Docker SBOM plugin migration to Docker Scout

[crazy-max]

Description

This PR documents the discontinuation of the standalone Docker SBOM CLI plugin and directs users to docker scout sbom.

The Docker Scout SBOM page now includes a deprecation note and migration examples for common docker sbom workflows. The C++ supply-chain security guide now uses Docker Scout instead of the discontinued plugin.

The standalone plugin has been discontinued in favor of Docker Scout, so the docs should stop teaching new users to install or run docker sbom.

Related issues or tickets

• https://github.com/docker/sbom-cli-plugin/releases/tag/v0.7.0

Reviews

• Technical review
• Editorial review
• Product review

[netlify]

✅ Deploy Preview for docsdocker ready!

Name	Link
🔨 Latest commit	979de85
🔍 Latest deploy log	https://app.netlify.com/projects/docsdocker/deploys/6a0c5bdc2663db0008b3f7d0
😎 Deploy Preview	https://deploy-preview-25098--docsdocker.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[docker-agent]

Assessment: 🟢 APPROVE

The migration from the deprecated docker sbom plugin to docker scout sbom is clean and well-executed. Both changed files are correct, commands use valid syntax, the deprecation callout uses correct GitHub-style shortcode, and internal links resolve correctly. No high or medium issues found.

[thaJeztah]

LGTM

[docker-agent]

Assessment: 🟢 APPROVE

All findings were investigated and verified clean. The migration from docker sbom to docker scout sbom is accurate and well-documented:

• Format flags are correct: --format spdx and --format cyclonedx are confirmed valid by the CLI reference (data/cli/scout/docker_scout_sbom.yaml)
• Install script URL: Uses Docker's official canonical install URL — consistent with Docker Scout's own documentation
• Deprecation note: Clear and properly formatted using the [!NOTE] callout
• Migration section: Comprehensive, with correct before/after command pairs for all common workflows
• No vendored files touched
• No missing redirects (this PR modifies existing pages, not removes/moves them)

[docker-agent]

Assessment: 🟡 NEEDS ATTENTION

Two medium-severity content accuracy issues found in the migration documentation. No critical issues (no missing redirects, no vendored files touched, no broken markdown).

[docker-agent]

Assessment: 🟢 APPROVE

The PR cleanly migrates the C++ supply chain security guide from the deprecated docker sbom CLI plugin to docker scout sbom, and adds the plugin to the retired features page in retired.md. Changes are accurate, well-scoped, and consistent with Docker documentation conventions. No broken links, missing redirects for removed pages, or high/medium issues found.