docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #17907 from dvdksn/scout/data-handling-local-analysis 

scout: clarify data handling for local analysis
This commit is contained in:
David Karlsson 2023-08-14 11:18:37 +02:00 committed by GitHub
parent 2e8c616b6b cd76a0d1ba
commit e0a96ce0d3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
scout/data-handling.md
View File

@ -27,7 +27,7 @@ Docker and OCI image metadata:
Software Bill of Materials (SBOM) metadata:
- Advisory prefix URL (PURL)
- Package URLs (PURL)
- Package author and description
- License IDs
- Package name and namespace
@ -45,6 +45,10 @@ information on the SBOM. If there's a match, the results of the match are
displayed in the user interfaces where Docker Scout data is surfaced, such as
the Docker Scout Dashboard and in Docker Desktop.
For images analyzed locally on a developer's machine, Docker Scout only
transmits PURLs and layer digests. This data is not persistently stored on the
Docker Scout platform; it's only used to run the analysis.
## Data storage
For the purposes of providing the Docker Scout service, data is stored using: