Ruby

dhi.io/ruby

Ruby 4.0.x (fips)

CIS
FIPS
STIG
linux/amd64
debian 13
Tags:

4-debian-fips, 4-debian13-fips, 4-fips, 4.0-debian-fips, 4.0-debian13-fips, 4.0-fips, 4.0.6-debian-fips, 4.0.6-debian13-fips, 4.0.6-fips

Index digest:

sha256:3f91baba85d25d712d0e65983e152f81197692e90e90618648d1904e43d3cd38

Manifest digest:

sha256:a10e9143be4235feb9568d29a5e3c9ef3336a790cdec131ea75f2770891321d1

Size

56.04 MB

Last pushed

18 hours ago

Vulnerabilities

0
0
0
0
4

Support

Active

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:4-debian-fips

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:4-debian-fips --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:5d64da7d36b7c9be49814a2c580e5c975915f7b2671d42e404528374e9f132b5
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:f4edf2bd19bebd23e7a7781b0f017764a336fb54b5ffc79a74ab59ea046404c0
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/ruby@sha256:05ca40cacf4f02d1ba83708c8e5cb5e5ea109226c7d6cf280b28fe7a0833c53c
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:807f03718f06e1bb9da531e7bc858cad2f554cea7cab93c0226779ce1842effb
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/ruby@sha256:0e75d34fac33aa226368b9f84f2baed00b95ecd164931a844391a69d06683caa
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:a7e00501add80cb425c18308a1c6672504dc00dded80d8e7868c69a9428e51ce
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/ruby@sha256:4b10aeb564044734e17b2b1c4c786a7e13fd236e45de90ef200348af024bb57d
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:f874bc8e91576c69de164a3b4f9eb31f11c9ef22073e5cf2865ba9c692b121e7
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:0d252586fca407b6583f04a984661f2639be07f53364c28b22f01020bdda364f
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:c0108ac8909b2a497595212fa5d1616a17677ad1f7c76fc6e0709ec2a6e21f22
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:6e6a61a2eda588b573e01c3a835dd876ff8d270e46c65ea7fa9e2466160d9a3e
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:660dc7dd10f36066129b16b83e37fe7e53e1e55cbe421affdf3d2ac8cd4339be
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:eaea86c5a3f89e91aad3ac04fce3df6e80a809966c927c70981b8ed8310e9d57
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:1e0ac8ea92b515ffd37252b3210aef897a87331baafa5da488791fe4428e7df9
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:83481ae7cfa6a6736e5f60d58fccc5b415f73bac13f06822e2630dcab1ced5c2
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:a7f4a5b9f0e805af74989e928eee59a80afb26227e0913aad63530161da11395
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:ed4bd958cd233bb51671ff4a8e66ff947f4a135f24e60e62f6cbc4d55119e0db