⢔⢕⢕⢕⢕⠅
+ ⡯⣎⢯⡺⣪⡳⣝⢖⣄⣀ ⡀⡠⡢⡣⡣⡣⡣⡣⡃
+⢸⢝⢮⡳⣝⢮⡺⣪⡳⠕⠗⠉⠁ ⠘⠜⡜⡜⡜⡜⡜⡜⠜⠈
+⡯⡳⠳⠝⠊⠓⠉ ⠈⠈⠈⠈
+
+
+
+version: v1.0.9 (go1.21.3 - darwin/arm64)
+git commit: 8bf95bf60d084af341f70e8263342f71b0a3cd16
```
diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_watch.md b/_vendor/github.com/docker/scout-cli/docs/scout_watch.md
index 99ac1968fe..2444ce3c43 100644
--- a/_vendor/github.com/docker/scout-cli/docs/scout_watch.md
+++ b/_vendor/github.com/docker/scout-cli/docs/scout_watch.md
@@ -23,7 +23,8 @@ Watch repositories in a registry and push images and indexes to Docker Scout (ex
## Description
-The `docker scout watch` command watches repositories in a registry and pushes images or image indexes to Docker Scout.
+The `docker scout watch` command watches repositories in a registry
+and pushes images or analysis results to Docker Scout.
## Examples
diff --git a/_vendor/modules.txt b/_vendor/modules.txt
index 605bb74cb2..f000ff5bec 100644
--- a/_vendor/modules.txt
+++ b/_vendor/modules.txt
@@ -1,7 +1,7 @@
# github.com/moby/moby v24.0.5+incompatible
# github.com/moby/buildkit v0.13.0-beta1.0.20231113205014-1efcd30d9dd6
# github.com/docker/buildx v0.12.0
-# github.com/docker/scout-cli v1.0.9
+# github.com/docker/scout-cli v1.2.0
# github.com/docker/cli v24.0.8-0.20231106123152-48ec4f339e2b+incompatible
# github.com/docker/compose-cli v1.0.35
# github.com/compose-spec/compose-spec v0.0.0-20231121152139-478928e7c9f8
diff --git a/go.mod b/go.mod
index 77fe598ba3..5f7a34f650 100644
--- a/go.mod
+++ b/go.mod
@@ -10,7 +10,7 @@ require (
github.com/docker/cli v24.0.8-0.20231106123152-48ec4f339e2b+incompatible // indirect
github.com/docker/compose-cli v1.0.35 // indirect
github.com/docker/compose/v2 v2.23.3 // indirect
- github.com/docker/scout-cli v1.0.9 // indirect
+ github.com/docker/scout-cli v1.2.0 // indirect
github.com/moby/buildkit v0.13.0-beta1.0.20231113205014-1efcd30d9dd6 // indirect
github.com/moby/moby v24.0.5+incompatible // indirect
)
diff --git a/go.sum b/go.sum
index f9d55b04fe..ffa67d4ec1 100644
--- a/go.sum
+++ b/go.sum
@@ -101,6 +101,8 @@ github.com/docker/scout-cli v1.0.2 h1:KweJ2S/WXncRIv+9+GrNI4bq/5TjcWY8WyWqgfV1zd
github.com/docker/scout-cli v1.0.2/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
github.com/docker/scout-cli v1.0.9 h1:P2Rs+HhVOIoSJZ1fcVuSDaxvV/8dCJTFdb3shrQtj5E=
github.com/docker/scout-cli v1.0.9/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
+github.com/docker/scout-cli v1.2.0 h1:cjtsf7s2f6NO9OxgXWPW3DGxaTKVU58JKmVtaVMc0RA=
+github.com/docker/scout-cli v1.2.0/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc=
github.com/elazarl/goproxy v0.0.0-20191011121108-aa519ddbe484/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=