Attestations
dhi.io/rust
1-alpine3.23-dev, 1.96-alpine3.23-dev, 1.96.1-alpine3.23-dev
sha256:453f4e7dd46228d3b6fe2597c578dafc57b820c68e4fe390e084bd76db38fb1f
Manifest digest:sha256:c299fe7762299098fd64032b7a189ff33275735f87c275db5a63b06d26eef9c0
Size
190.13 MB
Last pushed
6 days ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/rust:1-alpine3.23-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/rust:1-alpine3.23-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/rust@sha256:858583f43176d1fb46ea7c02b996c1218b5779b4c5f645fcea50fe97c0270e2b |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/rust@sha256:e7fb37579c375789b2b4312f32419dddc77c3577ebe559a5004d506d697649bb |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/rust@sha256:b76d97587204017722552410f69953e8338219ce47a493aeb51c23c882ca1de9 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/rust@sha256:679a5b50dc82c00fd8e6a02f010af14f78acaef9dc02cdff37b2a456506a3ad8 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/rust@sha256:1188b0536f0754d29183dd5f88ebfc0b1c9b5804babe3fd090d46595e310ef7b |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/rust@sha256:b7e04399ac76ae42e7e462765b95ea79a159825baa7f59c6f797bf402782bacb |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/rust@sha256:c1eabc98d820642c9c7b408b8969e3cb35258a47d63d7829cbde13de50b150e1 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/rust@sha256:e514e17dc8ba46e8d8af328b916b247a46b838b45423d55ae17e039ca40356b8 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/rust@sha256:6adb8397c95deae9a6e77ebe3b9924be265ab3ce163ae05cf47c0838902430b1 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/rust@sha256:56d8a646c1749d5b95724353cd7ce345a4d9f43c9791acce1f942ec36a2ac5da |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/rust@sha256:92041a758731cbb1d35af553b1af21b855cbfc003b4710d2ffeae14d2dee907c |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/rust@sha256:9aad6fee6b9f45f171246fd2f10de1af976270595877b7623a1bf38fcb50824d |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/rust@sha256:1e403225b7df80a0c7cf1f9544bea6673e3be3235338b2dcf10a7bfed365ef52 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/rust@sha256:ff31aaf7604df4e00a63852b3dd90bc86fc9827c3631ecfcb0e070f6f335d14c |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/rust@sha256:4fb3161151d9bfbea7b691ef3fabea5b5689a0b19d3d28cac69063a5b9098aa4 |