Difference between revisions of "Docker scan"
Jump to navigation
Jump to search
| Line 36: | Line 36: | ||
== See also == | == See also == | ||
| − | |||
* {{docker scan}} | * {{docker scan}} | ||
| − | * {{ | + | * {{Container scan}} |
[[Category:Docker]] | [[Category:Docker]] | ||
Revision as of 11:27, 8 November 2024
docker scan
Usage: docker scan [OPTIONS] IMAGE
A tool to scan your images
Options:
--accept-license Accept using a third party scanning provider
--dependency-tree Show dependency tree with scan results
--exclude-base Exclude base image from vulnerability scanning (requires --file)
-f, --file string Dockerfile associated with image, provides more detailed results
--group-issues Aggregate duplicated vulnerabilities and group them to a single one (requires --json)
--json Output results in JSON format
--login Authenticate to the scan provider using an optional token (with --token), or web base token if empty
--reject-license Reject using a third party scanning provider
--severity string Only report vulnerabilities of provided level or higher (low|medium|high)
--token string Authentication token to login to the third party scanning provider
--version Display version of the scan plugin
"docker scan" requires exactly 1 argument
docker scan Docker Scan relies upon access to Snyk, a third party provider, do you consent to proceed using Snyk? (y/N)
Related
- SCA
- Snyk
- Auditing:
npm audit - GitHub code scanning
- GitHub dependabot
- GitHub Advanced Security
- GitLab security scanner
gcloud beta container images describe --show-package-vulnerability- Amazon Inspector
See also
Advertising:
