Ruby

dhi.io/ruby

Ruby 4.0.x (fips, dev)

CIS
FIPS
STIG
linux/arm64
debian 13
Tags:

4-debian-fips-dev, 4-debian13-fips-dev, 4-fips-dev, 4.0-debian-fips-dev, 4.0-debian13-fips-dev, 4.0-fips-dev, 4.0.6-debian-fips-dev, 4.0.6-debian13-fips-dev, 4.0.6-fips-dev

Index digest:

sha256:84fd0662b52d47e43790a5f629969373fe3769d6024840cbe25d9d759ce4b659

Manifest digest:

sha256:256647077d4a0ed3c669e3dc66927f066f9b4c58e3d6762689947c36220f019b

Size

160.09 MB

Last pushed

1 hour ago

Vulnerabilities

1
2
3
18
20

Support

Active

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:4-debian-fips-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:4-debian-fips-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:cd60fa47bdd37851f64554057bf04ff8e515f613c64fa183f4e8b81a8f69a78d
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:10c1a40a2dfdbd80aa4c78083b11be7e1490f21e920d21b56942179bebb002fe
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/ruby@sha256:f62a65cb51bce8152348f2a5f061cb1416e687a36e6980a88fafb67fc637b4fa
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:a871ef8985a1d51f958939d2a8683f287d98e49113694248c5b04e0874b86c6f
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/ruby@sha256:d075313c70b769dbabdf1502a94b3f94f46f0bfde78066aca3707d3a75c7a80e
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:5e7b8fb6b3937853087ac7a98b24dfc04b03c1934bf3aa5b1405d3eb461c555e
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/ruby@sha256:5bbbaec540cf8aae460f057e2aca5dc23a567548cbe737cce51889cba4a9a64c
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:c0f36bb4cc19f6ab843684be3030aa79356c05d3ac423b752748cfffcb8d3e4f
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:1d61aab19607a632787b1ebfec5bac44244b31ef1591073799a1763fa8ec23d2
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:1e60ff3909f367fe207be777188d5d8a4f45c8ee3b2900461d1c80452a95396a
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:c56a0453e268b7d2bf9b618ea621099070c3c9110da1e2bb718d3a667c8d446e
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:cf3b4d29c0061df7adc0a83238abab4ffe5948cdb546d3f02c5bf5577ad5164a
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:309f1dbc0a97cb0c7fee9d7aae202a2f223a51e22bd1473828f24a48ebca1986
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:293f6f140ef64c7ac51a324676892aa65f810a68c3afd2263bae0ec724ecd7c4
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:91b424bda7263ed0d58206e6ed67dc23ceae73a4264402b2188747a48226b155
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:194db9790d9a4d03208e3f7500d720b09864e59d182e3c2e58dd7d4f986740c1
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:66b0147b1f210f45cb563a72cc9f1bcd6c1e3fa1786970faa7f832f68bad365a