container-scanning
Software composition analysis of a container image
Synopsis
Scan a container image for vulnerabilities. The image must either be a tar file (--path) or be available for download via a container registry (--image). The command generates or uploads an SBOM which is then analyzed by DevGuard. The request is signed using the configured token before upload.