Ruby

dhi.io/ruby

Ruby 3.4.x (dev)

CIS
linux/amd64
debian 13
Tags:

3-debian-dev, 3-debian13-dev, 3-dev, 3.4-debian-dev, 3.4-debian13-dev, 3.4-dev, 3.4.10-debian-dev, 3.4.10-debian13-dev, 3.4.10-dev

Index digest:

sha256:048f9f77142a3ef4cf963d20d806f52c02b7dd0be998b90d19ac5584bc75157c

Manifest digest:

sha256:87eef05d463f0bab95e7d1fb81c2988c8bec2a22553f5689be27abbde4cca20a

Size

157.64 MB

Last pushed

1 day ago

Vulnerabilities

1
2
3
18
22

Support

Active until Mar 2028

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:3-debian-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:3-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:55271e090f7f57dc63a3a9325dfd1513a05fafd9f0b63c266abd0b2f31602b3d
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:b9d9643df0fc5b864282eb8ae6d69cf0a684aeac660f108d4f428c9783066622
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:0844bc45ce431bfdedff66555cdb726fb16b14eed64d21a70464d1c7c23cfa0c
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:472c1ac4f962233f2b2d88ff44bb5b0f2c497b43dcdeae40e7d7ad8b0fb11c85
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/ruby@sha256:dc540be02632efbd5eb5500e5abae2e89f6ed8a8fedb318e437f052c4d9aad92
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:13d57dad1aa8994fe317e796925df74559efe185273cb51f0d9bb9051ea05469
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:5b619934c489c17ea7f3c17e65d9665d533ea2668ee3cf84eff39178abaee306
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:48984908d270222a0d5742f243f3f222d0a5e1be4cf7201af7c3dcd5d7b929de
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:4d01863bba6f90bcd8b1b39d9d38b7ddbf8dadd96782562d87e0e107d8bdc42f
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:a5b5cedc89d2f1c659a4a8befa58475a6624374a67835db08113bcfd45e66763
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:d9e4dc93dfd318af09489968ba9acd75c647796b1c732937b40a97b01feca6b5
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:14d0005a7f3ae78f31242ff250f61104c219d0b7c129ab624cc4f899e9d93bc8
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:50b5380abefbeff3f7b71e55d8078a0a920a1629d93cfd657ba750dbda573fc8
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:2556b13e84c2269d80d0c54c8475d7b35e584d6f5429d174df10a1c19c8e8eeb
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:ba6e4031d6cc27965b5a2fdd880acf2b5188c1b28c0ba71f1cb77e1ec383f643