trufflehog icon indicating copy to clipboard operation
trufflehog copied to clipboard

Published 20 hours ago verified publisher icon trufflesecurity

Support for scanning local docker image

Open t3mi opened this issue 6 months ago • 1 comments

Description

Please add support for scanning docker image which is present locally (just built) instead of pulling it from the registry.

Preferred Solution

If the image is available locally, don't reach the registry, and do that only if it's absent. Or implement additional flag like --image-priority local | --image-priority remote to control the behaviour.

Additional Context

I as a user want to prevent situation when image was pushed to the registry with leaked secret(s)/vulnerabilities.

t3mi avatar Apr 24 '25 09:04 t3mi