Attestations
dhi.io/rust
1-debian-dev, 1-debian13-dev, 1-dev, 1.97-debian-dev, 1.97-debian13-dev, 1.97-dev, 1.97.0-debian-dev, 1.97.0-debian13-dev, 1.97.0-dev
sha256:77b1139a279b66c92eb7306380119609edc493aad17d374bd52f57077a044fbe
Manifest digest:sha256:db29cbcffe1a0e6cef04e9988bef6a35efc943ad383716bbe1b30e341d66e9d2
Size
349.63 MB
Last pushed
3 days ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/rust:1-debian-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/rust:1-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/rust@sha256:a3540d7acdce61a9acb8d1675d744ce081a0ea105a18273094e147aa45ee653b |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/rust@sha256:040364c8ea1f4d67f5223b01f3efaa07b3e6b3ad714b6d5dbe14c20bbd60c36e |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/rust@sha256:00eb00b7bbd17147e87d413b4a8265b0cf02bb68f9e73cbb3419b1f1ef4d01f3 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/rust@sha256:702c4e507d4de9aa1afcf09c854aa41038b72c05d060ab71d308867eaeb1b3f4 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/rust@sha256:9264da3ebaefc456607c5ca92da3a953ea83eb9a2f4219f73fb67020b15b36d9 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/rust@sha256:720870ba10b46a95e48a670341e37aeea2be6da7e644b4b2d217c6ccbdf96277 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/rust@sha256:06ef117e05589d5acbc37b09b53f70160cc1f58f55938025db43fba47f35bba2 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/rust@sha256:f508a4570efa444ce3e0930f9e37888cf2629d8ee95ba8a99be80998c9bae755 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/rust@sha256:9b540651231ffe49f2d7dc2bf0e3ca9ed8a8e1b88161368d5dfc661011284e4f |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/rust@sha256:ae12dad0e54c2a7091df821daf46bcc159fb8700914f21388d8d69a73ef06ade |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/rust@sha256:48929d80e893d0b32cbe5cbdfa6a79d95e480359904d4e5ccf728d43f1df72f8 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/rust@sha256:0de75f8c86f1bf1bea922d6249a3ff846710f90f25c0b34a55f26b9d8cfef75d |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/rust@sha256:764b1aeb0b95f911f0feaa266cc7c8521f1f0986fb4ec1c0fa29b388b944c363 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/rust@sha256:b2440d032bdd51805d43c4ed2230c60786b9d098e6f865c2ffbe25a7041d8441 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/rust@sha256:6e9e17836e5aa7c4ed348dcf0479e0fe4deec186dac792721bc034c43ac0b8af |