Ruby

dhi.io/ruby

Ruby 3.3.x (dev)

CIS
linux/amd64
alpine 3.23
Tags:

3.3-alpine3.23-dev, 3.3.11-alpine3.23-dev

Index digest:

sha256:17bd62ec26fd6b6545fda20efd7c33667ae9b2cd3d4cccb8b28b279d7dfab7cc

Manifest digest:

sha256:a14c8438ce5a78b211ef0048002493e91f0d457c8af80b0338da0c86c64a368c

Size

93.38 MB

Last pushed

14 hours ago

Vulnerabilities

0
0
2
1
1

Support

Active until Mar 2027

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:3.3-alpine3.23-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:3.3-alpine3.23-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:728618252d47a210d7d9fd84cea6afedb03b3b0ca81243b099aa6e7f556cf7c1
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:e79785229dc166d3b76adc251ff4f13dc1cf753c3b4bc1e61ac11c5007247dd1
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:997e2462c713df07df4f7aadd880c75b79aa162b6f57b90b1b0e5c03ebfbad32
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:2bd565590f1af267c1c53a088c3f2a9f64954b1b397120c524959fee6a5d4c5c
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/ruby@sha256:a7b0c4d26d1099cf3de298ca13a9aeaea357b91ccf7b62cde7110309f6da2abd
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:4cc970cadae314422cdd67bfcac405a1403dca3653c14be1d49c0d2d1141d08c
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:75ad9f1641b5cb9b3bed5ad249a7c16d41647b36eba2a2cd31a5db9a497b61bd
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:ed7f9226dfa08c1d61b683deadc85c11187139ebfc83b6303a031fb54e93cd03
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:b8da96573110d985fa88a5f63419e2be224cc51000ce687ec5ccfb0df3143772
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:cf1a80913d0ee66a2eee297694175c21cc06366d59e802b7670d949bb84802f0
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:c102476e06134c11a3bf47ddc5d41346b4404e01e613820f8c8cdecdb3e7c229
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:75cf28eefb9223faab38169dee66800ca2b539ecfa38ced6d86398d2aba37e4c
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:280a5e7e470778b7d9224c28534f1c6a88fb7054a99c3bab891e9b33cde0ad1d
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:6af1f5a7eb2b40a2d28041b07ab71dd8d8420e7e74394ce8df63527e02687cc8
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:243c3cad4ad8360b8b66580bcec0b4070b74e03b26b581fb0d3c65421a7abf20