Merge pull request #24405 from craig-osterhout/dhi-docs-scanner-1

dvdksn · web-flow · commit b0a2a7fead20 · 2026-03-19T13:05:05.000+01:00
dhi: updates from scanner
diff --git a/content/manuals/dhi/core-concepts/cis.md b/content/manuals/dhi/core-concepts/cis.md
@@ -24,9 +24,9 @@ Following the CIS Docker Benchmark helps organizations:
 ## How Docker Hardened Images comply with the CIS Benchmark
 
 Docker Hardened Images (DHIs) are designed with security in mind and are
-verified to be compliant with the relevant controls from the latest CIS
-Docker Benchmark (v1.8.0) for the scope that applies to container images and
-Dockerfile configuration.
+verified to be compliant with the relevant controls from the CIS Docker
+Benchmark for the scope that applies to container images and Dockerfile
+configuration.
 
 CIS-compliant DHIs are compliant with all controls in Section 4, with the sole
 exception of the control requiring Docker Content Trust (DCT), which [Docker
diff --git a/content/manuals/dhi/core-concepts/cves.md b/content/manuals/dhi/core-concepts/cves.md
@@ -160,9 +160,6 @@ $ docker scout vex get dhi.io/<image>:<tag> --output vex.json
 
 > [!NOTE]
 >
-> The `docker scout vex get` command requires [Docker Scout
-> CLI](https://github.com/docker/scout-cli/) version 1.18.3 or later.
->
 > If the image exists locally on your device, you must prefix the image name with `registry://`. For example, use
 > `registry://dhi.io/python:3.13` instead of `dhi.io/python:3.13`.
 
diff --git a/content/manuals/dhi/core-concepts/sscs.md b/content/manuals/dhi/core-concepts/sscs.md
@@ -17,9 +17,9 @@ ensuring the integrity and security of these elements is paramount
 
 ## Why is SSCS important?
 
-The significance of SSCS has escalated due to the rise in sophisticated
-cyberattacks targeting software supply chains. Recent incidents and the
-exploitation of vulnerabilities in open-source components have underscored the
+The significance of SSCS has escalated due to sophisticated cyberattacks
+targeting software supply chains. High-profile supply chain attacks and the
+exploitation of vulnerabilities in open-source components underscore the
 critical need for robust supply chain security measures. Compromises at any
 stage of the software lifecycle can lead to widespread vulnerabilities, data
 breaches, and significant financial losses.

Original file line number	Diff line number	Diff line change
`@@ -160,9 +160,6 @@ $ docker scout vex get dhi.io/<image>:<tag> --output vex.json`
`160`	`160`
`161`	`161`	`> [!NOTE]`
`162`	`162`	`>`
`163`		-> The `docker scout vex get` command requires [Docker Scout
`164`		`-> CLI](https://github.com/docker/scout-cli/) version 1.18.3 or later.`
`165`		`->`
`166`	`163`	> If the image exists locally on your device, you must prefix the image name with `registry://`. For example, use
`167`	`164`	> `registry://dhi.io/python:3.13` instead of `dhi.io/python:3.13`.
`168`	`165`