Skip to content

Commit 239ebeb

Browse files
usha-mandyausha-mandya
authored
Merge pull request docker#24927 from usha-mandya/sbx-test
docs: remove stale TODO comments from Scout remediation page
2 parents 3f42de4 + a877548 commit 239ebeb

1 file changed

Lines changed: 0 additions & 26 deletions

File tree

content/manuals/scout/policy/remediation.md

Lines changed: 0 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@ following policy types:
1818
- [Up-to-Date Base Images](#up-to-date-base-images-remediation)
1919
- [Supply Chain Attestations](#supply-chain-attestations-remediation)
2020

21-
<!-- TODO(dvdksn): verify the following -->
2221
> [!NOTE]
2322
> Guided remediation is not supported for custom policies.
2423
@@ -78,20 +77,6 @@ For Docker Scout to be able to evaluate this policy, you must add [provenance
7877
attestations](/manuals/build/metadata/attestations/slsa-provenance.md) to your image. If
7978
your image doesn't have provenance attestations, compliance is undeterminable.
8079

81-
<!--
82-
TODO(dvdksn): no support for the following, yet
83-
84-
When provenance attestations are unavailable, Docker Scout provides generic,
85-
best-effort recommendations in the remediation side panel. These
86-
recommendations estimate your base using information from image analysis
87-
results. The base image version is unknown, but you can manually select the
88-
version you use in the remediation side panel. This lets Docker Scout evaluate
89-
whether the base image detected in the image analysis is up-to-date with the
90-
version you selected.
91-
92-
https://github.com/docker/docs/pull/18961#discussion_r1447186845
93-
-->
94-
9580
### Provenance attestations available
9681

9782
With provenance attestations added, Docker Scout can correctly detect the base
@@ -125,17 +110,6 @@ changes from making their way into your supply chain.
125110
For more information about base image pinning, see [Pin base image
126111
versions](/manuals/build/building/best-practices.md#pin-base-image-versions).
127112

128-
<!--
129-
TODO(dvdksn): no support for the following, yet
130-
131-
Enabling the GitHub integration also allows Docker Scout to visualize the
132-
remediation workflow in the Docker Scout Dashboard. Each step, from the pull
133-
request being raised to the image being deployed to an environment, is
134-
displayed in the remediation sidebar when inspecting the image.
135-
136-
https://github.com/docker/docs/pull/18961#discussion_r1447189475
137-
-->
138-
139113
## Supply Chain Attestations remediation
140114

141115
The default **Supply Chain Attestations** policy requires full provenance and

0 commit comments

Comments
 (0)