Ruby

dhi.io/ruby

Ruby 3.3.x (fips, dev)

CIS
FIPS
STIG
linux/amd64
alpine 3.24
Tags:

3.3-alpine-fips-dev, 3.3-alpine3.24-fips-dev, 3.3.11-alpine-fips-dev, 3.3.11-alpine3.24-fips-dev

Index digest:

sha256:3945f02aabd33b12b42d473b5a38b04bd0a1325105a781cf089c6bf923b8add2

Manifest digest:

sha256:dd686e3bd8ab4acab68dc178c8d12d138fc09c0795aaf54cda2f17c66f0edb74

Size

94.29 MB

Last pushed

13 hours ago

Vulnerabilities

0
0
2
1
1

Support

Active until Mar 2027

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:3.3-alpine-fips-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:3.3-alpine-fips-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:fe4820b0ca39d59eabd53f89c3556688214cb5ad6433d2b832e814791aec141b
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:454df5d008ff9191ccbd05f5f3d50842d1d10748f8f4e39d8997aab5be6a6566
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/ruby@sha256:52cf65f28eaa47814d94aaec2ce1a0c234344c47634e86ca81a91345348935ff
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:716f3ed59f95212fcd77de7296659647562943897402ab3568061bdc98ecd3e4
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/ruby@sha256:1bbf8f8b25e6f69e087045f1bc06a094935a3a5ce36503a947eba20477ea05b4
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:08d4b58b818a9a46e50b7ce5e8cb41246e703e9e61bc1423d25c9de4e9962efd
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:07a0987dc6adb2134ffe383896327818a184a9e4e595dc5ab63d96af5ee8cddb
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:a1ed91c774e628211e1dac7293f8fc4f1e748ca9942b727607649c4733ba4d83
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:b77d803f3e2cb125f5188674f1dd150ddbe0efe3d5887273e0ee73943635d3ab
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:4bb286d725059887b8406fe65c59a2c7dba401782ece7e4f5ae2c9a224b57df9
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:ef05026afd90aa78c062e2d73d336dac96d195407ea73c8ff7c113319510bb0e
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:040876f83d0cfb55b4c03bf237e401274895523a63bc0d7c41467c7c44fc8c59
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:a3b57c855f9e5288e2955e27d550dfe2af65231d16e21a06dcde743c1061a9e9
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:3fefb1ccd37f403eb37533ba700046367fd4696b4741116d7ffee319b1131022
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:908772476462745d9141d327d36010d0b9c04e1a0028a30574a872d9b04edc9b
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:3cb110e68c7f62a06a7a33509065e6724199b5e24fffc733958bc022a71b1b98