Right now, osv-scanner release Docker images are tagged as latest, stable and v2.x.x. The documentation suggests using the latest tag.
Using the latest tag in workflows can be a problem as at some point this will become a v3 release with potentially breaking changes. Using a specific version tag requires constant maintenance to stay on the current osv-scanner release.
In addition to the existing tags, I would like osv-scanner Docker images to be tagged with their major version. For example, v2. This would allow consumers to easily use the latest current release version while avoiding major version breaking changes.
Right now, osv-scanner release Docker images are tagged as
latest,stableandv2.x.x. The documentation suggests using thelatesttag.Using the
latesttag in workflows can be a problem as at some point this will become a v3 release with potentially breaking changes. Using a specific version tag requires constant maintenance to stay on the current osv-scanner release.In addition to the existing tags, I would like osv-scanner Docker images to be tagged with their major version. For example,
v2. This would allow consumers to easily use the latest current release version while avoiding major version breaking changes.