Skip to content

[BOT] Update docs for v1.20.4 release #224

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
docker-scout-ci wants to merge 1 commit into
base: main
Choose a base branch
from
+27 −26
Open

[BOT] Update docs for v1.20.4 release #224

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/docker_scout_compare.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ options:
Output format of the generated vulnerability report:
- text: default output, plain text with or without colors depending on the terminal
- markdown: Markdown output
- json: JSON output
deprecated: false
hidden: false
experimental: false
Expand Down
52 changes: 26 additions & 26 deletions docs/scout_compare.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,32 +9,32 @@ Compare two images and display differences (experimental)

### Options

| Name | Type | Default | Description |
|:----------------------|:--------------|:--------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `-x`, `--exit-on` | `stringSlice` | | Comma separated list of conditions to fail the action step if worse or changed, options are: vulnerability, policy, package |
| `--format` | `string` | `text` | Output format of the generated vulnerability report:<br>- text: default output, plain text with or without colors depending on the terminal<br>- markdown: Markdown output<br> |
| `--hide-policies` | | | Hide policy status from the output |
| `--ignore-base` | | | Filter out CVEs introduced from base image |
| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope |
| `--ignore-unchanged` | | | Filter out unchanged packages |
| `--multi-stage` | | | Show packages from multi-stage Docker builds |
| `--only-fixed` | | | Filter to fixable CVEs |
| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) |
| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate |
| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by |
| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names |
| `--only-unfixed` | | | Filter to unfixed CVEs |
| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected |
| `--org` | `string` | | Namespace of the Docker organization |
| `-o`, `--output` | `string` | | Write the report to a file |
| `--platform` | `string` | | Platform of image to analyze |
| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.<br>Can only be used with archive |
| `--to` | `string` | | Image, directory, or archive to compare to |
| `--to-env` | `string` | | Name of environment to compare to |
| `--to-latest` | | | Latest image processed to compare to |
| `--to-ref` | `string` | | Reference to use if the provided tarball contains multiple references.<br>Can only be used with archive. |
| `--vex-author` | `stringSlice` | `[<.*@docker.com>]` | List of VEX statement authors to accept |
| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements |
| Name | Type | Default | Description |
|:----------------------|:--------------|:--------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `-x`, `--exit-on` | `stringSlice` | | Comma separated list of conditions to fail the action step if worse or changed, options are: vulnerability, policy, package |
| `--format` | `string` | `text` | Output format of the generated vulnerability report:<br>- text: default output, plain text with or without colors depending on the terminal<br>- markdown: Markdown output<br>- json: JSON output<br> |
| `--hide-policies` | | | Hide policy status from the output |
| `--ignore-base` | | | Filter out CVEs introduced from base image |
| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope |
| `--ignore-unchanged` | | | Filter out unchanged packages |
| `--multi-stage` | | | Show packages from multi-stage Docker builds |
| `--only-fixed` | | | Filter to fixable CVEs |
| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) |
| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate |
| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by |
| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names |
| `--only-unfixed` | | | Filter to unfixed CVEs |
| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected |
| `--org` | `string` | | Namespace of the Docker organization |
| `-o`, `--output` | `string` | | Write the report to a file |
| `--platform` | `string` | | Platform of image to analyze |
| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.<br>Can only be used with archive |
| `--to` | `string` | | Image, directory, or archive to compare to |
| `--to-env` | `string` | | Name of environment to compare to |
| `--to-latest` | | | Latest image processed to compare to |
| `--to-ref` | `string` | | Reference to use if the provided tarball contains multiple references.<br>Can only be used with archive. |
| `--vex-author` | `stringSlice` | `[<.*@docker.com>]` | List of VEX statement authors to accept |
| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements |


<!---MARKER_GEN_END-->
Expand Down
Loading