Highlights
- Add support for passing in SBOM files in SDPX or in-toto SDPX format
uses: docker/scout-action@v1 with: command: cves image: sbom://alpine.spdx.json
- Add support for SBOM files in syft-json format
uses: docker/scout-action@v1 with: command: cves image: sbom://alpine.syft.json
Bug Fixes / Improvements
- Fix panic when indexing single image
oci-dir
input - Improve local attestation support with the
containerd
image store