Home Explore Blog CI



docker
2nd chunk of `content/manuals/scout/policy/remediation.md`
7d2f88959c25b79845da18c5e9a1a551f14b188286b076260000000100000575


Select the **View fixes** button to opens the remediation side panel containing
recommended actions for your image.

If there are more than one recommendations available, the primary
recommendation displays as the **Recommended fix**. Additional recommendations
are listed as **Quick fixes**. Quick fixes are usually actions that provide a
temporary solution.

The side panel may also contain one or more help sections related to the
available recommendations.

## Up-to-Date Base Images remediation

The **Up-to-Date Base Images** policy checks whether the base image you use is
up-to-date. The recommended actions displayed in the remediation side panel
depend on how much information Docker Scout has about your image. The more
information that's available, the better the recommendations.

The following scenarios outline the different recommendations depending on the
information available about the image.

### No provenance attestations

For Docker Scout to be able to evaluate this policy, you must add [provenance
attestations](/manuals/build/metadata/attestations/slsa-provenance.md) to your image. If
your image doesn't have provenance attestations, compliance is undeterminable.

<!--
  TODO(dvdksn): no support for the following, yet

  When provenance attestations are unavailable, Docker Scout provides generic,
Title: Remediation with Docker Scout: Accessing and Understanding Recommendations
Summary
Clicking the 'View fixes' button opens a side panel with recommended actions. The primary suggestion is labeled 'Recommended fix,' while temporary solutions are listed as 'Quick fixes.' The side panel may also include relevant help sections. For the 'Up-to-Date Base Images' policy, recommendations vary based on the available image information. Compliance is undeterminable without provenance attestations, and users are guided to add them to the image.