Attestations
dhi.io/rust
1-alpine-dev, 1-alpine3.24-dev, 1.96-alpine-dev, 1.96-alpine3.24-dev, 1.96.0-alpine-dev, 1.96.0-alpine3.24-dev
sha256:0377786b208d0b4cd49a7acd684c2b218be6260397c2c65d13155602f0220b80
Manifest digest:sha256:cd8cc6391d7d86f41055b350fa2441d5e32683b3d157d8b0fb03f159874da368
Size
202.02 MB
Last pushed
1 day ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/rust:1-alpine-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/rust:1-alpine-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/rust@sha256:2978f83054e4aa0c2725cd4e4b4961e1aba8eda9a7dfab00b11b434064de671b |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/rust@sha256:8b775144981d93035ea55dcb3d7ba0be340a828ddc359cff904b2bffe2040c21 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/rust@sha256:7455158cd9d71c283835411e8645013d1cab1f8d65580dd03f94cdf8a5e18659 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/rust@sha256:72beff9ea996e4c906bfb5247b1858eac13965b0d52498c1fab7414aac0ae7a6 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/rust@sha256:17eeda2f7223be264740deb5820cbbe00349b580425d782ea6222256c7392739 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/rust@sha256:ca3334527558af56a727b91df4e69acb5990100f929ef61e451756d301e9babc |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/rust@sha256:ca4195c04ded4bfb10f89387d2e5a459fa4a6c53bf308d4e88453d31ec1138ac |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/rust@sha256:97a8d4ca661b38928992988ab3d25638377a420d068a9fd7946886e36dd365b5 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/rust@sha256:8fff38a9595260670649abeec8d1fbb3cf44191e5e392e00d5fadb5ea0763b2e |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/rust@sha256:1680d4eade320737d304fd0b1f9863b7fa83fb8d54f1d7113052fd6808a94f51 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/rust@sha256:356b514255ef00da35d2e831d58d1fab3013e2423683e06bca2981204da234ce |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/rust@sha256:54b465d43aa1de99d553a4b1970ca6f262a00744597e618c925faf68620b8488 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/rust@sha256:61b34ffb4ebe42bbee341f360bf803d0f5b1f609cd34c28244fd9833ef0309d0 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/rust@sha256:ae87fc286cb27bc0c13a5a76151fc495ffeee3e00717b9441caacdb73f71ed64 |