Moby Client 0.5.0: New endpoint for image attestations
securityengineer
feature
The Moby client has released version 0.5.0, introducing a new `/images/{name}/attestations` endpoint. This feature allows users to retrieve in-toto attestation statements, including SLSA provenance and SPDX SBOM, directly from the Docker daemon. This change benefits developers and security teams by streamlining the process of accessing critical image metadata, reducing the need for extra registry calls.
Read the original announcement →
https://github.com/moby/moby/releases/tag/client/v0.5.0
Related releases
- Docker Compose v5.2.0 releases with new reconciliation algorithm Docker Compose Releases ·
- Docker Engine 29.6.1 addresses security vulnerabilities and updates components Docker Engine Releases ·
- Docker Compose v5.3.0 Adds Init Containers Docker Compose Releases ·
- Docker Compose v5.3.1: CI hardening and dependency updates Docker Compose Releases ·
- Docker 29.6.0: New API endpoint, image attestations, and networking fixes Docker Engine Releases ·
- Moby API v1.55.0 adds image attestations and container update options Docker Engine Releases ·