Open
Conversation
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
craig-osterhout
added
status/review
Contributor
Author
|
/review |
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
![docker-agent[bot]](https://avatars.githubusercontent.com/in/2787757?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Assessment: 🟢 APPROVE
This PR adds comprehensive documentation for malware scanning in Docker Hardened Images. The changes are well-structured and follow the Docker documentation style guide.
What was reviewed:
- New file:
malware-scanning.md- Documents ClamAV-based virus scanning with clear examples - Updated:
attestations.md- Added cross-references to the new malware scanning topic - Updated:
build-process.md- Integrated scanning into the build pipeline diagrams - Updated:
_index.md- Added navigation entry for the new topic
Quality checks passed:
✅ No AI-generated patterns (hedge words, meta-commentary, marketing speak)
✅ Proper front matter with all required fields
✅ Valid cross-references and links
✅ Correct goat diagram syntax
✅ Follows Docker documentation style guide
✅ Clear, concise, and technically accurate content
✅ Good use of callouts and code examples
The documentation is ready to merge.
thaJeztah
reviewed
Apr 14, 2026
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Summary
Details
DHI images include a signed virus/malware scan attestation (
https://scout.docker.com/virus/v0.1), but this wasn't documented anywhere beyond a one-line mention in the attestations table. This PR adds a dedicated Explore topic for it and integrates scanning into the build pipeline documentation.The attestation content was verified by pulling actual attestations from both a base image (
dhi.io/python:3.13) and a customized image (projectsteam/dhi-python-3:3.10-alpine3.22_curl). Key findings that informed the docs:clamav/clamav:stable), scanning all OCI blobs including archivesNotable generated topics
Related issues or tickets
Closes #24728
Reviews