docker Docker Engine Releases · · 0.5.0

Moby Client 0.5.0: New endpoint for image attestations

securityengineer
feature

The Moby client has released version 0.5.0, introducing a new `/images/{name}/attestations` endpoint. This feature allows users to retrieve in-toto attestation statements, including SLSA provenance and SPDX SBOM, directly from the Docker daemon. This change benefits developers and security teams by streamlining the process of accessing critical image metadata, reducing the need for extra registry calls.

Read the original announcement →

https://github.com/moby/moby/releases/tag/client/v0.5.0

Related releases