Attestations
dhi.io/rust
1, 1-debian, 1-debian13, 1.97, 1.97-debian, 1.97-debian13, 1.97.0, 1.97.0-debian, 1.97.0-debian13
sha256:5b487089808f4e7b28387bf14848d0d9cba86bb6dee4ec0c10aa9f3ca95c32dd
Manifest digest:sha256:d7a98b9fa559ed0430790d89236285578990f12cbd84a2243547fbcae7194c0a
Size
342.75 MB
Last pushed
3 days ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/rust:12. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/rust:1 --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/rust@sha256:da8f216d51b175173a2a6573374e831e4255d07299fd8d91e63013641974524c |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/rust@sha256:412a9114096b0fb993a56e35bbb9088cc9bdcc33219428017228fb257358ff2e |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/rust@sha256:a055e8d13ebdb34d8cd532500cb40a078f570c1b4f4e63db2b6373b158101942 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/rust@sha256:35140ed1194a0d98c4f44354ed37cbf15c47037582c9914d33f6dbc7e22d3545 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/rust@sha256:cb746be4045a29322655762a785f1a42d3a04850371678a57e1eb36d72ac7828 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/rust@sha256:227b1258bba05121eebf112395692b08b5d91bf82eefaabf4426ddb3f29fc0bb |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/rust@sha256:69be59e82fb25411ca5957d883ce5cc89ec468fd8fb61bc4a75a4a518568aec0 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/rust@sha256:8425128f665c9e073e0dbf652fc375e235f4200279a38713ae745ca978ac5dde |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/rust@sha256:b6b678de4275b7d06a5f7363db36ffa22adba68a2efdce2384a60f709f7e9e6b |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/rust@sha256:570fb1605d4e27b15cdc25eeb5c0b7ff55a020cbbeaaae1e0a9038b6d7ba9a59 |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/rust@sha256:4104870ebbcd8c4b71d748f20acb862bb6acca793c3a23305e78692f0be7570d |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/rust@sha256:67268b87022159671ced5fd9644b2c3bd39c5a87cc478bd0137b71f49c5440ba |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/rust@sha256:0dc79e7a4ebfc4cdbd0866aef6f742e58513489d4d64103658cf193da72cc32b |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/rust@sha256:0f49b8a66045252984cf6ff81e59d6e0ead8a602d038731fd9ff182adfa6bd74 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/rust@sha256:2678c3831213ec2e021e890505bce3ed2e41df46fc66662056900413723ad541 |