Merged
Conversation
New Features: - ScanImage(): Scan from image reference string (e.g., 'nginx:latest') - Summary(): Concise one-line status output for CI logs - Score(): Return just the numeric security score (0-100) - IgnoreCVEs(): Suppress specific CVE IDs (false positives/accepted risks) Benefits: - Easier CLI usage with ScanImage (no need to create Container first) - Quick status checks with Summary (perfect for dashboards) - Metrics integration with Score (monitoring systems) - CVE management with IgnoreCVEs (handle known issues) Implementation: - Added context import for ScanImage - Added IgnoredCVEs field to AuditConfig - Implemented filterIgnoredCVEs and recalculateSummary helpers - All new methods properly documented with parameter descriptions
- Auto-create tags following semantic versioning (vX.Y.Z) - Determine version bump from conventional commit messages: - BREAKING CHANGE/breaking: -> major bump - feat: -> minor bump - fix:/chore:/docs: -> patch bump - Publish to Daggerverse using versioned tags - Supports both initial setup (v0.0.0) and incremental versioning
- Force patch bumps when version is in 0.0.x range - Create GitHub Release with auto-generated release notes - Include changelog and Daggerverse link in releases - Properly handle first release scenario
sylvester-francis
changed the title
- Document scan-image convenience method - Document summary one-line output - Document score numeric output - Document ignore-cves filtering - Add usage examples for all new features
- Add scan-image convenience method example - Add summary one-line output example - Add score numeric output example - Add ignore-cves filtering example This updates the package documentation that appears on Daggerverse.
- Use concise one-line title format - Keep description brief and focused - Reduce examples to 3 essential use cases - Remove verbose features list (kept in README) - Follow style similar to other Daggerverse modules
Repository owner
locked as resolved and limited conversation to collaborators
Jan 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When this PR merges to main:
✅ Auto-creates tag v0.0.2 (patch bump from v0.0.1)
✅ Creates GitHub Release with changelog
✅ Publishes to Daggerverse as github.com/sylvester-francis/Sentry@v0.0.2
✅ Release includes links to changelog and Daggerverse