docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

scout: clarify data handling for local analysis 

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit is contained in:
David Karlsson 2023-08-11 09:57:10 +02:00
parent 4899ffee3e
commit cd76a0d1ba
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
scout/data-handling.md
View File

@ -27,7 +27,7 @@ Docker and OCI image metadata:
Software Bill of Materials (SBOM) metadata:
- Advisory prefix URL (PURL)
- Package URLs (PURL)
- Package author and description
- License IDs
- Package name and namespace
@ -45,6 +45,10 @@ information on the SBOM. If there's a match, the results of the match are
displayed in the user interfaces where Docker Scout data is surfaced, such as
the Docker Scout Dashboard and in Docker Desktop.
For images analyzed locally on a developer's machine, Docker Scout only
transmits PURLs and layer digests. This data is not persistently stored on the
Docker Scout platform; it's only used to run the analysis.
## Data storage
For the purposes of providing the Docker Scout service, data is stored using: