scout: add "package types" config option for vulnerabilities policy

Signed-off-by: David Karlsson <[email protected]>
docker · Sep 9, 2024 · c95a07b · c95a07b
1 parent d271b4b
commit c95a07b
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/content/manuals/scout/policy/_index.md b/content/manuals/scout/policy/_index.md
@@ -101,6 +101,12 @@ The following policy parameters are configurable in a custom version:
 - **Fixable vulnerabilities only**: Whether or not to only report
   vulnerabilities with a fix version available (enabled by default).
 
+- **Package types**: List of package types to consider.
+
+  This option lets you specify the package types, as [PURL package type definitions](https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst),
+  that you want to include in the policy evaluation. By default, the policy
+  considers all package types.
+
 For more information about configuring policies, see [Configure policies](./configure.md).
 
 ### No AGPL v3 licenses