diff --git a/dist/docker-scout_1.12.0_checksums.txt b/dist/docker-scout_1.12.0_checksums.txt
deleted file mode 100644
index db6690c..0000000
--- a/dist/docker-scout_1.12.0_checksums.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-837f5727ae0206ecc989ecb34fb0b77775d147a9dbef9f862ac56d10efcd46de docker-scout_1.12.0_darwin_amd64.tar.gz
-81ee17bc0aff180dfd6754b09d0bd885a8e6d7009b9a7c410b2b6056df52dc05 docker-scout_1.12.0_darwin_arm64.tar.gz
-12ee997a8f969979c6eb3d6ecc9703d5233a75298e163f89b2a2f35a454f78e0 docker-scout_1.12.0_linux_amd64.tar.gz
-96d09d1f30089908a4f2978dd3823c9199a560a9ee329bacb77758e48b4cffac docker-scout_1.12.0_linux_arm64.tar.gz
-e6a1676f1a0e44a50bd34c3664aed46f771d5a09da46c5152bf2a979a0cfb6d4 docker-scout_1.12.0_windows_amd64.zip
-f86ba04d86863cc22e2f368ad99ef07c948a62395867881cc1f5c82c51da5aaa docker-scout_1.12.0_windows_arm64.zip
diff --git a/dist/docker-scout_1.13.0_checksums.txt b/dist/docker-scout_1.13.0_checksums.txt
new file mode 100644
index 0000000..10fe32c
--- /dev/null
+++ b/dist/docker-scout_1.13.0_checksums.txt
@@ -0,0 +1,6 @@
+f82ab81c7343836909daeb0decf0a28df86daa9a121fc6b7345aab271b802a2e docker-scout_1.13.0_darwin_amd64.tar.gz
+76fca3a366f5f566594a06a2078e45da6ba12381c306b7efeca5e8016e995cdf docker-scout_1.13.0_darwin_arm64.tar.gz
+0ad88fe202b9308bcca248e9e870e1052db1d1d8186553de6b1f1d3b9164ad77 docker-scout_1.13.0_linux_amd64.tar.gz
+2480722c799ff8e6d28273ee1d5c9f2a5018981213d6beebc80ffbfcc4338890 docker-scout_1.13.0_linux_arm64.tar.gz
+fcbc4d3c41a8403e9b85e781f0dccb0cb51c9cd7520d16cefe3700feb4e3624f docker-scout_1.13.0_windows_amd64.zip
+6105bcea072d3861cc92c47e3970e84fcec2e2608f81f2f286a9b22c782291ab docker-scout_1.13.0_windows_arm64.zip
diff --git a/dist/docker-scout_1.12.0_darwin_amd64.tar.gz b/dist/docker-scout_1.13.0_darwin_amd64.tar.gz
similarity index 69%
rename from dist/docker-scout_1.12.0_darwin_amd64.tar.gz
rename to dist/docker-scout_1.13.0_darwin_amd64.tar.gz
index b19bfec..28fe741 100644
Binary files a/dist/docker-scout_1.12.0_darwin_amd64.tar.gz and b/dist/docker-scout_1.13.0_darwin_amd64.tar.gz differ
diff --git a/dist/docker-scout_1.12.0_darwin_arm64.tar.gz b/dist/docker-scout_1.13.0_darwin_arm64.tar.gz
similarity index 68%
rename from dist/docker-scout_1.12.0_darwin_arm64.tar.gz
rename to dist/docker-scout_1.13.0_darwin_arm64.tar.gz
index d32d579..bd51148 100644
Binary files a/dist/docker-scout_1.12.0_darwin_arm64.tar.gz and b/dist/docker-scout_1.13.0_darwin_arm64.tar.gz differ
diff --git a/dist/docker-scout_1.12.0_linux_amd64.tar.gz b/dist/docker-scout_1.13.0_linux_amd64.tar.gz
similarity index 69%
rename from dist/docker-scout_1.12.0_linux_amd64.tar.gz
rename to dist/docker-scout_1.13.0_linux_amd64.tar.gz
index 9b7773e..12e9aca 100644
Binary files a/dist/docker-scout_1.12.0_linux_amd64.tar.gz and b/dist/docker-scout_1.13.0_linux_amd64.tar.gz differ
diff --git a/dist/docker-scout_1.12.0_linux_arm64.tar.gz b/dist/docker-scout_1.13.0_linux_arm64.tar.gz
similarity index 68%
rename from dist/docker-scout_1.12.0_linux_arm64.tar.gz
rename to dist/docker-scout_1.13.0_linux_arm64.tar.gz
index 0b09d55..36786ac 100644
Binary files a/dist/docker-scout_1.12.0_linux_arm64.tar.gz and b/dist/docker-scout_1.13.0_linux_arm64.tar.gz differ
diff --git a/dist/docker-scout_1.12.0_windows_amd64.zip b/dist/docker-scout_1.13.0_windows_amd64.zip
similarity index 69%
rename from dist/docker-scout_1.12.0_windows_amd64.zip
rename to dist/docker-scout_1.13.0_windows_amd64.zip
index b7411c4..b6d89ba 100644
Binary files a/dist/docker-scout_1.12.0_windows_amd64.zip and b/dist/docker-scout_1.13.0_windows_amd64.zip differ
diff --git a/dist/docker-scout_1.12.0_windows_arm64.zip b/dist/docker-scout_1.13.0_windows_arm64.zip
similarity index 68%
rename from dist/docker-scout_1.12.0_windows_arm64.zip
rename to dist/docker-scout_1.13.0_windows_arm64.zip
index 34ef191..90d7ae1 100644
Binary files a/dist/docker-scout_1.12.0_windows_arm64.zip and b/dist/docker-scout_1.13.0_windows_arm64.zip differ
diff --git a/docs/docker_scout_compare.yaml b/docs/docker_scout_compare.yaml
index 516cb36..a6a986c 100644
--- a/docs/docker_scout_compare.yaml
+++ b/docs/docker_scout_compare.yaml
@@ -136,6 +136,16 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: only-policy
+ value_type: stringSlice
+ default_value: '[]'
+ description: Comma separated list of policies to evaluate
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: only-severity
value_type: stringSlice
default_value: '[]'
diff --git a/docs/docker_scout_cves.yaml b/docs/docker_scout_cves.yaml
index 0e1f400..896c3b4 100644
--- a/docs/docker_scout_cves.yaml
+++ b/docs/docker_scout_cves.yaml
@@ -124,6 +124,17 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: ignore-suppressed
+ value_type: bool
+ default_value: "false"
+ description: |
+ Filter CVEs found in Scout exceptions based on the specified exception scope
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: locations
value_type: bool
default_value: "false"
diff --git a/docs/docker_scout_policy.yaml b/docs/docker_scout_policy.yaml
index fdf59dd..077907e 100644
--- a/docs/docker_scout_policy.yaml
+++ b/docs/docker_scout_policy.yaml
@@ -30,6 +30,16 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: only-policy
+ value_type: stringSlice
+ default_value: '[]'
+ description: Comma separated list of policies to evaluate
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: org
value_type: string
description: Namespace of the Docker organization
diff --git a/docs/docker_scout_quickview.yaml b/docs/docker_scout_quickview.yaml
index f8f9ed7..4810146 100644
--- a/docs/docker_scout_quickview.yaml
+++ b/docs/docker_scout_quickview.yaml
@@ -46,6 +46,17 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: ignore-suppressed
+ value_type: bool
+ default_value: "false"
+ description: |
+ Filter CVEs found in Scout exceptions based on the specified exception scope
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: latest
value_type: bool
default_value: "false"
@@ -56,6 +67,16 @@ options:
experimentalcli: false
kubernetes: false
swarm: false
+ - option: only-policy
+ value_type: stringSlice
+ default_value: '[]'
+ description: Comma separated list of policies to evaluate
+ deprecated: false
+ hidden: false
+ experimental: false
+ experimentalcli: false
+ kubernetes: false
+ swarm: false
- option: only-vex-affected
value_type: bool
default_value: "false"
diff --git a/docs/scout_compare.md b/docs/scout_compare.md
index b153bc1..f25aa86 100644
--- a/docs/scout_compare.md
+++ b/docs/scout_compare.md
@@ -19,6 +19,7 @@ Compare two images and display differences (experimental)
| `--multi-stage` | | | Show packages from multi-stage Docker builds |
| `--only-fixed` | | | Filter to fixable CVEs |
| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) |
+| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate |
| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by |
| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names |
| `--only-unfixed` | | | Filter to unfixed CVEs |
diff --git a/docs/scout_cves.md b/docs/scout_cves.md
index 4a7b84b..cd95ab4 100644
--- a/docs/scout_cves.md
+++ b/docs/scout_cves.md
@@ -19,6 +19,7 @@ Display CVEs identified in a software artifact
| `-e`, `--exit-code` | | | Return exit code '2' if vulnerabilities are detected |
| `--format` | `string` | `packages` | Output format of the generated vulnerability report:
- packages: default output, plain text with vulnerabilities grouped by packages
- sarif: json Sarif output
- spdx: json SPDX output
- gitlab: json GitLab output
- markdown: markdown output (including some html tags like collapsible sections)
- sbom: json SBOM output
|
| `--ignore-base` | | | Filter out CVEs introduced from base image |
+| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope |
| `--locations` | | | Print package locations including file paths and layer diff_id |
| `--multi-stage` | | | Show packages from multi-stage Docker builds |
| `--only-base` | | | Only show CVEs introduced by the base image |
diff --git a/docs/scout_policy.md b/docs/scout_policy.md
index 5da8fca..46735c0 100644
--- a/docs/scout_policy.md
+++ b/docs/scout_policy.md
@@ -5,14 +5,15 @@ Evaluate policies against an image and display the policy evaluation results (ex
### Options
-| Name | Type | Default | Description |
-|:--------------------|:---------|:--------|:------------------------------------------------------------|
-| `-e`, `--exit-code` | | | Return exit code '2' if policies are not met, '0' otherwise |
-| `--org` | `string` | | Namespace of the Docker organization |
-| `-o`, `--output` | `string` | | Write the report to a file |
-| `--platform` | `string` | | Platform of image to pull policy results from |
-| `--to-env` | `string` | | Name of the environment to compare to |
-| `--to-latest` | | | Latest image processed to compare to |
+| Name | Type | Default | Description |
+|:--------------------|:--------------|:--------|:------------------------------------------------------------|
+| `-e`, `--exit-code` | | | Return exit code '2' if policies are not met, '0' otherwise |
+| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate |
+| `--org` | `string` | | Namespace of the Docker organization |
+| `-o`, `--output` | `string` | | Write the report to a file |
+| `--platform` | `string` | | Platform of image to pull policy results from |
+| `--to-env` | `string` | | Name of the environment to compare to |
+| `--to-latest` | | | Latest image processed to compare to |
diff --git a/docs/scout_quickview.md b/docs/scout_quickview.md
index ac55cdb..3bf752a 100644
--- a/docs/scout_quickview.md
+++ b/docs/scout_quickview.md
@@ -12,7 +12,9 @@ Quick overview of an image
| Name | Type | Default | Description |
|:----------------------|:--------------|:--------|:--------------------------------------------------------------------------------------------------------|
| `--env` | `string` | | Name of the environment |
+| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope |
| `--latest` | | | Latest indexed image |
+| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate |
| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected |
| `--org` | `string` | | Namespace of the Docker organization |
| `-o`, `--output` | `string` | | Write the report to a file |