Publish v0.17.1 release

dist/docker-scout_0.17.1_checksums.txt

@@ -0,0 +1,6 @@
+1a4ce3ce3eb498f756f40013b8b6dc8827fdbf6f558977bdf4da7cdab4c2628e  docker-scout_0.17.1_windows_arm64.zip
+2210bc89f0585afe26860fba153188079260ef4bd8a7393642d1cad85c49bcef  docker-scout_0.17.1_linux_amd64.tar.gz
+461235c3306eeb02e80add34e83c33c397507053e7edc7ae70b533d61d6a722f  docker-scout_0.17.1_darwin_arm64.tar.gz
+5c4b40e208ec3ef103e228ab874d2fdabaa413958f79c85ac0c29bd70a09868c  docker-scout_0.17.1_windows_amd64.zip
+7e8c250a73a3e5adc40e6e6f88f534a72e00f418679c5b5260178732a541d688  docker-scout_0.17.1_darwin_amd64.tar.gz
+93fc1ec1dc4504bc411a97bf9a7a01caf30aae6144b0bb93920fdf712ccd0b37  docker-scout_0.17.1_linux_arm64.tar.gz

docs/docker_scout_compare.yaml

@@ -9,7 +9,7 @@ long: |-
     The main usage is to compare two versions of the same image.
     For instance when a new image is built and compared to the version running in production.
 
-    If no image is specified, the most recently build image will be used.
+    If no image is specified, the most recently built image will be used.
 
     The following artifact types are supported:
 

docs/docker_scout_cves.yaml

@@ -3,7 +3,7 @@ short: Display CVEs identified in a software artifact
 long: |-
     The `docker scout cves` command analyzes a software artifact for vulnerabilities.
 
-    If no image is specified, the most recently build image will be used.
+    If no image is specified, the most recently built image will be used.
 
     The following artifact types are supported:
 
@@ -52,6 +52,7 @@ options:
         Output format of the generated vulnerability report:
         - packages: default output, plain text with vulnerabilities grouped by packages
         - sarif: json Sarif output
+        - markdown: markdown output
       deprecated: false
       hidden: false
       experimental: false

docs/docker_scout_quickview.yaml

@@ -6,7 +6,7 @@ long: |-
     It displays a summary of the vulnerabilities in the image and the vulnerabilities from the base image.
     If available it also displays base image refresh and update recommendations.
 
-    If no image is specified, the most recently build image will be used.
+    If no image is specified, the most recently built image will be used.
 usage: docker scout quickview [IMAGE|DIRECTORY|ARCHIVE]
 pname: docker scout
 plink: docker_scout.yaml

docs/docker_scout_recommendations.yaml

@@ -5,7 +5,7 @@ long: |-
     It analyzes the image and display recommendations to refresh or update the base image.
     For each recommendation it shows a list of benefits like less vulnerabilities, smaller image, etc.
 
-    If no image is specified, the most recently build image will be used.
+    If no image is specified, the most recently built image will be used.
 
     The following artifact types are supported:
 

docs/docker_scout_repo_disable.yaml

@@ -2,9 +2,19 @@ command: docker scout repo disable
 short: Disable Docker Scout
 long: |
     The docker scout repo disable command disables Docker Scout on repositories.
-usage: docker scout repo disable REPOSITORY
+usage: docker scout repo disable REPOSITORY|ORG
 pname: docker scout repo
 plink: docker_scout_repo.yaml
+options:
+    - option: filter
+      value_type: string
+      description: Regular expression to filter repositories by name
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 inherited_options:
     - option: debug
       value_type: bool

docs/docker_scout_repo_enable.yaml

@@ -1,9 +1,19 @@
 command: docker scout repo enable
 short: Enable Docker Scout
 long: The docker scout repo enable command enables Docker Scout on repositories.
-usage: docker scout repo enable REPOSITORY
+usage: docker scout repo enable REPOSITORY|ORG
 pname: docker scout repo
 plink: docker_scout_repo.yaml
+options:
+    - option: filter
+      value_type: string
+      description: Regular expression to filter repositories by name
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 inherited_options:
     - option: debug
       value_type: bool

docs/docker_scout_sbom.yaml

@@ -5,7 +5,7 @@ long: |-
 
     The SBOM can be used to list all packages, or the ones from a specific type (as dep, maven, etc).
 
-    If no image is specified, the most recently build image will be used.
+    If no image is specified, the most recently built image will be used.
 
     The following artifact types are supported:
 

docs/scout_compare.md

@@ -41,7 +41,7 @@ The `docker scout compare` command analyzes two images and displays a comparison
 The main usage is to compare two versions of the same image.
 For instance when a new image is built and compared to the version running in production.
 
-If no image is specified, the most recently build image will be used.
+If no image is specified, the most recently built image will be used.
 
 The following artifact types are supported:
 

docs/scout_cves.md

@@ -9,22 +9,22 @@ Display CVEs identified in a software artifact
 
 ### Options
 
-| Name                  | Type          | Default    | Description                                                                                                                                                               |
-|:----------------------|:--------------|:-----------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `--details`           |               |            | Print details on default text output                                                                                                                                      |
-| `-e`, `--exit-code`   |               |            | Return exit code '2' if vulnerabilities are detected                                                                                                                      |
-| `--format`            | `string`      | `packages` | Output format of the generated vulnerability report:<br>- packages: default output, plain text with vulnerabilities grouped by packages<br>- sarif: json Sarif output<br> |
-| `--ignore-base`       |               |            | Filter out CVEs introduced from base image                                                                                                                                |
-| `--locations`         |               |            | Print package locations including file paths and layer diff_id                                                                                                            |
-| `--only-cve-id`       | `stringSlice` |            | Comma separated list of CVE ids (like CVE-2021-45105) to search for                                                                                                       |
-| `--only-fixed`        |               |            | Filter to fixable CVEs                                                                                                                                                    |
-| `--only-package-type` | `stringSlice` |            | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)                                                                                        |
-| `--only-severity`     | `stringSlice` |            | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by                                                                           |
-| `--only-unfixed`      |               |            | Filter to unfixed CVEs                                                                                                                                                    |
-| `-o`, `--output`      | `string`      |            | Write the report to a file.                                                                                                                                               |
-| `--platform`          | `string`      |            | Platform of image to analyze                                                                                                                                              |
-| `--ref`               | `string`      |            | Reference to use if the provided tarball contains multiple references.<br>Can only be used with --type archive.                                                           |
-| `--type`              | `string`      | `image`    | Type of the image to analyze. Can be one of:<br>- image<br>- oci-dir<br>- archive (docker save tarball)<br>                                                               |
+| Name                  | Type          | Default    | Description                                                                                                                                                                                              |
+|:----------------------|:--------------|:-----------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `--details`           |               |            | Print details on default text output                                                                                                                                                                     |
+| `-e`, `--exit-code`   |               |            | Return exit code '2' if vulnerabilities are detected                                                                                                                                                     |
+| `--format`            | `string`      | `packages` | Output format of the generated vulnerability report:<br>- packages: default output, plain text with vulnerabilities grouped by packages<br>- sarif: json Sarif output<br>- markdown: markdown output<br> |
+| `--ignore-base`       |               |            | Filter out CVEs introduced from base image                                                                                                                                                               |
+| `--locations`         |               |            | Print package locations including file paths and layer diff_id                                                                                                                                           |
+| `--only-cve-id`       | `stringSlice` |            | Comma separated list of CVE ids (like CVE-2021-45105) to search for                                                                                                                                      |
+| `--only-fixed`        |               |            | Filter to fixable CVEs                                                                                                                                                                                   |
+| `--only-package-type` | `stringSlice` |            | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)                                                                                                                       |
+| `--only-severity`     | `stringSlice` |            | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by                                                                                                          |
+| `--only-unfixed`      |               |            | Filter to unfixed CVEs                                                                                                                                                                                   |
+| `-o`, `--output`      | `string`      |            | Write the report to a file.                                                                                                                                                                              |
+| `--platform`          | `string`      |            | Platform of image to analyze                                                                                                                                                                             |
+| `--ref`               | `string`      |            | Reference to use if the provided tarball contains multiple references.<br>Can only be used with --type archive.                                                                                          |
+| `--type`              | `string`      | `image`    | Type of the image to analyze. Can be one of:<br>- image<br>- oci-dir<br>- archive (docker save tarball)<br>                                                                                              |
 
 
 <!---MARKER_GEN_END-->
@@ -33,7 +33,7 @@ Display CVEs identified in a software artifact
 
 The `docker scout cves` command analyzes a software artifact for vulnerabilities.
 
-If no image is specified, the most recently build image will be used.
+If no image is specified, the most recently built image will be used.
 
 The following artifact types are supported:
 

docs/scout_quickview.md

@@ -25,7 +25,7 @@ The `docker scout quickview` command displays a quick overview of an image.
 It displays a summary of the vulnerabilities in the image and the vulnerabilities from the base image.
 If available it also displays base image refresh and update recommendations.
 
-If no image is specified, the most recently build image will be used.
+If no image is specified, the most recently built image will be used.
 
 ## Examples
 

docs/scout_recommendations.md

@@ -24,7 +24,7 @@ The `docker scout recommendations` command display recommendations for base imag
 It analyzes the image and display recommendations to refresh or update the base image.
 For each recommendation it shows a list of benefits like less vulnerabilities, smaller image, etc.
 
-If no image is specified, the most recently build image will be used.
+If no image is specified, the most recently built image will be used.
 
 The following artifact types are supported:
 

docs/scout_repo_disable.md

@@ -3,6 +3,12 @@
 <!---MARKER_GEN_START-->
 Disable Docker Scout
 
+### Options
+
+| Name       | Type     | Default | Description                                       |
+|:-----------|:---------|:--------|:--------------------------------------------------|
+| `--filter` | `string` |         | Regular expression to filter repositories by name |
+
 
 <!---MARKER_GEN_END-->
 

docs/scout_repo_enable.md

@@ -3,6 +3,12 @@
 <!---MARKER_GEN_START-->
 Enable Docker Scout
 
+### Options
+
+| Name       | Type     | Default | Description                                       |
+|:-----------|:---------|:--------|:--------------------------------------------------|
+| `--filter` | `string` |         | Regular expression to filter repositories by name |
+
 
 <!---MARKER_GEN_END-->
 

docs/scout_sbom.md

@@ -23,7 +23,7 @@ The `docker scout sbom` command analyzes a software artifact to generate the cor
 
 The SBOM can be used to list all packages, or the ones from a specific type (as dep, maven, etc).
 
-If no image is specified, the most recently build image will be used.
+If no image is specified, the most recently built image will be used.
 
 The following artifact types are supported: