From 28d2ed9e5903a59f58d6a12703b0f8cd9b16ed06 Mon Sep 17 00:00:00 2001
From: salaxander <salaxander@users.noreply.github.com>
Date: Wed, 27 Sep 2023 14:43:37 +0000
Subject: [PATCH] deploy: 28191f15f934eaeee898a05dafc768be4d206d4e

---
 website/404.html                                            | 4 ++--
 website/assets/js/72e14192.3a58b2b1.js                      | 1 -
 website/assets/js/72e14192.caf3f8a8.js                      | 1 +
 .../{runtime~main.f1c526f2.js => runtime~main.fcaf8288.js}  | 2 +-
 website/code-of-conduct.html                                | 4 ++--
 website/contributing.html                                   | 4 ++--
 website/design.html                                         | 4 ++--
 website/faq.html                                            | 4 ++--
 website/index.html                                          | 4 ++--
 website/installation.html                                   | 4 ++--
 website/next.html                                           | 4 ++--
 website/next/code-of-conduct.html                           | 4 ++--
 website/next/contributing.html                              | 4 ++--
 website/next/design.html                                    | 4 ++--
 website/next/faq.html                                       | 4 ++--
 website/next/installation.html                              | 4 ++--
 website/next/output.html                                    | 4 ++--
 website/next/quick-start.html                               | 6 +++---
 website/next/troubleshooting.html                           | 4 ++--
 website/quick-start.html                                    | 4 ++--
 website/troubleshooting.html                                | 4 ++--
 website/v0.1.x.html                                         | 4 ++--
 website/v0.1.x/code-of-conduct.html                         | 4 ++--
 website/v0.1.x/contributing.html                            | 4 ++--
 website/v0.1.x/design.html                                  | 4 ++--
 website/v0.1.x/faq.html                                     | 4 ++--
 website/v0.1.x/installation.html                            | 4 ++--
 website/v0.1.x/quick-start.html                             | 4 ++--
 website/v0.2.x.html                                         | 4 ++--
 website/v0.2.x/code-of-conduct.html                         | 4 ++--
 website/v0.2.x/contributing.html                            | 4 ++--
 website/v0.2.x/design.html                                  | 4 ++--
 website/v0.2.x/faq.html                                     | 4 ++--
 website/v0.2.x/installation.html                            | 4 ++--
 website/v0.2.x/quick-start.html                             | 4 ++--
 website/v0.3.x.html                                         | 4 ++--
 website/v0.3.x/code-of-conduct.html                         | 4 ++--
 website/v0.3.x/contributing.html                            | 4 ++--
 website/v0.3.x/design.html                                  | 4 ++--
 website/v0.3.x/faq.html                                     | 4 ++--
 website/v0.3.x/installation.html                            | 4 ++--
 website/v0.3.x/quick-start.html                             | 4 ++--
 42 files changed, 81 insertions(+), 81 deletions(-)
 delete mode 100644 website/assets/js/72e14192.3a58b2b1.js
 create mode 100644 website/assets/js/72e14192.caf3f8a8.js
 rename website/assets/js/{runtime~main.f1c526f2.js => runtime~main.fcaf8288.js} (98%)

diff --git a/website/404.html b/website/404.html
index 30a0d93c..e0516b1e 100644
--- a/website/404.html
+++ b/website/404.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/">v0.4.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next">Next</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0"><main class="container margin-vert--xl"><div class="row"><div class="col col--6 col--offset-3"><h1 class="hero__title">Page Not Found</h1><p>We could not find what you were looking for.</p><p>Please contact the owner of the site that linked you to the original URL and let them know their link is broken.</p></div></div></main></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/assets/js/72e14192.3a58b2b1.js b/website/assets/js/72e14192.3a58b2b1.js
deleted file mode 100644
index 955701b2..00000000
--- a/website/assets/js/72e14192.3a58b2b1.js
+++ /dev/null
@@ -1 +0,0 @@
-"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[239],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>k});var i=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);t&&(i=i.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,i)}return n}function o(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?r(Object(n),!0).forEach((function(t){a(e,t,n[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):r(Object(n)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))}))}return e}function l(e,t){if(null==e)return{};var n,i,a=function(e,t){if(null==e)return{};var n,i,a={},r=Object.keys(e);for(i=0;i<r.length;i++)n=r[i],t.indexOf(n)>=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(i=0;i<r.length;i++)n=r[i],t.indexOf(n)>=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=i.createContext({}),c=function(e){var t=i.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return i.createElement(s.Provider,{value:t},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return i.createElement(i.Fragment,{},t)}},m=i.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,k=d["".concat(s,".").concat(m)]||d[m]||u[m]||r;return n?i.createElement(k,o(o({ref:t},p),{},{components:n})):i.createElement(k,o({ref:t},p))}));function k(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,o=new Array(r);o[0]=m;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[d]="string"==typeof e?e:a,o[1]=l;for(var c=2;c<r;c++)o[c]=n[c];return i.createElement.apply(null,o)}return i.createElement.apply(null,n)}m.displayName="MDXCreateElement"},4181:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>r,metadata:()=>l,toc:()=>c});var i=n(7462),a=(n(7294),n(3905));const r={title:"Quick Start"},o=void 0,l={unversionedId:"quick-start",id:"quick-start",title:"Quick Start",description:"This sample illustrates how to patch containers using vulnerability reports with copa.",source:"@site/docs/quick-start.md",sourceDirName:".",slug:"/quick-start",permalink:"/copacetic/website/next/quick-start",draft:!1,tags:[],version:"current",frontMatter:{title:"Quick Start"},sidebar:"sidebar",previous:{title:"Installation",permalink:"/copacetic/website/next/installation"},next:{title:"Output",permalink:"/copacetic/website/next/output"}},s={},c=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Sample Steps",id:"sample-steps",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,i.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,"This sample illustrates how to patch containers using vulnerability reports with ",(0,a.kt)("inlineCode",{parentName:"p"},"copa"),"."),(0,a.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"An Ubuntu 22.04 VM configured through the ",(0,a.kt)("a",{parentName:"li",href:"/copacetic/website/next/installation"},"setup instructions"),". This includes:",(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"copa")," tool ",(0,a.kt)("a",{parentName:"li",href:"/copacetic/website/next/installation"},"built & pathed"),"."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"https://github.com/moby/buildkit/#quick-start"},"buildkit")," daemon installed & pathed. ",(0,a.kt)("a",{parentName:"li",href:"#buildkit-connection-examples"},"Examples")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"https://docs.docker.com/desktop/linux/install/#generic-installation-steps"},"docker")," daemon running and CLI installed & pathed."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"https://aquasecurity.github.io/trivy/latest/getting-started/installation/"},"trivy CLI")," installed & pathed.")))),(0,a.kt)("h2",{id:"sample-steps"},"Sample Steps"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Scan the container image for patchable OS vulnerabilities, outputting the results to a JSON file:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"trivy image --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6.json docker.io/library/nginx:1.21.6\n")),(0,a.kt)("p",{parentName:"li"},"You can also see the existing patchable vulnerabilities in table form on the shell with:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6\n\n"))),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"To patch the image, use the Trivy report and specify a buildkit instance to connect to:"),(0,a.kt)("p",{parentName:"li"},"By default copa will attempt to auto-connect to an instance in order:"),(0,a.kt)("ol",{parentName:"li"},(0,a.kt)("li",{parentName:"ol"},"Default docker buildkit endpoint (requires at least docker v24.0 with ",(0,a.kt)("a",{parentName:"li",href:"https://docs.docker.com/storage/containerd/#enable-containerd-image-store-on-docker-engine"},"containerd snapshotter")," support enabled)"),(0,a.kt)("li",{parentName:"ol"},"Currently selected buildx builder (see: ",(0,a.kt)("inlineCode",{parentName:"li"},"docker buildx --help"),")"),(0,a.kt)("li",{parentName:"ol"},"buildkit daemon at the default address ",(0,a.kt)("inlineCode",{parentName:"li"},"/run/buildkit/buildkitd.sock"))),(0,a.kt)("p",{parentName:"li"},"If an instance doesn't exist or that instance doesn't support all the features copa needs the next will be attempted.\nYou may need to specify a custom address using the ",(0,a.kt)("inlineCode",{parentName:"p"},"--addr")," flag. Here are the supported formats:"),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"unix:///path/to/buildkit.sock")," - Connect to buildkit over unix socket."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"tcp://$BUILDKIT_ADDR:$PORT")," - Connec to buildkit over TCP. (not recommended for security reasons)"),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"docker://<docker connection spec>")," - Connect to docker, currently only unix sockets are supported, e.g. ",(0,a.kt)("inlineCode",{parentName:"li"},"docker://unix:///var/run/docker.sock")," (or just ",(0,a.kt)("inlineCode",{parentName:"li"},"docker://"),")."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"docker-container://my-buildkit-container")," - Connect to a buildkitd running in a docker container."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"buildx://my-builder")," - Connect to a buildx builder (or ",(0,a.kt)("inlineCode",{parentName:"li"},"buildx://")," for the currently selected builder). ",(0,a.kt)("em",{parentName:"li"},"Note: only container-backed buildx instances are currently supported")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"nerdctl-container://my-container-name")," - Similar to ",(0,a.kt)("inlineCode",{parentName:"li"},"docker-container")," but uses ",(0,a.kt)("inlineCode",{parentName:"li"},"nerdctl"),"."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"podman-container://my-container-name")," - Similar to ",(0,a.kt)("inlineCode",{parentName:"li"},"docker-container")," but uses ",(0,a.kt)("inlineCode",{parentName:"li"},"podman"),"."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"ssh://myhost")," - Connect to a buildkit instance over SSH. Format of the host spec should mimic the SSH command."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"kubepod://mypod")," - Connect to buildkit running in a Kubernetes pod. Can also specify kubectl context and pod namespace (",(0,a.kt)("inlineCode",{parentName:"li"},"kubepod://mypod?context=foo&namespace=notdefault"),").")),(0,a.kt)("h4",{parentName:"li",id:"buildkit-connection-examples"},"Buildkit Connection Examples"),(0,a.kt)("p",{parentName:"li"},"Example: Connect using defaults:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched\n")),(0,a.kt)("p",{parentName:"li"},"Example: Connect to buildx"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre"},"docker buildx create --name demo\ncopa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr buildx://demo\n")),(0,a.kt)("p",{parentName:"li"},"Example: Buildkit in a container"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre"},'export BUILDKIT_VERSION=v0.12.0\ndocker run \\\n    --detach \\\n    --rm \\\n    --privileged \\\n    --name buildkitd \\\n    --entrypoint buildkitd \\\n    "moby/buildkit:$BUILDKIT_VERSION"\n\ncopa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr docker-container://buildkitd\n')),(0,a.kt)("p",{parentName:"li"},"Example: Buildkit over TCP"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre"},'export BUILDKIT_VERSION=v0.12.0\n export BUILDKIT_PORT=8888\n docker run \\\n     --detach \\\n     --rm \\\n     --privileged \\\n     -p 127.0.0.1:$BUILDKIT_PORT:$BUILDKIT_PORT/tcp \\\n     --name buildkitd \\\n     --entrypoint buildkitd \\\n     "moby/buildkit:$BUILDKIT_VERSION" \\\n     --addr tcp://0.0.0.0:$BUILDKIT_PORT\n copa patch \\\n     -i docker.io/library/nginx:1.21.6 \\\n     -r nginx.1.21.6.json \\\n     -t 1.21.6-patched \\\n     -a tcp://0.0.0.0:$BUILDKIT_PORT\n')),(0,a.kt)("p",{parentName:"li"},"In either case, ",(0,a.kt)("inlineCode",{parentName:"p"},"copa")," is non-destructive and exports a new image with the specified ",(0,a.kt)("inlineCode",{parentName:"p"},"1.21.6-patched")," label to the local Docker daemon."),(0,a.kt)("blockquote",{parentName:"li"},(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"NOTE:")," if you're running this sample against an image from a private registry instead,\nensure that the credentials are configured in the default Docker config.json before running ",(0,a.kt)("inlineCode",{parentName:"p"},"copa patch"),",\nfor example, via ",(0,a.kt)("inlineCode",{parentName:"p"},"sudo docker login -u <user> -p <password> <registry>"),"."))),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Scan the patched image and verify that the vulnerabilities have been patched:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6-patched\n")),(0,a.kt)("p",{parentName:"li"},"You can also inspect the structure of the patched image with ",(0,a.kt)("inlineCode",{parentName:"p"},"docker history")," to see the new patch layer appended to the image:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},'$ docker history docker.io/library/nginx:1.21.6-patched\nIMAGE          CREATED        CREATED BY                                      SIZE      COMMENT\na372df41e06d   1 minute ago   mount / from exec sh -c apt install --no-ins\u2026   26.1MB    buildkit.exporter.image.v0\n<missing>      3 months ago   CMD ["nginx" "-g" "daemon off;"]                0B        buildkit.dockerfile.v0\n<missing>      3 months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0\n<missing>      3 months ago   EXPOSE map[80/tcp:{}]                           0B        buildkit.dockerfile.v0\n<missing>      3 months ago   ENTRYPOINT ["/docker-entrypoint.sh"]            0B        buildkit.dockerfile.v0\n<missing>      3 months ago   COPY 30-tune-worker-processes.sh /docker-ent\u2026   4.61kB    buildkit.dockerfile.v0\n<missing>      3 months ago   COPY 20-envsubst-on-templates.sh /docker-ent\u2026   1.04kB    buildkit.dockerfile.v0\n<missing>      3 months ago   COPY 10-listen-on-ipv6-by-default.sh /docker\u2026   1.96kB    buildkit.dockerfile.v0\n<missing>      3 months ago   COPY docker-entrypoint.sh / # buildkit          1.2kB     buildkit.dockerfile.v0\n<missing>      3 months ago   RUN /bin/sh -c set -x     && addgroup --syst\u2026   61.1MB    buildkit.dockerfile.v0\n<missing>      3 months ago   ENV PKG_RELEASE=1~bullseye                      0B        buildkit.dockerfile.v0\n<missing>      3 months ago   ENV NJS_VERSION=0.7.0                           0B        buildkit.dockerfile.v0\n<missing>      3 months ago   ENV NGINX_VERSION=1.20.2                        0B        buildkit.dockerfile.v0\n<missing>      3 months ago   LABEL maintainer=NGINX Docker Maintainers <d\u2026   0B        buildkit.dockerfile.v0\n<missing>      4 months ago   /bin/sh -c #(nop)  CMD ["bash"]                 0B\n<missing>      4 months ago   /bin/sh -c #(nop) ADD file:09675d11695f65c55\u2026   80.4MB\n'))),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Run the container to verify that the image has no regressions:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},'$ docker run -it --rm --name nginx-test docker.io/library/nginx:1.21.6-patched\n/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration\n/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/\n/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh\n10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf\n10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf\n/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh\n/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh\n/docker-entrypoint.sh: Configuration complete; ready for start up\n2022/05/16 18:00:17 [notice] 1#1: using the "epoll" event method\n2022/05/16 18:00:17 [notice] 1#1: nginx/1.20.2\n2022/05/16 18:00:17 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)\n2022/05/16 18:00:17 [notice] 1#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2\n2022/05/16 18:00:17 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576\n2022/05/16 18:00:17 [notice] 1#1: start worker processes\n2022/05/16 18:00:17 [notice] 1#1: start worker process 31\n2022/05/16 18:00:17 [notice] 1#1: start worker process 32\n2022/05/16 18:00:17 [notice] 1#1: start worker process 33\n2022/05/16 18:00:17 [notice] 1#1: start worker process 34\n2022/05/16 18:00:17 [notice] 1#1: start worker process 35\n2022/05/16 18:00:17 [notice] 1#1: start worker process 36\n2022/05/16 18:00:17 [notice] 1#1: start worker process 37\n2022/05/16 18:00:17 [notice] 1#1: start worker process 38\n2022/05/16 18:00:17 [notice] 38#38: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 36#36: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 33#33: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 32#32: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 34#34: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 35#35: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 37#37: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 1#1: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 31#31: signal 28 (SIGWINCH) received\n')),(0,a.kt)("p",{parentName:"li"},"You can stop the container by opening a new shell instance and running: ",(0,a.kt)("inlineCode",{parentName:"p"},"docker stop nginx-test")))))}d.isMDXComponent=!0}}]);
\ No newline at end of file
diff --git a/website/assets/js/72e14192.caf3f8a8.js b/website/assets/js/72e14192.caf3f8a8.js
new file mode 100644
index 00000000..62e54a53
--- /dev/null
+++ b/website/assets/js/72e14192.caf3f8a8.js
@@ -0,0 +1 @@
+"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[239],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>k});var i=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);t&&(i=i.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,i)}return n}function o(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?r(Object(n),!0).forEach((function(t){a(e,t,n[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):r(Object(n)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))}))}return e}function l(e,t){if(null==e)return{};var n,i,a=function(e,t){if(null==e)return{};var n,i,a={},r=Object.keys(e);for(i=0;i<r.length;i++)n=r[i],t.indexOf(n)>=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(i=0;i<r.length;i++)n=r[i],t.indexOf(n)>=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=i.createContext({}),c=function(e){var t=i.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return i.createElement(s.Provider,{value:t},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return i.createElement(i.Fragment,{},t)}},m=i.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,k=d["".concat(s,".").concat(m)]||d[m]||u[m]||r;return n?i.createElement(k,o(o({ref:t},p),{},{components:n})):i.createElement(k,o({ref:t},p))}));function k(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,o=new Array(r);o[0]=m;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[d]="string"==typeof e?e:a,o[1]=l;for(var c=2;c<r;c++)o[c]=n[c];return i.createElement.apply(null,o)}return i.createElement.apply(null,n)}m.displayName="MDXCreateElement"},4181:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>r,metadata:()=>l,toc:()=>c});var i=n(7462),a=(n(7294),n(3905));const r={title:"Quick Start"},o=void 0,l={unversionedId:"quick-start",id:"quick-start",title:"Quick Start",description:"This sample illustrates how to patch containers using vulnerability reports with copa.",source:"@site/docs/quick-start.md",sourceDirName:".",slug:"/quick-start",permalink:"/copacetic/website/next/quick-start",draft:!1,tags:[],version:"current",frontMatter:{title:"Quick Start"},sidebar:"sidebar",previous:{title:"Installation",permalink:"/copacetic/website/next/installation"},next:{title:"Output",permalink:"/copacetic/website/next/output"}},s={},c=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Sample Steps",id:"sample-steps",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,i.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,"This sample illustrates how to patch containers using vulnerability reports with ",(0,a.kt)("inlineCode",{parentName:"p"},"copa"),"."),(0,a.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"An Ubuntu 22.04 VM configured through the ",(0,a.kt)("a",{parentName:"li",href:"/copacetic/website/next/installation"},"setup instructions"),". This includes:",(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"copa")," tool ",(0,a.kt)("a",{parentName:"li",href:"/copacetic/website/next/installation"},"built & pathed"),"."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"https://github.com/moby/buildkit/#quick-start"},"buildkit")," daemon installed & pathed. ",(0,a.kt)("a",{parentName:"li",href:"#buildkit-connection-examples"},"Examples")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"https://docs.docker.com/desktop/linux/install/#generic-installation-steps"},"docker")," daemon running and CLI installed & pathed."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"https://aquasecurity.github.io/trivy/latest/getting-started/installation/"},"trivy CLI")," installed & pathed.")))),(0,a.kt)("h2",{id:"sample-steps"},"Sample Steps"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Scan the container image for patchable OS vulnerabilities, outputting the results to a JSON file:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"trivy image --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6.json docker.io/library/nginx:1.21.6\n")),(0,a.kt)("p",{parentName:"li"},"You can also see the existing patchable vulnerabilities in table form on the shell with:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6\n\n"))),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"To patch the image, use the Trivy report and specify a buildkit instance to connect to:"),(0,a.kt)("p",{parentName:"li"},"By default copa will attempt to auto-connect to an instance in order:"),(0,a.kt)("ol",{parentName:"li"},(0,a.kt)("li",{parentName:"ol"},"Default docker buildkit endpoint (requires at least docker v24.0 with ",(0,a.kt)("a",{parentName:"li",href:"https://docs.docker.com/storage/containerd/#enable-containerd-image-store-on-docker-engine"},"containerd snapshotter")," support enabled)"),(0,a.kt)("li",{parentName:"ol"},"Currently selected buildx builder (see: ",(0,a.kt)("inlineCode",{parentName:"li"},"docker buildx --help"),")"),(0,a.kt)("li",{parentName:"ol"},"buildkit daemon at the default address ",(0,a.kt)("inlineCode",{parentName:"li"},"/run/buildkit/buildkitd.sock"))),(0,a.kt)("p",{parentName:"li"},"If an instance doesn't exist or that instance doesn't support all the features copa needs the next will be attempted.\nYou may need to specify a custom address using the ",(0,a.kt)("inlineCode",{parentName:"p"},"--addr")," flag. Here are the supported formats:"),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"unix:///path/to/buildkit.sock")," - Connect to buildkit over unix socket."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"tcp://$BUILDKIT_ADDR:$PORT")," - Connect to buildkit over TCP. (not recommended for security reasons)"),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"docker://<docker connection spec>")," - Connect to docker, currently only unix sockets are supported, e.g. ",(0,a.kt)("inlineCode",{parentName:"li"},"docker://unix:///var/run/docker.sock")," (or just ",(0,a.kt)("inlineCode",{parentName:"li"},"docker://"),")."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"docker-container://my-buildkit-container")," - Connect to a buildkitd running in a docker container."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"buildx://my-builder")," - Connect to a buildx builder (or ",(0,a.kt)("inlineCode",{parentName:"li"},"buildx://")," for the currently selected builder). ",(0,a.kt)("em",{parentName:"li"},"Note: only container-backed buildx instances are currently supported")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"nerdctl-container://my-container-name")," - Similar to ",(0,a.kt)("inlineCode",{parentName:"li"},"docker-container")," but uses ",(0,a.kt)("inlineCode",{parentName:"li"},"nerdctl"),"."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"podman-container://my-container-name")," - Similar to ",(0,a.kt)("inlineCode",{parentName:"li"},"docker-container")," but uses ",(0,a.kt)("inlineCode",{parentName:"li"},"podman"),"."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"ssh://myhost")," - Connect to a buildkit instance over SSH. Format of the host spec should mimic the SSH command."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("inlineCode",{parentName:"li"},"kubepod://mypod")," - Connect to buildkit running in a Kubernetes pod. Can also specify kubectl context and pod namespace (",(0,a.kt)("inlineCode",{parentName:"li"},"kubepod://mypod?context=foo&namespace=notdefault"),").")),(0,a.kt)("h4",{parentName:"li",id:"buildkit-connection-examples"},"Buildkit Connection Examples"),(0,a.kt)("p",{parentName:"li"},"Example: Connect using defaults:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched\n")),(0,a.kt)("p",{parentName:"li"},"Example: Connect to buildx"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre"},"docker buildx create --name demo\ncopa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr buildx://demo\n")),(0,a.kt)("p",{parentName:"li"},"Example: Buildkit in a container"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre"},'export BUILDKIT_VERSION=v0.12.0\ndocker run \\\n    --detach \\\n    --rm \\\n    --privileged \\\n    --name buildkitd \\\n    --entrypoint buildkitd \\\n    "moby/buildkit:$BUILDKIT_VERSION"\n\ncopa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr docker-container://buildkitd\n')),(0,a.kt)("p",{parentName:"li"},"Example: Buildkit over TCP"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre"},'export BUILDKIT_VERSION=v0.12.0\n export BUILDKIT_PORT=8888\n docker run \\\n     --detach \\\n     --rm \\\n     --privileged \\\n     -p 127.0.0.1:$BUILDKIT_PORT:$BUILDKIT_PORT/tcp \\\n     --name buildkitd \\\n     --entrypoint buildkitd \\\n     "moby/buildkit:$BUILDKIT_VERSION" \\\n     --addr tcp://0.0.0.0:$BUILDKIT_PORT\n copa patch \\\n     -i docker.io/library/nginx:1.21.6 \\\n     -r nginx.1.21.6.json \\\n     -t 1.21.6-patched \\\n     -a tcp://0.0.0.0:$BUILDKIT_PORT\n')),(0,a.kt)("p",{parentName:"li"},"In either case, ",(0,a.kt)("inlineCode",{parentName:"p"},"copa")," is non-destructive and exports a new image with the specified ",(0,a.kt)("inlineCode",{parentName:"p"},"1.21.6-patched")," label to the local Docker daemon."),(0,a.kt)("blockquote",{parentName:"li"},(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"NOTE:")," if you're running this sample against an image from a private registry instead,\nensure that the credentials are configured in the default Docker config.json before running ",(0,a.kt)("inlineCode",{parentName:"p"},"copa patch"),",\nfor example, via ",(0,a.kt)("inlineCode",{parentName:"p"},"sudo docker login -u <user> -p <password> <registry>"),"."))),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Scan the patched image and verify that the vulnerabilities have been patched:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6-patched\n")),(0,a.kt)("p",{parentName:"li"},"You can also inspect the structure of the patched image with ",(0,a.kt)("inlineCode",{parentName:"p"},"docker history")," to see the new patch layer appended to the image:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},'$ docker history docker.io/library/nginx:1.21.6-patched\nIMAGE          CREATED        CREATED BY                                      SIZE      COMMENT\na372df41e06d   1 minute ago   mount / from exec sh -c apt install --no-ins\u2026   26.1MB    buildkit.exporter.image.v0\n<missing>      3 months ago   CMD ["nginx" "-g" "daemon off;"]                0B        buildkit.dockerfile.v0\n<missing>      3 months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0\n<missing>      3 months ago   EXPOSE map[80/tcp:{}]                           0B        buildkit.dockerfile.v0\n<missing>      3 months ago   ENTRYPOINT ["/docker-entrypoint.sh"]            0B        buildkit.dockerfile.v0\n<missing>      3 months ago   COPY 30-tune-worker-processes.sh /docker-ent\u2026   4.61kB    buildkit.dockerfile.v0\n<missing>      3 months ago   COPY 20-envsubst-on-templates.sh /docker-ent\u2026   1.04kB    buildkit.dockerfile.v0\n<missing>      3 months ago   COPY 10-listen-on-ipv6-by-default.sh /docker\u2026   1.96kB    buildkit.dockerfile.v0\n<missing>      3 months ago   COPY docker-entrypoint.sh / # buildkit          1.2kB     buildkit.dockerfile.v0\n<missing>      3 months ago   RUN /bin/sh -c set -x     && addgroup --syst\u2026   61.1MB    buildkit.dockerfile.v0\n<missing>      3 months ago   ENV PKG_RELEASE=1~bullseye                      0B        buildkit.dockerfile.v0\n<missing>      3 months ago   ENV NJS_VERSION=0.7.0                           0B        buildkit.dockerfile.v0\n<missing>      3 months ago   ENV NGINX_VERSION=1.20.2                        0B        buildkit.dockerfile.v0\n<missing>      3 months ago   LABEL maintainer=NGINX Docker Maintainers <d\u2026   0B        buildkit.dockerfile.v0\n<missing>      4 months ago   /bin/sh -c #(nop)  CMD ["bash"]                 0B\n<missing>      4 months ago   /bin/sh -c #(nop) ADD file:09675d11695f65c55\u2026   80.4MB\n'))),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Run the container to verify that the image has no regressions:"),(0,a.kt)("pre",{parentName:"li"},(0,a.kt)("code",{parentName:"pre",className:"language-bash"},'$ docker run -it --rm --name nginx-test docker.io/library/nginx:1.21.6-patched\n/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration\n/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/\n/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh\n10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf\n10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf\n/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh\n/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh\n/docker-entrypoint.sh: Configuration complete; ready for start up\n2022/05/16 18:00:17 [notice] 1#1: using the "epoll" event method\n2022/05/16 18:00:17 [notice] 1#1: nginx/1.20.2\n2022/05/16 18:00:17 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)\n2022/05/16 18:00:17 [notice] 1#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2\n2022/05/16 18:00:17 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576\n2022/05/16 18:00:17 [notice] 1#1: start worker processes\n2022/05/16 18:00:17 [notice] 1#1: start worker process 31\n2022/05/16 18:00:17 [notice] 1#1: start worker process 32\n2022/05/16 18:00:17 [notice] 1#1: start worker process 33\n2022/05/16 18:00:17 [notice] 1#1: start worker process 34\n2022/05/16 18:00:17 [notice] 1#1: start worker process 35\n2022/05/16 18:00:17 [notice] 1#1: start worker process 36\n2022/05/16 18:00:17 [notice] 1#1: start worker process 37\n2022/05/16 18:00:17 [notice] 1#1: start worker process 38\n2022/05/16 18:00:17 [notice] 38#38: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 36#36: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 33#33: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 32#32: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 34#34: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 35#35: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 37#37: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 1#1: signal 28 (SIGWINCH) received\n2022/05/16 18:00:17 [notice] 31#31: signal 28 (SIGWINCH) received\n')),(0,a.kt)("p",{parentName:"li"},"You can stop the container by opening a new shell instance and running: ",(0,a.kt)("inlineCode",{parentName:"p"},"docker stop nginx-test")))))}d.isMDXComponent=!0}}]);
\ No newline at end of file
diff --git a/website/assets/js/runtime~main.f1c526f2.js b/website/assets/js/runtime~main.fcaf8288.js
similarity index 98%
rename from website/assets/js/runtime~main.f1c526f2.js
rename to website/assets/js/runtime~main.fcaf8288.js
index 0605ad96..663ca642 100644
--- a/website/assets/js/runtime~main.f1c526f2.js
+++ b/website/assets/js/runtime~main.fcaf8288.js
@@ -1 +1 @@
-(()=>{"use strict";var e,a,t,r,c,b={},f={};function d(e){var a=f[e];if(void 0!==a)return a.exports;var t=f[e]={id:e,loaded:!1,exports:{}};return b[e].call(t.exports,t,t.exports,d),t.loaded=!0,t.exports}d.m=b,d.c=f,e=[],d.O=(a,t,r,c)=>{if(!t){var b=1/0;for(i=0;i<e.length;i++){t=e[i][0],r=e[i][1],c=e[i][2];for(var f=!0,o=0;o<t.length;o++)(!1&c||b>=c)&&Object.keys(d.O).every((e=>d.O[e](t[o])))?t.splice(o--,1):(f=!1,c<b&&(b=c));if(f){e.splice(i--,1);var n=r();void 0!==n&&(a=n)}}return a}c=c||0;for(var i=e.length;i>0&&e[i-1][2]>c;i--)e[i]=e[i-1];e[i]=[t,r,c]},d.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return d.d(a,{a:a}),a},t=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,d.t=function(e,r){if(1&r&&(e=this(e)),8&r)return e;if("object"==typeof e&&e){if(4&r&&e.__esModule)return e;if(16&r&&"function"==typeof e.then)return e}var c=Object.create(null);d.r(c);var b={};a=a||[null,t({}),t([]),t(t)];for(var f=2&r&&e;"object"==typeof f&&!~a.indexOf(f);f=t(f))Object.getOwnPropertyNames(f).forEach((a=>b[a]=()=>e[a]));return b.default=()=>e,d.d(c,b),c},d.d=(e,a)=>{for(var t in a)d.o(a,t)&&!d.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:a[t]})},d.f={},d.e=e=>Promise.all(Object.keys(d.f).reduce(((a,t)=>(d.f[t](e,a),a)),[])),d.u=e=>"assets/js/"+({4:"d9461b6c",53:"935f2afb",59:"b5d5e16b",71:"804a5934",80:"4d54d076",87:"fcc13998",88:"4cb9f763",114:"b9421f89",128:"a09c2993",145:"299b5310",163:"934782ba",200:"bab6f5ab",201:"040fbf97",212:"48ae5635",217:"3b8c55ea",220:"f9459e94",239:"72e14192",242:"3fcb412e",262:"9e350ec0",267:"86b9c768",296:"e8c0720c",325:"c12dc9fd",335:"053b5658",352:"dea0f9ea",360:"9d9f8394",414:"0aeccac2",451:"6173fde8",480:"9f65b58a",514:"1be78505",644:"d2339658",691:"0a7bb60d",702:"2a636ef6",705:"c5934ffc",722:"7e72de0f",737:"2133a534",765:"57b2432c",835:"ea9eabff",836:"0480b142",838:"6bd0979b",845:"c13ba925",865:"b407a98a",918:"17896441",925:"89eebbd3",948:"0c380bb3",964:"22539a87",993:"c698fe77"}[e]||e)+"."+{4:"cfb2e633",53:"28c78675",59:"671619da",71:"94dc2f49",80:"b42a6d95",87:"60932360",88:"7b7193b5",114:"2569d45d",128:"d7d5958b",145:"edc4e810",163:"38219ecf",200:"75d4fe2d",201:"2f4e975a",212:"06d4c7cd",217:"7fbcd779",220:"a9a17024",239:"3a58b2b1",242:"48bc29de",262:"2124b2d5",267:"6a1c76ae",296:"806b237d",325:"026b82ae",335:"14dee349",352:"41975f45",360:"aca5ea48",414:"008fdaae",451:"9aae5469",480:"52d92de7",514:"af84a9b6",644:"5d019890",691:"ac142ed8",702:"51de8e98",705:"3a06677d",722:"46d6e17a",737:"156e8b1f",765:"97404563",835:"fb82e175",836:"cad65f4e",838:"6c0a2130",845:"811c1f7b",865:"944ebdbf",918:"561afd72",925:"266b07ac",948:"f493fbf1",964:"29d1b817",972:"b43202c5",993:"c274d15b"}[e]+".js",d.miniCssF=e=>{},d.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),d.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),r={},c="website:",d.l=(e,a,t,b)=>{if(r[e])r[e].push(a);else{var f,o;if(void 0!==t)for(var n=document.getElementsByTagName("script"),i=0;i<n.length;i++){var u=n[i];if(u.getAttribute("src")==e||u.getAttribute("data-webpack")==c+t){f=u;break}}f||(o=!0,(f=document.createElement("script")).charset="utf-8",f.timeout=120,d.nc&&f.setAttribute("nonce",d.nc),f.setAttribute("data-webpack",c+t),f.src=e),r[e]=[a];var l=(a,t)=>{f.onerror=f.onload=null,clearTimeout(s);var c=r[e];if(delete r[e],f.parentNode&&f.parentNode.removeChild(f),c&&c.forEach((e=>e(t))),a)return a(t)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:f}),12e4);f.onerror=l.bind(null,f.onerror),f.onload=l.bind(null,f.onload),o&&document.head.appendChild(f)}},d.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},d.p="/copacetic/website/",d.gca=function(e){return e={17896441:"918",d9461b6c:"4","935f2afb":"53",b5d5e16b:"59","804a5934":"71","4d54d076":"80",fcc13998:"87","4cb9f763":"88",b9421f89:"114",a09c2993:"128","299b5310":"145","934782ba":"163",bab6f5ab:"200","040fbf97":"201","48ae5635":"212","3b8c55ea":"217",f9459e94:"220","72e14192":"239","3fcb412e":"242","9e350ec0":"262","86b9c768":"267",e8c0720c:"296",c12dc9fd:"325","053b5658":"335",dea0f9ea:"352","9d9f8394":"360","0aeccac2":"414","6173fde8":"451","9f65b58a":"480","1be78505":"514",d2339658:"644","0a7bb60d":"691","2a636ef6":"702",c5934ffc:"705","7e72de0f":"722","2133a534":"737","57b2432c":"765",ea9eabff:"835","0480b142":"836","6bd0979b":"838",c13ba925:"845",b407a98a:"865","89eebbd3":"925","0c380bb3":"948","22539a87":"964",c698fe77:"993"}[e]||e,d.p+d.u(e)},(()=>{var e={303:0,532:0};d.f.j=(a,t)=>{var r=d.o(e,a)?e[a]:void 0;if(0!==r)if(r)t.push(r[2]);else if(/^(303|532)$/.test(a))e[a]=0;else{var c=new Promise(((t,c)=>r=e[a]=[t,c]));t.push(r[2]=c);var b=d.p+d.u(a),f=new Error;d.l(b,(t=>{if(d.o(e,a)&&(0!==(r=e[a])&&(e[a]=void 0),r)){var c=t&&("load"===t.type?"missing":t.type),b=t&&t.target&&t.target.src;f.message="Loading chunk "+a+" failed.\n("+c+": "+b+")",f.name="ChunkLoadError",f.type=c,f.request=b,r[1](f)}}),"chunk-"+a,a)}},d.O.j=a=>0===e[a];var a=(a,t)=>{var r,c,b=t[0],f=t[1],o=t[2],n=0;if(b.some((a=>0!==e[a]))){for(r in f)d.o(f,r)&&(d.m[r]=f[r]);if(o)var i=o(d)}for(a&&a(t);n<b.length;n++)c=b[n],d.o(e,c)&&e[c]&&e[c][0](),e[c]=0;return d.O(i)},t=self.webpackChunkwebsite=self.webpackChunkwebsite||[];t.forEach(a.bind(null,0)),t.push=a.bind(null,t.push.bind(t))})()})();
\ No newline at end of file
+(()=>{"use strict";var e,a,t,r,c,b={},f={};function d(e){var a=f[e];if(void 0!==a)return a.exports;var t=f[e]={id:e,loaded:!1,exports:{}};return b[e].call(t.exports,t,t.exports,d),t.loaded=!0,t.exports}d.m=b,d.c=f,e=[],d.O=(a,t,r,c)=>{if(!t){var b=1/0;for(i=0;i<e.length;i++){t=e[i][0],r=e[i][1],c=e[i][2];for(var f=!0,o=0;o<t.length;o++)(!1&c||b>=c)&&Object.keys(d.O).every((e=>d.O[e](t[o])))?t.splice(o--,1):(f=!1,c<b&&(b=c));if(f){e.splice(i--,1);var n=r();void 0!==n&&(a=n)}}return a}c=c||0;for(var i=e.length;i>0&&e[i-1][2]>c;i--)e[i]=e[i-1];e[i]=[t,r,c]},d.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return d.d(a,{a:a}),a},t=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,d.t=function(e,r){if(1&r&&(e=this(e)),8&r)return e;if("object"==typeof e&&e){if(4&r&&e.__esModule)return e;if(16&r&&"function"==typeof e.then)return e}var c=Object.create(null);d.r(c);var b={};a=a||[null,t({}),t([]),t(t)];for(var f=2&r&&e;"object"==typeof f&&!~a.indexOf(f);f=t(f))Object.getOwnPropertyNames(f).forEach((a=>b[a]=()=>e[a]));return b.default=()=>e,d.d(c,b),c},d.d=(e,a)=>{for(var t in a)d.o(a,t)&&!d.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:a[t]})},d.f={},d.e=e=>Promise.all(Object.keys(d.f).reduce(((a,t)=>(d.f[t](e,a),a)),[])),d.u=e=>"assets/js/"+({4:"d9461b6c",53:"935f2afb",59:"b5d5e16b",71:"804a5934",80:"4d54d076",87:"fcc13998",88:"4cb9f763",114:"b9421f89",128:"a09c2993",145:"299b5310",163:"934782ba",200:"bab6f5ab",201:"040fbf97",212:"48ae5635",217:"3b8c55ea",220:"f9459e94",239:"72e14192",242:"3fcb412e",262:"9e350ec0",267:"86b9c768",296:"e8c0720c",325:"c12dc9fd",335:"053b5658",352:"dea0f9ea",360:"9d9f8394",414:"0aeccac2",451:"6173fde8",480:"9f65b58a",514:"1be78505",644:"d2339658",691:"0a7bb60d",702:"2a636ef6",705:"c5934ffc",722:"7e72de0f",737:"2133a534",765:"57b2432c",835:"ea9eabff",836:"0480b142",838:"6bd0979b",845:"c13ba925",865:"b407a98a",918:"17896441",925:"89eebbd3",948:"0c380bb3",964:"22539a87",993:"c698fe77"}[e]||e)+"."+{4:"cfb2e633",53:"28c78675",59:"671619da",71:"94dc2f49",80:"b42a6d95",87:"60932360",88:"7b7193b5",114:"2569d45d",128:"d7d5958b",145:"edc4e810",163:"38219ecf",200:"75d4fe2d",201:"2f4e975a",212:"06d4c7cd",217:"7fbcd779",220:"a9a17024",239:"caf3f8a8",242:"48bc29de",262:"2124b2d5",267:"6a1c76ae",296:"806b237d",325:"026b82ae",335:"14dee349",352:"41975f45",360:"aca5ea48",414:"008fdaae",451:"9aae5469",480:"52d92de7",514:"af84a9b6",644:"5d019890",691:"ac142ed8",702:"51de8e98",705:"3a06677d",722:"46d6e17a",737:"156e8b1f",765:"97404563",835:"fb82e175",836:"cad65f4e",838:"6c0a2130",845:"811c1f7b",865:"944ebdbf",918:"561afd72",925:"266b07ac",948:"f493fbf1",964:"29d1b817",972:"b43202c5",993:"c274d15b"}[e]+".js",d.miniCssF=e=>{},d.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),d.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),r={},c="website:",d.l=(e,a,t,b)=>{if(r[e])r[e].push(a);else{var f,o;if(void 0!==t)for(var n=document.getElementsByTagName("script"),i=0;i<n.length;i++){var u=n[i];if(u.getAttribute("src")==e||u.getAttribute("data-webpack")==c+t){f=u;break}}f||(o=!0,(f=document.createElement("script")).charset="utf-8",f.timeout=120,d.nc&&f.setAttribute("nonce",d.nc),f.setAttribute("data-webpack",c+t),f.src=e),r[e]=[a];var l=(a,t)=>{f.onerror=f.onload=null,clearTimeout(s);var c=r[e];if(delete r[e],f.parentNode&&f.parentNode.removeChild(f),c&&c.forEach((e=>e(t))),a)return a(t)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:f}),12e4);f.onerror=l.bind(null,f.onerror),f.onload=l.bind(null,f.onload),o&&document.head.appendChild(f)}},d.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},d.p="/copacetic/website/",d.gca=function(e){return e={17896441:"918",d9461b6c:"4","935f2afb":"53",b5d5e16b:"59","804a5934":"71","4d54d076":"80",fcc13998:"87","4cb9f763":"88",b9421f89:"114",a09c2993:"128","299b5310":"145","934782ba":"163",bab6f5ab:"200","040fbf97":"201","48ae5635":"212","3b8c55ea":"217",f9459e94:"220","72e14192":"239","3fcb412e":"242","9e350ec0":"262","86b9c768":"267",e8c0720c:"296",c12dc9fd:"325","053b5658":"335",dea0f9ea:"352","9d9f8394":"360","0aeccac2":"414","6173fde8":"451","9f65b58a":"480","1be78505":"514",d2339658:"644","0a7bb60d":"691","2a636ef6":"702",c5934ffc:"705","7e72de0f":"722","2133a534":"737","57b2432c":"765",ea9eabff:"835","0480b142":"836","6bd0979b":"838",c13ba925:"845",b407a98a:"865","89eebbd3":"925","0c380bb3":"948","22539a87":"964",c698fe77:"993"}[e]||e,d.p+d.u(e)},(()=>{var e={303:0,532:0};d.f.j=(a,t)=>{var r=d.o(e,a)?e[a]:void 0;if(0!==r)if(r)t.push(r[2]);else if(/^(303|532)$/.test(a))e[a]=0;else{var c=new Promise(((t,c)=>r=e[a]=[t,c]));t.push(r[2]=c);var b=d.p+d.u(a),f=new Error;d.l(b,(t=>{if(d.o(e,a)&&(0!==(r=e[a])&&(e[a]=void 0),r)){var c=t&&("load"===t.type?"missing":t.type),b=t&&t.target&&t.target.src;f.message="Loading chunk "+a+" failed.\n("+c+": "+b+")",f.name="ChunkLoadError",f.type=c,f.request=b,r[1](f)}}),"chunk-"+a,a)}},d.O.j=a=>0===e[a];var a=(a,t)=>{var r,c,b=t[0],f=t[1],o=t[2],n=0;if(b.some((a=>0!==e[a]))){for(r in f)d.o(f,r)&&(d.m[r]=f[r]);if(o)var i=o(d)}for(a&&a(t);n<b.length;n++)c=b[n],d.o(e,c)&&e[c]&&e[c][0](),e[c]=0;return d.O(i)},t=self.webpackChunkwebsite=self.webpackChunkwebsite||[];t.forEach(a.bind(null,0)),t.push=a.bind(null,t.push.bind(t))})()})();
\ No newline at end of file
diff --git a/website/code-of-conduct.html b/website/code-of-conduct.html
index 406c6ec2..9a1c182d 100644
--- a/website/code-of-conduct.html
+++ b/website/code-of-conduct.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -62,7 +62,7 @@
 <a href="https://github.com/mozilla/diversity" target="_blank" rel="noopener noreferrer">Mozilla&#x27;s code of conduct enforcement ladder</a>.</p><p>For answers to common questions about this code of conduct, see the FAQ at
 <a href="https://www.contributor-covenant.org/faq" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/faq</a>. Translations are available at
 <a href="https://www.contributor-covenant.org/translations" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/translations</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/contributing"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#our-pledge" class="table-of-contents__link toc-highlight">Our Pledge</a></li><li><a href="#our-standards" class="table-of-contents__link toc-highlight">Our Standards</a></li><li><a href="#enforcement-responsibilities" class="table-of-contents__link toc-highlight">Enforcement Responsibilities</a></li><li><a href="#scope" class="table-of-contents__link toc-highlight">Scope</a></li><li><a href="#enforcement" class="table-of-contents__link toc-highlight">Enforcement</a></li><li><a href="#enforcement-guidelines" class="table-of-contents__link toc-highlight">Enforcement Guidelines</a><ul><li><a href="#1-correction" class="table-of-contents__link toc-highlight">1. Correction</a></li><li><a href="#2-warning" class="table-of-contents__link toc-highlight">2. Warning</a></li><li><a href="#3-temporary-ban" class="table-of-contents__link toc-highlight">3. Temporary Ban</a></li><li><a href="#4-permanent-ban" class="table-of-contents__link toc-highlight">4. Permanent Ban</a></li></ul></li><li><a href="#attribution" class="table-of-contents__link toc-highlight">Attribution</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/contributing.html b/website/contributing.html
index d0749d6d..d3a1cf78 100644
--- a/website/contributing.html
+++ b/website/contributing.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -27,7 +27,7 @@
 personal information I submit with it, including my sign-off) is
 maintained indefinitely and may be redistributed consistent with
 this project or the open source license(s) involved.</p></blockquote><p>Contributors <em>sign-off</em> that they adhere to these requirements by adding a <code>Signed-off-by</code> line to commit messages.</p><div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">This is my commit message</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">Signed-off-by: Random J Developer &lt;random@developer.example.org&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Git even has a <code>-s</code> command line option to append this automatically to your commit message:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit -s -m </span><span class="token string" style="color:#e3116c">&#x27;This is my commit message&#x27;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Pull requests that do not contain a valid <code>Signed-off-by</code> line cannot be merged.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="i-didnt-sign-my-commit-now-what">I didn&#x27;t sign my commit, now what?<a href="#i-didnt-sign-my-commit-now-what" class="hash-link" aria-label="Direct link to I didn&#x27;t sign my commit, now what?" title="Direct link to I didn&#x27;t sign my commit, now what?">​</a></h3><p>No worries - You can easily amend your commit with a sign-off and force push the change to your submitting branch:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> switch </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit --amend --no-edit --signoff</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> push --force-with-lease </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">remote-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="code-of-conduct">Code of Conduct<a href="#code-of-conduct" class="hash-link" aria-label="Direct link to Code of Conduct" title="Direct link to Code of Conduct">​</a></h2><p>This project has adopted the <a href="/copacetic/website/code-of-conduct">Contributor Covenant Code of Conduct</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/faq"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">FAQ</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/code-of-conduct"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Code of Conduct</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#bi-weekly-community-meeting" class="table-of-contents__link toc-highlight">Bi-Weekly Community Meeting</a></li><li><a href="#slack" class="table-of-contents__link toc-highlight">Slack</a></li><li><a href="#contributing-issues" class="table-of-contents__link toc-highlight">Contributing Issues</a></li><li><a href="#contributing-code" class="table-of-contents__link toc-highlight">Contributing Code</a><ul><li><a href="#getting-started" class="table-of-contents__link toc-highlight">Getting Started</a></li><li><a href="#visual-studio-code-development-container" class="table-of-contents__link toc-highlight">Visual Studio Code Development Container</a></li><li><a href="#tests" class="table-of-contents__link toc-highlight">Tests</a></li><li><a href="#pull-requests" class="table-of-contents__link toc-highlight">Pull Requests</a></li></ul></li><li><a href="#developer-certificate-of-origin-dco" class="table-of-contents__link toc-highlight">Developer Certificate of Origin (DCO)</a><ul><li><a href="#i-didnt-sign-my-commit-now-what" class="table-of-contents__link toc-highlight">I didn&#39;t sign my commit, now what?</a></li></ul></li><li><a href="#code-of-conduct" class="table-of-contents__link toc-highlight">Code of Conduct</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/design.html b/website/design.html
index b268fa2a..18c8fbde 100644
--- a/website/design.html
+++ b/website/design.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/">v0.4.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/design">Next</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/design">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/design">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/design">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/design">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Design</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.4.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Design</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-tenets">Design Tenets<a href="#design-tenets" class="hash-link" aria-label="Direct link to Design Tenets" title="Direct link to Design Tenets">​</a></h2><ul><li><p><strong>Copa is intended to accelerate container patching by eliminating waiting on base image dependency chains to update.</strong> This is a raison d’etre for the Copa project, so if we figured out a different way to patch containers that still relied on waiting for base images to be rebuilt and republished, we would consider spinning that off into a different project instead of making it part of Copa.</p></li><li><p><strong>Copa is intended to work with the existing ecosystem of container images.</strong> The project should have a strong preference for solutions that do not require image producers to create or modify their images in special ways to use Copa.</p></li><li><p><strong>Copa is intended to allow parties other than the image authors to address container vulnerabilities.</strong> Copa should require a minimum of special knowledge about the lineage and construction of an image from the user to patch it successfully.</p></li><li><p><strong>Copa is intended to do one thing well and be composable with other tools and processes.</strong> Copa does not have to be a universal multitool for container patching. For example, it is preferable that it integrates with popular container scanning tools rather than incorporating custom container scanning into the project itself. Similarly, it does not need to become a general container manipulation tool in the vein of crane.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-reasoning">Design Reasoning<a href="#design-reasoning" class="hash-link" aria-label="Direct link to Design Reasoning" title="Direct link to Design Reasoning">​</a></h2><p>The design of copa arises from the application of those tenets to the observed issues in previous efforts directly update container images via rebasing, for example, the experimental <a href="https://github.com/google/go-containerregistry/blob/main/cmd/crane/rebase.md" target="_blank" rel="noopener noreferrer"><code>crane rebase</code></a>:</p><ul><li><p>Rebasing requires that all actors involved in creation of the image are coordinated so that some layers can be switched out without breaking the image. Attempting to switch out layers in the container overlay structure is brittle because most existing containers are created by writing over shared configuration files and data stores in base images. For example, an <code>apt install</code> during image creation will overwrite the dpkg <code>status</code> file in the base image, which will mask any package updates in a rebased layer. Since many existing container scanners rely on the reported package status to find vulnerable package versions, this can cause new vulnerabilities to not be reported or for patched binaries not to be recognized by the scanners.</p><p>To avoid breaking integration with the existing container ecosystem, copa patches the filesystem bundle as a whole instead of as a collection of layers so that the resulting image state is consistent. This strategy also allows copa to patch vulnerabilties introduced at any layer in the image, including OS packages added in the app layers that is not addressed by a simple rebase. It also supports the core tenet of supporting patching without requiring coordination with all the publishers of the base images that a given image transitively depends on.</p></li><li><p>Rebasing also requires that the user knows <em>a priori</em> what base image (or transitive base image) is in the target image to determine which appropriate rebase image to use. This makes it very difficult for anyone not intimately involved with authoring the image from being able to remediate it, which is one of our tenets.</p><p>While it is possible to embed extra metadata or annotations into the target image to facilitate this base image (or transitive base image) lookup, that would require that the images to be patched be modified or created especially to support updates, which goes against another of our tenets to be able to patch images without requiring them to be customized explicitly for that purpose.</p><p>The design of copa addresses this by reframing the problem of updating containers and understanding the structure or lineage of a container image to the more specific problem of what packages in a given container image need to be updated. This allows copa to tap into the expertise embedded in the much more robust ecosystem for detecting and remediating vulnerabilities at the package level that already exists today. By making copa an additional remediation step that can be run after a container scan in existing workflows, we avoid both of those issues with an additional benefit: it incurs no additional work on the part of base image publishers to support patching of images based on their base images, the existing channels for publishing update packages is sufficient to service those container images as well.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="architecture">Architecture<a href="#architecture" class="hash-link" aria-label="Direct link to Architecture" title="Direct link to Architecture">​</a></h2><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>The requirements presented encourage an extensible model in order to support broad applicability. Specifically, there are two areas that the tool will need to accommodate multiple implementations to support more use cases:</p><ul><li>The data schema of various vulnerability scanners producing the input vulnerability report.</li><li>The state management of various package managers and process for applying patches appropriately through them.</li></ul><p>Effectively, <code>copa patch</code> can be considered a command that bridges an extensible <code>Parse</code> action with an extensible <code>Apply</code> action as illustrated in the diagram; the implementation can be thought of as an engine that uses this abstract Go interface to apply security update packages:</p><div class="language-go codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-go codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdatePackage </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Name    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Version </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdateManifest </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSType    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSVersion </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Arch      </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Updates   </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">UpdatePackage</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> ScanReportParser </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Parse</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">reportPath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">(</span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> PackageManager </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Apply</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">imagePath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> report </span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="implementation">Implementation<a href="#implementation" class="hash-link" aria-label="Direct link to Implementation" title="Direct link to Implementation">​</a></h2><img loading="lazy" title="buildkit graph execution" src="/copacetic/website/img/graph-execution.png" class="img_ev3q"><p><code>copa</code> is a pseudo-frontend to <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> implemented as a CLI tool. Effectively, instead of taking a container definition to create from scratch, it takes the reference to the target image to patch and a container scan report and builds a series of <a href="https://github.com/moby/buildkit/tree/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4#exploring-llb" target="_blank" rel="noopener noreferrer">LLB graphs</a> for buildkit to execute:</p><ol><li>Actions to probe the image as a filesystem bundle, for example, retrieving the package manager status in the image.<ul><li>Within each distribution type identified by the scanner report (e.g. Debian) there can be different ways of applying patches to the target image (e.g. distroless), which can be differentiated through these actions.</li></ul></li><li>Actions to fetch and deploy tools that can be injected into the target image to perform the patching.<ul><li>In cases where the package tools are not available in the target image, a standard version of the OS container matching the target image&#x27;s is used to stage the necessary tooling for patches.</li><li>In the case of distroless images for example, where there is no valid package status file in the target image, the tooling container is also used to pull down and process the necessary package updates for copy to the target image.</li><li>Although not pictured, this can also be used to obtain tools (e.g. busybox) to be used in the image probing stage as well.</li></ul></li><li>Actions to deploy the required patch packages to the target image.<ul><li><code>copa</code> integrates with buildkit at the API level because it uses the <a href="https://github.com/moby/buildkit/blob/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4/docs/merge%2Bdiff.md" target="_blank" rel="noopener noreferrer">diff and merge</a> graph operations directly so that it can stage all the necessary tooling in the target image while producing a resulting image that only contains the original image plus a new layer with all the deployed patches.</li></ul></li></ol><h2 class="anchor anchorWithStickyNavbar_LWe7" id="tradeoffs">Tradeoffs<a href="#tradeoffs" class="hash-link" aria-label="Direct link to Tradeoffs" title="Direct link to Tradeoffs">​</a></h2><ul><li>The core architectural choice of relying on packages as the unit of patching creates a couple of constraints:<ul><li>By relying on existing vulnerability scanner behavior that only detects vulnerabilities via presence/absence of vulnerable packages, copa is limited in the kinds of vulnerabilities it can address and false positive/negatives from scanners flow downstream to copa.</li><li>copa depends on individual package manager adapters to correctly deploy patches to the target images, but there is a long tail of compatibility issues that arise depending on the target image itself (e.g. outdated package manager config/keys, invalid/missing package graph, etc.). Overall, the maintenance cost of the project is expected to be non-trivial to address this.</li></ul></li><li>No support for windows containers given the dependency on buildkit.</li></ul></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/troubleshooting"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Troubleshooting</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/faq"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">FAQ</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#design-tenets" class="table-of-contents__link toc-highlight">Design Tenets</a></li><li><a href="#design-reasoning" class="table-of-contents__link toc-highlight">Design Reasoning</a></li><li><a href="#architecture" class="table-of-contents__link toc-highlight">Architecture</a></li><li><a href="#implementation" class="table-of-contents__link toc-highlight">Implementation</a></li><li><a href="#tradeoffs" class="table-of-contents__link toc-highlight">Tradeoffs</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/faq.html b/website/faq.html
index f0ddd0c5..d597cab1 100644
--- a/website/faq.html
+++ b/website/faq.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/">v0.4.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/faq">Next</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/faq">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/faq">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/faq">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/faq">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">FAQ</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.4.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>FAQ</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-kind-of-vulnerabilities-can-copa-patch">What kind of vulnerabilities can Copa patch?<a href="#what-kind-of-vulnerabilities-can-copa-patch" class="hash-link" aria-label="Direct link to What kind of vulnerabilities can Copa patch?" title="Direct link to What kind of vulnerabilities can Copa patch?">​</a></h2><p>Copa is capable of patching &quot;OS level&quot; vulnerabilities. This includes packages (like <code>openssl</code>) in the image that are managed by a package manager such as <code>apt</code> or <code>yum</code>. Copa is not currently capable of patching vulnerabilities at the &quot;application level&quot; such as Python packages or Go modules.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/design"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Design</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/contributing"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#what-kind-of-vulnerabilities-can-copa-patch" class="table-of-contents__link toc-highlight">What kind of vulnerabilities can Copa patch?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/index.html b/website/index.html
index 009d8ea2..fdfb122c 100644
--- a/website/index.html
+++ b/website/index.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div id="__docusaurus-base-url-issue-banner-container"></div><div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/">v0.4.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next">Next</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Introduction</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.4.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><h1>Project Copacetic: Directly patch container image vulnerabilities</h1><p><code>copa</code> is a CLI tool written in <a href="https://golang.org" target="_blank" rel="noopener noreferrer">Go</a> and based on <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> that can be used to directly patch container images given the vulnerability scanning results from popular tools like <a href="https://github.com/aquasecurity/trivy" target="_blank" rel="noopener noreferrer">Trivy</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="why">Why?<a href="#why" class="hash-link" aria-label="Direct link to Why?" title="Direct link to Why?">​</a></h2><p>We needed the ability to patch containers quickly without going upstream for a full rebuild. As the window between <a href="https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/" target="_blank" rel="noopener noreferrer">vulnerability disclosure and active exploitation continues to narrow</a>, there is a growing operational need to patch critical security vulnerabilities in container images so they can be quickly redeployed into production. The need is especially acute when those vulnerabilities are:</p><ul><li>inherited from base images several levels deep and waiting on updated releases to percolate through the supply chain is not an option</li><li>found in 3rd party app images you don&#x27;t maintain with update cadences that don&#x27;t meet your security SLAs.</li></ul><img loading="lazy" title="direct image patching" src="/copacetic/website/img/direct-image-patching.png" class="img_ev3q"><p>In addition to filling the operational gap not met by left-shift security practices and tools, the ability of <code>copa</code> to patch a container without requiring a rebuild of the container image provides other benefits:</p><ul><li>Allows users other than the image publishers to also patch container images, such as DevSecOps engineers.</li><li>Reduces the storage and transmission costs of redistributing patched images by only creating an additional patch layer, instead of rebuilding the entire image which usually results in different layer hashes that break layer caching.</li><li>Reduces the turnaround time for patching a container image by not having to wait for base image updates and being a faster operation than a full image rebuild.</li><li>Reduces the complexity of patching the image from running a rebuild pipeline to running a single tool on the image.</li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how">How?<a href="#how" class="hash-link" aria-label="Direct link to How?" title="Direct link to How?">​</a></h2><p>The <code>copa</code> tool is an extensible engine that:</p><ol><li>Parses the needed update packages from the container image’s vulnerability report produced by a scanner like Trivy. New adapters can be written to accommodate more report formats.</li><li>Obtains and processes the needed update packages using the appropriate package manager tools such as apt, apk, etc. New adapters can be written to support more package managers.</li><li>Applies the resulting update binaries to the container image using buildkit.</li></ol><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>This approach is motivated by the core principles of making direct container patching broadly applicable and accessible:</p><ul><li><strong>Copa supports patching <em>existing</em> container images</strong>.<ul><li>Devs don&#x27;t need to build their images using specific tools or modify them in some way just to support container patching.</li></ul></li><li><strong>Copa works with the existing vulnerability scanning and mitigation ecosystems</strong>.<ul><li>Image publishers don&#x27;t need to create new workflows for container patching since Copa supports patching container images using the security update packages already being published today.</li><li>Consumers do not need to migrate to a new and potentially more limited support ecosystem for custom distros or change their container vulnerability scanning pipelines to include remediation, since Copa can be integrated seamlessly as an extra step to patch containers based on those scanning reports.</li></ul></li><li><strong>Copa reduces the technical expertise needed and waiting on dependencies needed to patch an image</strong>.<ul><li>For OS package vulnerabilities, no specialized knowledge about a specific image is needed to be patch it as Copa relies on the vulnerability remediation knowledge already embedded in the reports produced by popular container scanning tools today.</li></ul></li></ul><p>For more details, refer to the <a href="/copacetic/website/design">copa design</a> documentation.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/installation"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Installation</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#why" class="table-of-contents__link toc-highlight">Why?</a></li><li><a href="#how" class="table-of-contents__link toc-highlight">How?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/installation.html b/website/installation.html
index d56356fa..016e5354 100644
--- a/website/installation.html
+++ b/website/installation.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/">v0.4.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/installation">Next</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/installation">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/installation">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/installation">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/installation">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Installation</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.4.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Installation</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="homebrew">Homebrew<a href="#homebrew" class="hash-link" aria-label="Direct link to Homebrew" title="Direct link to Homebrew">​</a></h2><p>On macOS and Linux, <code>copa</code> can be installed via <a href="https://brew.sh/" target="_blank" rel="noopener noreferrer">Homebrew</a>:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">brew </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> copa</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="github">GitHub<a href="#github" class="hash-link" aria-label="Direct link to GitHub" title="Direct link to GitHub">​</a></h2><p>You can download the latest and previous versions of <code>copa</code> from the <a href="https://github.com/project-copacetic/copacetic/releases" target="_blank" rel="noopener noreferrer">GitHub releases page</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="development-setup">Development Setup<a href="#development-setup" class="hash-link" aria-label="Direct link to Development Setup" title="Direct link to Development Setup">​</a></h2><p>The following instructions are for <strong>Ubuntu 22.04</strong> with the dependency versions supported as part of the <a href="/copacetic/website/contributing#visual-studio-code-development-container">dev container</a> environment we use for builds and tests. For other distributions and OS, refer to the appropriate installation instructions for each of the components instead.</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> clone https://github.com/project-copacetic/copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">cd</span><span class="token plain"> copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">make</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># OPTIONAL: install copa to a pathed folder</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">mv</span><span class="token plain"> dist/linux_amd64/release/copa /usr/local/bin/</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Introduction</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/quick-start"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Quick Start</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#homebrew" class="table-of-contents__link toc-highlight">Homebrew</a></li><li><a href="#github" class="table-of-contents__link toc-highlight">GitHub</a></li><li><a href="#development-setup" class="table-of-contents__link toc-highlight">Development Setup</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next.html b/website/next.html
index 248e6410..1b4cf6d9 100644
--- a/website/next.html
+++ b/website/next.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Introduction</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><h1>Project Copacetic: Directly patch container image vulnerabilities</h1><p><code>copa</code> is a CLI tool written in <a href="https://golang.org" target="_blank" rel="noopener noreferrer">Go</a> and based on <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> that can be used to directly patch container images given the vulnerability scanning results from popular tools like <a href="https://github.com/aquasecurity/trivy" target="_blank" rel="noopener noreferrer">Trivy</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="why">Why?<a href="#why" class="hash-link" aria-label="Direct link to Why?" title="Direct link to Why?">​</a></h2><p>We needed the ability to patch containers quickly without going upstream for a full rebuild. As the window between <a href="https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/" target="_blank" rel="noopener noreferrer">vulnerability disclosure and active exploitation continues to narrow</a>, there is a growing operational need to patch critical security vulnerabilities in container images so they can be quickly redeployed into production. The need is especially acute when those vulnerabilities are:</p><ul><li>inherited from base images several levels deep and waiting on updated releases to percolate through the supply chain is not an option</li><li>found in 3rd party app images you don&#x27;t maintain with update cadences that don&#x27;t meet your security SLAs.</li></ul><img loading="lazy" title="direct image patching" src="/copacetic/website/img/direct-image-patching.png" class="img_ev3q"><p>In addition to filling the operational gap not met by left-shift security practices and tools, the ability of <code>copa</code> to patch a container without requiring a rebuild of the container image provides other benefits:</p><ul><li>Allows users other than the image publishers to also patch container images, such as DevSecOps engineers.</li><li>Reduces the storage and transmission costs of redistributing patched images by only creating an additional patch layer, instead of rebuilding the entire image which usually results in different layer hashes that break layer caching.</li><li>Reduces the turnaround time for patching a container image by not having to wait for base image updates and being a faster operation than a full image rebuild.</li><li>Reduces the complexity of patching the image from running a rebuild pipeline to running a single tool on the image.</li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how">How?<a href="#how" class="hash-link" aria-label="Direct link to How?" title="Direct link to How?">​</a></h2><p>The <code>copa</code> tool is an extensible engine that:</p><ol><li>Parses the needed update packages from the container image’s vulnerability report produced by a scanner like Trivy. New adapters can be written to accommodate more report formats.</li><li>Obtains and processes the needed update packages using the appropriate package manager tools such as apt, apk, etc. New adapters can be written to support more package managers.</li><li>Applies the resulting update binaries to the container image using buildkit.</li></ol><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>This approach is motivated by the core principles of making direct container patching broadly applicable and accessible:</p><ul><li><strong>Copa supports patching <em>existing</em> container images</strong>.<ul><li>Devs don&#x27;t need to build their images using specific tools or modify them in some way just to support container patching.</li></ul></li><li><strong>Copa works with the existing vulnerability scanning and mitigation ecosystems</strong>.<ul><li>Image publishers don&#x27;t need to create new workflows for container patching since Copa supports patching container images using the security update packages already being published today.</li><li>Consumers do not need to migrate to a new and potentially more limited support ecosystem for custom distros or change their container vulnerability scanning pipelines to include remediation, since Copa can be integrated seamlessly as an extra step to patch containers based on those scanning reports.</li></ul></li><li><strong>Copa reduces the technical expertise needed and waiting on dependencies needed to patch an image</strong>.<ul><li>For OS package vulnerabilities, no specialized knowledge about a specific image is needed to be patch it as Copa relies on the vulnerability remediation knowledge already embedded in the reports produced by popular container scanning tools today.</li></ul></li></ul><p>For more details, refer to the <a href="/copacetic/website/next/design">copa design</a> documentation.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/installation"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Installation</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#why" class="table-of-contents__link toc-highlight">Why?</a></li><li><a href="#how" class="table-of-contents__link toc-highlight">How?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/code-of-conduct.html b/website/next/code-of-conduct.html
index 9fa2f3ad..0e2e2eb0 100644
--- a/website/next/code-of-conduct.html
+++ b/website/next/code-of-conduct.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -62,7 +62,7 @@
 <a href="https://github.com/mozilla/diversity" target="_blank" rel="noopener noreferrer">Mozilla&#x27;s code of conduct enforcement ladder</a>.</p><p>For answers to common questions about this code of conduct, see the FAQ at
 <a href="https://www.contributor-covenant.org/faq" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/faq</a>. Translations are available at
 <a href="https://www.contributor-covenant.org/translations" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/translations</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/contributing"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#our-pledge" class="table-of-contents__link toc-highlight">Our Pledge</a></li><li><a href="#our-standards" class="table-of-contents__link toc-highlight">Our Standards</a></li><li><a href="#enforcement-responsibilities" class="table-of-contents__link toc-highlight">Enforcement Responsibilities</a></li><li><a href="#scope" class="table-of-contents__link toc-highlight">Scope</a></li><li><a href="#enforcement" class="table-of-contents__link toc-highlight">Enforcement</a></li><li><a href="#enforcement-guidelines" class="table-of-contents__link toc-highlight">Enforcement Guidelines</a><ul><li><a href="#1-correction" class="table-of-contents__link toc-highlight">1. Correction</a></li><li><a href="#2-warning" class="table-of-contents__link toc-highlight">2. Warning</a></li><li><a href="#3-temporary-ban" class="table-of-contents__link toc-highlight">3. Temporary Ban</a></li><li><a href="#4-permanent-ban" class="table-of-contents__link toc-highlight">4. Permanent Ban</a></li></ul></li><li><a href="#attribution" class="table-of-contents__link toc-highlight">Attribution</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/contributing.html b/website/next/contributing.html
index 7bd5cb45..06ca546a 100644
--- a/website/next/contributing.html
+++ b/website/next/contributing.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -27,7 +27,7 @@
 personal information I submit with it, including my sign-off) is
 maintained indefinitely and may be redistributed consistent with
 this project or the open source license(s) involved.</p></blockquote><p>Contributors <em>sign-off</em> that they adhere to these requirements by adding a <code>Signed-off-by</code> line to commit messages.</p><div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">This is my commit message</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">Signed-off-by: Random J Developer &lt;random@developer.example.org&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Git even has a <code>-s</code> command line option to append this automatically to your commit message:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit -s -m </span><span class="token string" style="color:#e3116c">&#x27;This is my commit message&#x27;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Pull requests that do not contain a valid <code>Signed-off-by</code> line cannot be merged.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="i-didnt-sign-my-commit-now-what">I didn&#x27;t sign my commit, now what?<a href="#i-didnt-sign-my-commit-now-what" class="hash-link" aria-label="Direct link to I didn&#x27;t sign my commit, now what?" title="Direct link to I didn&#x27;t sign my commit, now what?">​</a></h3><p>No worries - You can easily amend your commit with a sign-off and force push the change to your submitting branch:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> switch </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit --amend --no-edit --signoff</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> push --force-with-lease </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">remote-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="code-of-conduct">Code of Conduct<a href="#code-of-conduct" class="hash-link" aria-label="Direct link to Code of Conduct" title="Direct link to Code of Conduct">​</a></h2><p>This project has adopted the <a href="/copacetic/website/next/code-of-conduct">Contributor Covenant Code of Conduct</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/faq"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">FAQ</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/code-of-conduct"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Code of Conduct</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#bi-weekly-community-meeting" class="table-of-contents__link toc-highlight">Bi-Weekly Community Meeting</a></li><li><a href="#slack" class="table-of-contents__link toc-highlight">Slack</a></li><li><a href="#contributing-issues" class="table-of-contents__link toc-highlight">Contributing Issues</a></li><li><a href="#contributing-code" class="table-of-contents__link toc-highlight">Contributing Code</a><ul><li><a href="#getting-started" class="table-of-contents__link toc-highlight">Getting Started</a></li><li><a href="#visual-studio-code-development-container" class="table-of-contents__link toc-highlight">Visual Studio Code Development Container</a></li><li><a href="#tests" class="table-of-contents__link toc-highlight">Tests</a></li><li><a href="#pull-requests" class="table-of-contents__link toc-highlight">Pull Requests</a></li></ul></li><li><a href="#developer-certificate-of-origin-dco" class="table-of-contents__link toc-highlight">Developer Certificate of Origin (DCO)</a><ul><li><a href="#i-didnt-sign-my-commit-now-what" class="table-of-contents__link toc-highlight">I didn&#39;t sign my commit, now what?</a></li></ul></li><li><a href="#code-of-conduct" class="table-of-contents__link toc-highlight">Code of Conduct</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/design.html b/website/next/design.html
index 70ae17c1..da300207 100644
--- a/website/next/design.html
+++ b/website/next/design.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next/design">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/design">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/design">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/design">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/design">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/design">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Design</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Design</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-tenets">Design Tenets<a href="#design-tenets" class="hash-link" aria-label="Direct link to Design Tenets" title="Direct link to Design Tenets">​</a></h2><ul><li><p><strong>Copa is intended to accelerate container patching by eliminating waiting on base image dependency chains to update.</strong> This is a raison d’etre for the Copa project, so if we figured out a different way to patch containers that still relied on waiting for base images to be rebuilt and republished, we would consider spinning that off into a different project instead of making it part of Copa.</p></li><li><p><strong>Copa is intended to work with the existing ecosystem of container images.</strong> The project should have a strong preference for solutions that do not require image producers to create or modify their images in special ways to use Copa.</p></li><li><p><strong>Copa is intended to allow parties other than the image authors to address container vulnerabilities.</strong> Copa should require a minimum of special knowledge about the lineage and construction of an image from the user to patch it successfully.</p></li><li><p><strong>Copa is intended to do one thing well and be composable with other tools and processes.</strong> Copa does not have to be a universal multitool for container patching. For example, it is preferable that it integrates with popular container scanning tools rather than incorporating custom container scanning into the project itself. Similarly, it does not need to become a general container manipulation tool in the vein of crane.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-reasoning">Design Reasoning<a href="#design-reasoning" class="hash-link" aria-label="Direct link to Design Reasoning" title="Direct link to Design Reasoning">​</a></h2><p>The design of copa arises from the application of those tenets to the observed issues in previous efforts directly update container images via rebasing, for example, the experimental <a href="https://github.com/google/go-containerregistry/blob/main/cmd/crane/rebase.md" target="_blank" rel="noopener noreferrer"><code>crane rebase</code></a>:</p><ul><li><p>Rebasing requires that all actors involved in creation of the image are coordinated so that some layers can be switched out without breaking the image. Attempting to switch out layers in the container overlay structure is brittle because most existing containers are created by writing over shared configuration files and data stores in base images. For example, an <code>apt install</code> during image creation will overwrite the dpkg <code>status</code> file in the base image, which will mask any package updates in a rebased layer. Since many existing container scanners rely on the reported package status to find vulnerable package versions, this can cause new vulnerabilities to not be reported or for patched binaries not to be recognized by the scanners.</p><p>To avoid breaking integration with the existing container ecosystem, copa patches the filesystem bundle as a whole instead of as a collection of layers so that the resulting image state is consistent. This strategy also allows copa to patch vulnerabilties introduced at any layer in the image, including OS packages added in the app layers that is not addressed by a simple rebase. It also supports the core tenet of supporting patching without requiring coordination with all the publishers of the base images that a given image transitively depends on.</p></li><li><p>Rebasing also requires that the user knows <em>a priori</em> what base image (or transitive base image) is in the target image to determine which appropriate rebase image to use. This makes it very difficult for anyone not intimately involved with authoring the image from being able to remediate it, which is one of our tenets.</p><p>While it is possible to embed extra metadata or annotations into the target image to facilitate this base image (or transitive base image) lookup, that would require that the images to be patched be modified or created especially to support updates, which goes against another of our tenets to be able to patch images without requiring them to be customized explicitly for that purpose.</p><p>The design of copa addresses this by reframing the problem of updating containers and understanding the structure or lineage of a container image to the more specific problem of what packages in a given container image need to be updated. This allows copa to tap into the expertise embedded in the much more robust ecosystem for detecting and remediating vulnerabilities at the package level that already exists today. By making copa an additional remediation step that can be run after a container scan in existing workflows, we avoid both of those issues with an additional benefit: it incurs no additional work on the part of base image publishers to support patching of images based on their base images, the existing channels for publishing update packages is sufficient to service those container images as well.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="architecture">Architecture<a href="#architecture" class="hash-link" aria-label="Direct link to Architecture" title="Direct link to Architecture">​</a></h2><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>The requirements presented encourage an extensible model in order to support broad applicability. Specifically, there are two areas that the tool will need to accommodate multiple implementations to support more use cases:</p><ul><li>The data schema of various vulnerability scanners producing the input vulnerability report.</li><li>The state management of various package managers and process for applying patches appropriately through them.</li></ul><p>Effectively, <code>copa patch</code> can be considered a command that bridges an extensible <code>Parse</code> action with an extensible <code>Apply</code> action as illustrated in the diagram; the implementation can be thought of as an engine that uses this abstract Go interface to apply security update packages:</p><div class="language-go codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-go codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdatePackage </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Name    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Version </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdateManifest </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSType    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSVersion </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Arch      </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Updates   </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">UpdatePackage</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> ScanReportParser </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Parse</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">reportPath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">(</span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> PackageManager </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Apply</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">imagePath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> report </span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="implementation">Implementation<a href="#implementation" class="hash-link" aria-label="Direct link to Implementation" title="Direct link to Implementation">​</a></h2><img loading="lazy" title="buildkit graph execution" src="/copacetic/website/img/graph-execution.png" class="img_ev3q"><p><code>copa</code> is a pseudo-frontend to <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> implemented as a CLI tool. Effectively, instead of taking a container definition to create from scratch, it takes the reference to the target image to patch and a container scan report and builds a series of <a href="https://github.com/moby/buildkit/tree/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4#exploring-llb" target="_blank" rel="noopener noreferrer">LLB graphs</a> for buildkit to execute:</p><ol><li>Actions to probe the image as a filesystem bundle, for example, retrieving the package manager status in the image.<ul><li>Within each distribution type identified by the scanner report (e.g. Debian) there can be different ways of applying patches to the target image (e.g. distroless), which can be differentiated through these actions.</li></ul></li><li>Actions to fetch and deploy tools that can be injected into the target image to perform the patching.<ul><li>In cases where the package tools are not available in the target image, a standard version of the OS container matching the target image&#x27;s is used to stage the necessary tooling for patches.</li><li>In the case of distroless images for example, where there is no valid package status file in the target image, the tooling container is also used to pull down and process the necessary package updates for copy to the target image.</li><li>Although not pictured, this can also be used to obtain tools (e.g. busybox) to be used in the image probing stage as well.</li></ul></li><li>Actions to deploy the required patch packages to the target image.<ul><li><code>copa</code> integrates with buildkit at the API level because it uses the <a href="https://github.com/moby/buildkit/blob/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4/docs/merge%2Bdiff.md" target="_blank" rel="noopener noreferrer">diff and merge</a> graph operations directly so that it can stage all the necessary tooling in the target image while producing a resulting image that only contains the original image plus a new layer with all the deployed patches.</li></ul></li></ol><h2 class="anchor anchorWithStickyNavbar_LWe7" id="tradeoffs">Tradeoffs<a href="#tradeoffs" class="hash-link" aria-label="Direct link to Tradeoffs" title="Direct link to Tradeoffs">​</a></h2><ul><li>The core architectural choice of relying on packages as the unit of patching creates a couple of constraints:<ul><li>By relying on existing vulnerability scanner behavior that only detects vulnerabilities via presence/absence of vulnerable packages, copa is limited in the kinds of vulnerabilities it can address and false positive/negatives from scanners flow downstream to copa.</li><li>copa depends on individual package manager adapters to correctly deploy patches to the target images, but there is a long tail of compatibility issues that arise depending on the target image itself (e.g. outdated package manager config/keys, invalid/missing package graph, etc.). Overall, the maintenance cost of the project is expected to be non-trivial to address this.</li></ul></li><li>No support for windows containers given the dependency on buildkit.</li></ul></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/troubleshooting"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Troubleshooting</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/faq"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">FAQ</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#design-tenets" class="table-of-contents__link toc-highlight">Design Tenets</a></li><li><a href="#design-reasoning" class="table-of-contents__link toc-highlight">Design Reasoning</a></li><li><a href="#architecture" class="table-of-contents__link toc-highlight">Architecture</a></li><li><a href="#implementation" class="table-of-contents__link toc-highlight">Implementation</a></li><li><a href="#tradeoffs" class="table-of-contents__link toc-highlight">Tradeoffs</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/faq.html b/website/next/faq.html
index 70e28b7e..68ccb79d 100644
--- a/website/next/faq.html
+++ b/website/next/faq.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next/faq">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/faq">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/faq">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/faq">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/faq">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/faq">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">FAQ</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>FAQ</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-kind-of-vulnerabilities-can-copa-patch">What kind of vulnerabilities can Copa patch?<a href="#what-kind-of-vulnerabilities-can-copa-patch" class="hash-link" aria-label="Direct link to What kind of vulnerabilities can Copa patch?" title="Direct link to What kind of vulnerabilities can Copa patch?">​</a></h2><p>Copa is capable of patching &quot;OS level&quot; vulnerabilities. This includes packages (like <code>openssl</code>) in the image that are managed by a package manager such as <code>apt</code> or <code>yum</code>. Copa is not currently capable of patching vulnerabilities at the &quot;application level&quot; such as Python packages or Go modules.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/design"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Design</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/contributing"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#what-kind-of-vulnerabilities-can-copa-patch" class="table-of-contents__link toc-highlight">What kind of vulnerabilities can Copa patch?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/installation.html b/website/next/installation.html
index 51e4c4cd..df1b54d8 100644
--- a/website/next/installation.html
+++ b/website/next/installation.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next/installation">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/installation">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/installation">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/installation">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/installation">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/installation">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Installation</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Installation</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="homebrew">Homebrew<a href="#homebrew" class="hash-link" aria-label="Direct link to Homebrew" title="Direct link to Homebrew">​</a></h2><p>On macOS and Linux, <code>copa</code> can be installed via <a href="https://brew.sh/" target="_blank" rel="noopener noreferrer">Homebrew</a>:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">brew </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> copa</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="github">GitHub<a href="#github" class="hash-link" aria-label="Direct link to GitHub" title="Direct link to GitHub">​</a></h2><p>You can download the latest and previous versions of <code>copa</code> from the <a href="https://github.com/project-copacetic/copacetic/releases" target="_blank" rel="noopener noreferrer">GitHub releases page</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="development-setup">Development Setup<a href="#development-setup" class="hash-link" aria-label="Direct link to Development Setup" title="Direct link to Development Setup">​</a></h2><p>The following instructions are for <strong>Ubuntu 22.04</strong> with the dependency versions supported as part of the <a href="/copacetic/website/next/contributing#visual-studio-code-development-container">dev container</a> environment we use for builds and tests. For other distributions and OS, refer to the appropriate installation instructions for each of the components instead.</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> clone https://github.com/project-copacetic/copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">cd</span><span class="token plain"> copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">make</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># OPTIONAL: install copa to a pathed folder</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">mv</span><span class="token plain"> dist/linux_amd64/release/copa /usr/local/bin/</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Introduction</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/quick-start"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Quick Start</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#homebrew" class="table-of-contents__link toc-highlight">Homebrew</a></li><li><a href="#github" class="table-of-contents__link toc-highlight">GitHub</a></li><li><a href="#development-setup" class="table-of-contents__link toc-highlight">Development Setup</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/output.html b/website/next/output.html
index e3f3fc53..ce0fb8bb 100644
--- a/website/next/output.html
+++ b/website/next/output.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next/output">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Output</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Output</h1></header><div class="theme-admonition theme-admonition-caution alert alert--warning admonition_LlT9"><div class="admonitionHeading_tbUL"><span class="admonitionIcon_kALy"><svg viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8.893 1.5c-.183-.31-.52-.5-.887-.5s-.703.19-.886.5L.138 13.499a.98.98 0 0 0 0 1.001c.193.31.53.501.886.501h13.964c.367 0 .704-.19.877-.5a1.03 1.03 0 0 0 .01-1.002L8.893 1.5zm.133 11.497H6.987v-2.003h2.039v2.003zm0-3.004H6.987V5.987h2.039v4.006z"></path></svg></span>caution</div><div class="admonitionContent_S0QG"><p>Experimental: This feature might change without preserving backwards compatibility.</p></div></div><p>Copa optionally outputs a Vulnerability Exploitability eXchange (VEX) file as a result of the patching process to surface the vulnerabilities and packages that were patched.</p><p>Currently, Copa supports the <a href="https://github.com/openvex" target="_blank" rel="noopener noreferrer">OpenVEX</a> format, but it can be extended to support other formats.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="openvex">OpenVEX<a href="#openvex" class="hash-link" aria-label="Direct link to OpenVEX" title="Direct link to OpenVEX">​</a></h2><p>OpenVEX is an implementation of Vulnerability Exploitability eXchange (VEX) format. For more information, see <a href="https://github.com/openvex/spec/" target="_blank" rel="noopener noreferrer">OpenVEX specification</a>.</p><div class="theme-admonition theme-admonition-tip alert alert--success admonition_LlT9"><div class="admonitionHeading_tbUL"><span class="admonitionIcon_kALy"><svg viewBox="0 0 12 16"><path fill-rule="evenodd" d="M6.5 0C3.48 0 1 2.19 1 5c0 .92.55 2.25 1 3 1.34 2.25 1.78 2.78 2 4v1h5v-1c.22-1.22.66-1.75 2-4 .45-.75 1-2.08 1-3 0-2.81-2.48-5-5.5-5zm3.64 7.48c-.25.44-.47.8-.67 1.11-.86 1.41-1.25 2.06-1.45 3.23-.02.05-.02.11-.02.17H5c0-.06 0-.13-.02-.17-.2-1.17-.59-1.83-1.45-3.23-.2-.31-.42-.67-.67-1.11C2.44 6.78 2 5.65 2 5c0-2.2 2.02-4 4.5-4 1.22 0 2.36.42 3.22 1.19C10.55 2.94 11 3.94 11 5c0 .66-.44 1.78-.86 2.48zM4 14h5c-.23 1.14-1.3 2-2.5 2s-2.27-.86-2.5-2z"></path></svg></span>tip</div><div class="admonitionContent_S0QG"><ul><li><p>Use <code>COPA_VEX_AUTHOR</code> environment variable to set the author of the VEX document. If it&#x27;s not set, the author will default to <code>Project Copacetic</code>.</p></li><li><p>A VEX document must contain at least one VEX statement. If there are no fixed vulnerabilities, Copa will not generate a VEX document.</p></li></ul></div></div><p>To generate a VEX document using OpenVEX, use <code>--format=&quot;openvex&quot;</code> flag, and use <code>--output</code> to specify a file path. For example:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched --format</span><span class="token operator" style="color:#393A34">=</span><span class="token string" style="color:#e3116c">&quot;openvex&quot;</span><span class="token plain"> --output </span><span class="token string" style="color:#e3116c">&quot;nginx.1.21.6-vex.json&quot;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This will generate a VEX Document that looks like:</p><div class="language-json codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-json codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;@context&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;https://openvex.dev/ns&quot;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;https://openvex.dev/docs/public/vex-6f15c26e0410a4d44e0af4062f4b883fbc19a98e57baf131715d942213e5002a&quot;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;author&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;Project Copacetic&quot;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;timestamp&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;2023-08-25T21:40:23.891230545Z&quot;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;version&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;tooling&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;Project Copacetic&quot;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">  </span><span class="token property" style="color:#36acaa">&quot;statements&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">      </span><span class="token property" style="color:#36acaa">&quot;vulnerability&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;CVE-2021-3995&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">      </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">      </span><span class="token property" style="color:#36acaa">&quot;products&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/bsdutils@1:2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/libblkid1@2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/libmount1@2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/libsmartcols1@2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/libuuid1@2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/mount@2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">          </span><span class="token property" style="color:#36acaa">&quot;@id&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;pkg:deb/debian/util-linux@2.36.1-8?arch=amd64&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">        </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">      </span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">      </span><span class="token property" style="color:#36acaa">&quot;status&quot;</span><span class="token operator" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;fixed&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    ...</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/quick-start"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Quick Start</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/troubleshooting"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Troubleshooting</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#openvex" class="table-of-contents__link toc-highlight">OpenVEX</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/quick-start.html b/website/next/quick-start.html
index a2e46f44..0ca23c48 100644
--- a/website/next/quick-start.html
+++ b/website/next/quick-start.html
@@ -7,16 +7,16 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next/quick-start">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/quick-start">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/quick-start">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/quick-start">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/quick-start">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/quick-start">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Quick Start</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Quick Start</h1></header><p>This sample illustrates how to patch containers using vulnerability reports with <code>copa</code>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="prerequisites">Prerequisites<a href="#prerequisites" class="hash-link" aria-label="Direct link to Prerequisites" title="Direct link to Prerequisites">​</a></h2><ul><li>An Ubuntu 22.04 VM configured through the <a href="/copacetic/website/next/installation">setup instructions</a>. This includes:<ul><li><code>copa</code> tool <a href="/copacetic/website/next/installation">built &amp; pathed</a>.</li><li><a href="https://github.com/moby/buildkit/#quick-start" target="_blank" rel="noopener noreferrer">buildkit</a> daemon installed &amp; pathed. <a href="#buildkit-connection-examples">Examples</a></li><li><a href="https://docs.docker.com/desktop/linux/install/#generic-installation-steps" target="_blank" rel="noopener noreferrer">docker</a> daemon running and CLI installed &amp; pathed.</li><li><a href="https://aquasecurity.github.io/trivy/latest/getting-started/installation/" target="_blank" rel="noopener noreferrer">trivy CLI</a> installed &amp; pathed.</li></ul></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="sample-steps">Sample Steps<a href="#sample-steps" class="hash-link" aria-label="Direct link to Sample Steps" title="Direct link to Sample Steps">​</a></h2><ol><li><p>Scan the container image for patchable OS vulnerabilities, outputting the results to a JSON file:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6.json docker.io/library/nginx:1.21.6</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also see the existing patchable vulnerabilities in table form on the shell with:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>To patch the image, use the Trivy report and specify a buildkit instance to connect to:</p><p>By default copa will attempt to auto-connect to an instance in order:</p><ol><li>Default docker buildkit endpoint (requires at least docker v24.0 with <a href="https://docs.docker.com/storage/containerd/#enable-containerd-image-store-on-docker-engine" target="_blank" rel="noopener noreferrer">containerd snapshotter</a> support enabled)</li><li>Currently selected buildx builder (see: <code>docker buildx --help</code>)</li><li>buildkit daemon at the default address <code>/run/buildkit/buildkitd.sock</code></li></ol><p>If an instance doesn&#x27;t exist or that instance doesn&#x27;t support all the features copa needs the next will be attempted.
-You may need to specify a custom address using the <code>--addr</code> flag. Here are the supported formats:</p><ul><li><code>unix:///path/to/buildkit.sock</code> - Connect to buildkit over unix socket.</li><li><code>tcp://$BUILDKIT_ADDR:$PORT</code> - Connec to buildkit over TCP. (not recommended for security reasons)</li><li><code>docker://&lt;docker connection spec&gt;</code> - Connect to docker, currently only unix sockets are supported, e.g. <code>docker://unix:///var/run/docker.sock</code> (or just <code>docker://</code>).</li><li><code>docker-container://my-buildkit-container</code> - Connect to a buildkitd running in a docker container.</li><li><code>buildx://my-builder</code> - Connect to a buildx builder (or <code>buildx://</code> for the currently selected builder). <em>Note: only container-backed buildx instances are currently supported</em></li><li><code>nerdctl-container://my-container-name</code> - Similar to <code>docker-container</code> but uses <code>nerdctl</code>.</li><li><code>podman-container://my-container-name</code> - Similar to <code>docker-container</code> but uses <code>podman</code>.</li><li><code>ssh://myhost</code> - Connect to a buildkit instance over SSH. Format of the host spec should mimic the SSH command.</li><li><code>kubepod://mypod</code> - Connect to buildkit running in a Kubernetes pod. Can also specify kubectl context and pod namespace (<code>kubepod://mypod?context=foo&amp;namespace=notdefault</code>).</li></ul><h4 class="anchor anchorWithStickyNavbar_LWe7" id="buildkit-connection-examples">Buildkit Connection Examples<a href="#buildkit-connection-examples" class="hash-link" aria-label="Direct link to Buildkit Connection Examples" title="Direct link to Buildkit Connection Examples">​</a></h4><p>Example: Connect using defaults:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Connect to buildx</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">docker buildx create --name demo</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr buildx://demo</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Buildkit in a container</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">export BUILDKIT_VERSION=v0.12.0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">docker run \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --detach \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --rm \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --privileged \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --name buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --entrypoint buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    &quot;moby/buildkit:$BUILDKIT_VERSION&quot;</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr docker-container://buildkitd</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Buildkit over TCP</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">export BUILDKIT_VERSION=v0.12.0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> export BUILDKIT_PORT=8888</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> docker run \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --detach \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --rm \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --privileged \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -p 127.0.0.1:$BUILDKIT_PORT:$BUILDKIT_PORT/tcp \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --name buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --entrypoint buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     &quot;moby/buildkit:$BUILDKIT_VERSION&quot; \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --addr tcp://0.0.0.0:$BUILDKIT_PORT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> copa patch \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -i docker.io/library/nginx:1.21.6 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -r nginx.1.21.6.json \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -t 1.21.6-patched \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -a tcp://0.0.0.0:$BUILDKIT_PORT</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In either case, <code>copa</code> is non-destructive and exports a new image with the specified <code>1.21.6-patched</code> label to the local Docker daemon.</p><blockquote><p><strong>NOTE:</strong> if you&#x27;re running this sample against an image from a private registry instead,
+You may need to specify a custom address using the <code>--addr</code> flag. Here are the supported formats:</p><ul><li><code>unix:///path/to/buildkit.sock</code> - Connect to buildkit over unix socket.</li><li><code>tcp://$BUILDKIT_ADDR:$PORT</code> - Connect to buildkit over TCP. (not recommended for security reasons)</li><li><code>docker://&lt;docker connection spec&gt;</code> - Connect to docker, currently only unix sockets are supported, e.g. <code>docker://unix:///var/run/docker.sock</code> (or just <code>docker://</code>).</li><li><code>docker-container://my-buildkit-container</code> - Connect to a buildkitd running in a docker container.</li><li><code>buildx://my-builder</code> - Connect to a buildx builder (or <code>buildx://</code> for the currently selected builder). <em>Note: only container-backed buildx instances are currently supported</em></li><li><code>nerdctl-container://my-container-name</code> - Similar to <code>docker-container</code> but uses <code>nerdctl</code>.</li><li><code>podman-container://my-container-name</code> - Similar to <code>docker-container</code> but uses <code>podman</code>.</li><li><code>ssh://myhost</code> - Connect to a buildkit instance over SSH. Format of the host spec should mimic the SSH command.</li><li><code>kubepod://mypod</code> - Connect to buildkit running in a Kubernetes pod. Can also specify kubectl context and pod namespace (<code>kubepod://mypod?context=foo&amp;namespace=notdefault</code>).</li></ul><h4 class="anchor anchorWithStickyNavbar_LWe7" id="buildkit-connection-examples">Buildkit Connection Examples<a href="#buildkit-connection-examples" class="hash-link" aria-label="Direct link to Buildkit Connection Examples" title="Direct link to Buildkit Connection Examples">​</a></h4><p>Example: Connect using defaults:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Connect to buildx</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">docker buildx create --name demo</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr buildx://demo</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Buildkit in a container</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">export BUILDKIT_VERSION=v0.12.0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">docker run \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --detach \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --rm \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --privileged \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --name buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --entrypoint buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    &quot;moby/buildkit:$BUILDKIT_VERSION&quot;</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr docker-container://buildkitd</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Buildkit over TCP</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">export BUILDKIT_VERSION=v0.12.0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> export BUILDKIT_PORT=8888</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> docker run \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --detach \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --rm \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --privileged \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -p 127.0.0.1:$BUILDKIT_PORT:$BUILDKIT_PORT/tcp \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --name buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --entrypoint buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     &quot;moby/buildkit:$BUILDKIT_VERSION&quot; \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --addr tcp://0.0.0.0:$BUILDKIT_PORT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> copa patch \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -i docker.io/library/nginx:1.21.6 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -r nginx.1.21.6.json \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -t 1.21.6-patched \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -a tcp://0.0.0.0:$BUILDKIT_PORT</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In either case, <code>copa</code> is non-destructive and exports a new image with the specified <code>1.21.6-patched</code> label to the local Docker daemon.</p><blockquote><p><strong>NOTE:</strong> if you&#x27;re running this sample against an image from a private registry instead,
 ensure that the credentials are configured in the default Docker config.json before running <code>copa patch</code>,
 for example, via <code>sudo docker login -u &lt;user&gt; -p &lt;password&gt; &lt;registry&gt;</code>.</p></blockquote></li><li><p>Scan the patched image and verify that the vulnerabilities have been patched:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also inspect the structure of the patched image with <code>docker history</code> to see the new patch layer appended to the image:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">history</span><span class="token plain"> docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">IMAGE          CREATED        CREATED BY                                      SIZE      COMMENT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">a372df41e06d   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain"> minute ago   </span><span class="token function" style="color:#d73a49">mount</span><span class="token plain"> / from </span><span class="token builtin class-name">exec</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">sh</span><span class="token plain"> -c </span><span class="token function" style="color:#d73a49">apt</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> --no-ins…   </span><span class="token number" style="color:#36acaa">26</span><span class="token plain">.1MB    buildkit.exporter.image.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   CMD </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;nginx&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;-g&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;daemon off;&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   EXPOSE map</span><span class="token punctuation" style="color:#393A34">[</span><span class="token number" style="color:#36acaa">80</span><span class="token plain">/tcp:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENTRYPOINT </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;/docker-entrypoint.sh&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">            0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">30</span><span class="token plain">-tune-worker-processes.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">4</span><span class="token plain">.61kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">20</span><span class="token plain">-envsubst-on-templates.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.04kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh /docker…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.96kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY docker-entrypoint.sh / </span><span class="token comment" style="color:#999988;font-style:italic"># buildkit          1.2kB     buildkit.dockerfile.v0</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   RUN /bin/sh -c </span><span class="token builtin class-name">set</span><span class="token plain"> -x     </span><span class="token operator" style="color:#393A34">&amp;&amp;</span><span class="token plain"> addgroup --syst…   </span><span class="token number" style="color:#36acaa">61</span><span class="token plain">.1MB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">PKG_RELEASE</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1</span><span class="token plain">~bullseye                      0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NJS_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">0.7</span><span class="token plain">.0                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NGINX_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1.20</span><span class="token plain">.2                        0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   LABEL </span><span class="token assign-left variable" style="color:#36acaa">maintainer</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">NGINX Docker Maintainers </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">d…   0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop)  CMD [&quot;bash&quot;]                 0B</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop) ADD file:09675d11695f65c55…   80.4MB</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Run the container to verify that the image has no regressions:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run -it --rm --name nginx-test docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Looking </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> shell scripts </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /docker-entrypoint.d/</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Configuration complete</span><span class="token punctuation" style="color:#393A34">;</span><span class="token plain"> ready </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> start up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: using the &quot;epoll&quot; event method</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: nginx/1.20.2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker processes</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 31</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 32</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 33</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 34</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 35</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 36</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 37</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 38</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">38</span><span class="token comment" style="color:#999988;font-style:italic">#38: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">36</span><span class="token comment" style="color:#999988;font-style:italic">#36: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">33</span><span class="token comment" style="color:#999988;font-style:italic">#33: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">32</span><span class="token comment" style="color:#999988;font-style:italic">#32: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">34</span><span class="token comment" style="color:#999988;font-style:italic">#34: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">35</span><span class="token comment" style="color:#999988;font-style:italic">#35: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">37</span><span class="token comment" style="color:#999988;font-style:italic">#37: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">31</span><span class="token comment" style="color:#999988;font-style:italic">#31: signal 28 (SIGWINCH) received</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can stop the container by opening a new shell instance and running: <code>docker stop nginx-test</code></p></li></ol></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installation</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/output"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Output</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#sample-steps" class="table-of-contents__link toc-highlight">Sample Steps</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/next/troubleshooting.html b/website/next/troubleshooting.html
index 36912f63..787d94e1 100644
--- a/website/next/troubleshooting.html
+++ b/website/next/troubleshooting.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/next">Next</a><ul class="dropdown__menu"><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/next/troubleshooting">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/troubleshooting">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/output">Output</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/next/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/next/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is unreleased documentation for <!-- -->Copacetic<!-- --> <b>Next</b> version.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/troubleshooting">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Troubleshooting</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: Next</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Troubleshooting</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="filtering-vulnerabilities">Filtering Vulnerabilities<a href="#filtering-vulnerabilities" class="hash-link" aria-label="Direct link to Filtering Vulnerabilities" title="Direct link to Filtering Vulnerabilities">​</a></h2><p>You might want to filter/ignore some of the vulnerabilities while patching. To do so, you need to first filter those undesired vulnerabilities from your scanner output.</p><p>For Trivy, vulnerabilities can be filtered by the following 2 ways:</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="rego-policy">Rego Policy<a href="#rego-policy" class="hash-link" aria-label="Direct link to Rego Policy" title="Direct link to Rego Policy">​</a></h3><p>An example rego file which demonstrates how to ignore certain Vulnerability IDs or Package Names:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">cat</span><span class="token plain"> trivy_ignore.rego</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">package trivy</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">import</span><span class="token plain"> data.lib.trivy</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">default ignore </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">false</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Ignore the following Vulnerability IDs</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore_vulnerability_ids :</span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">   </span><span class="token string" style="color:#e3116c">&quot;CVE-2018-14618&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Ignore the following Package Names</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore_pkgs :</span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token string" style="color:#e3116c">&quot;bash&quot;</span><span class="token plain">, </span><span class="token string" style="color:#e3116c">&quot;vim&quot;</span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># For ignoring vulnID</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">   input.VulnerabilityID </span><span class="token operator" style="color:#393A34">==</span><span class="token plain"> ignore_vulnerability_ids</span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">_</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># For ignoring pkgName</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    input.PkgName </span><span class="token operator" style="color:#393A34">==</span><span class="token plain"> ignore_pkgs</span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">_</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>After adding the above rego file, run the image scan with the <code>--ignore-policy</code> flag followed by the file name to ignore them while scanning:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --ignore-policy trivy_ignore.rego ruby:2.4.0</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In the above example, the vulnerability &quot;CVE-2018-14618&quot;  and the packages &quot;bash&quot; &amp; &quot;vim&quot; are ignored while scanning, and hence patching the image.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="ignore-file">Ignore File<a href="#ignore-file" class="hash-link" aria-label="Direct link to Ignore File" title="Direct link to Ignore File">​</a></h3><p>Use a <code>.trivyignore</code> file to list all the vulnerabilities you want to ignore.</p><p>Example:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">cat</span><span class="token plain"> .trivyignore</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Accept the risk</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">CVE-2018-14618</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In the above example, the vulnerability CVE-2018-14618 is ignored while scanning, and hence while patching the image.</p><p>For a more detailed explanation on how to ignore certain vulnerabilities with Trivy, please refer to the official documentation <a href="https://aquasecurity.github.io/trivy/v0.44/docs/configuration/filtering/" target="_blank" rel="noopener noreferrer">here</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/next/output"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Output</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/next/design"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Design</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#filtering-vulnerabilities" class="table-of-contents__link toc-highlight">Filtering Vulnerabilities</a><ul><li><a href="#rego-policy" class="table-of-contents__link toc-highlight">Rego Policy</a></li><li><a href="#ignore-file" class="table-of-contents__link toc-highlight">Ignore File</a></li></ul></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/quick-start.html b/website/quick-start.html
index 4fca72a4..24ef733d 100644
--- a/website/quick-start.html
+++ b/website/quick-start.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -16,7 +16,7 @@
 You may need to specify a custom address using the <code>--addr</code> flag. Here are the supported formats:</p><ul><li><code>unix:///path/to/buildkit.sock</code> - Connect to buildkit over unix socket.</li><li><code>tcp://$BUILDKIT_ADDR:$PORT</code> - Connec to buildkit over TCP. (not recommended for security reasons)</li><li><code>docker://&lt;docker connection spec&gt;</code> - Connect to docker, currently only unix sockets are supported, e.g. <code>docker://unix:///var/run/docker.sock</code> (or just <code>docker://</code>).</li><li><code>docker-container://my-buildkit-container</code> - Connect to a buildkitd running in a docker container.</li><li><code>buildx://my-builder</code> - Connect to a buildx builder (or <code>buildx://</code> for the currently selected builder). <em>Note: only container-backed buildx instances are currently supported</em></li><li><code>nerdctl-container://my-container-name</code> - Similar to <code>docker-container</code> but uses <code>nerdctl</code>.</li><li><code>podman-container://my-container-name</code> - Similar to <code>docker-container</code> but uses <code>podman</code>.</li><li><code>ssh://myhost</code> - Connect to a buildkit instance over SSH. Format of the host spec should mimic the SSH command.</li><li><code>kubepod://mypod</code> - Connect to buildkit running in a Kubernetes pod. Can also specify kubectl context and pod namespace (<code>kubepod://mypod?context=foo&amp;namespace=notdefault</code>).</li></ul><h4 class="anchor anchorWithStickyNavbar_LWe7" id="buildkit-connection-examples">Buildkit Connection Examples<a href="#buildkit-connection-examples" class="hash-link" aria-label="Direct link to Buildkit Connection Examples" title="Direct link to Buildkit Connection Examples">​</a></h4><p>Example: Connect using defaults: </p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i mcr.microsoft.com/oss/nginx/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Connect to buildx</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">docker buildx create --name demo</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i mcr.microsoft.com/oss/nginx/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr buildx://demo</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Buildkit in a container</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">export BUILDKIT_VERSION=v0.12.0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">docker run \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --detach \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --rm \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --privileged \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --name buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --entrypoint buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    &quot;moby/buildkit:$BUILDKIT_VERSION&quot;</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch -i mcr.microsoft.com/oss/nginx/nginx:1.21.6 -r nginx.1.21.6.json -t 1.21.6-patched --addr docker-container://buildkitd</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example: Buildkit over TCP</p><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">export BUILDKIT_VERSION=v0.12.0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> export BUILDKIT_PORT=8888</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> docker run \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --detach \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --rm \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --privileged \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -p 127.0.0.1:$BUILDKIT_PORT:$BUILDKIT_PORT/tcp \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --name buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --entrypoint buildkitd \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     &quot;moby/buildkit:$BUILDKIT_VERSION&quot; \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     --addr tcp://0.0.0.0:$BUILDKIT_PORT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> copa patch \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -i mcr.microsoft.com/oss/nginx/nginx:1.21.6 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -r nginx.1.21.6.json \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -t 1.21.6-patched \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">     -a tcp://0.0.0.0:$BUILDKIT_PORT    </span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In either case, <code>copa</code> is non-destructive and exports a new image with the specified <code>1.21.6-patched</code> label to the local Docker daemon.</p><blockquote><p><strong>NOTE:</strong> if you&#x27;re running this sample against an image from a private registry instead,
 ensure that the credentials are configured in the default Docker config.json before running <code>copa patch</code>,
 for example, via <code>sudo docker login -u &lt;user&gt; -p &lt;password&gt; &lt;registry&gt;</code>.</p></blockquote></li><li><p>Scan the patched image and verify that the vulnerabilities have been patched:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed mcr.microsoft.com/oss/nginx/nginx:1.21.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also inspect the structure of the patched image with <code>docker history</code> to see the new patch layer appended to the image:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">history</span><span class="token plain"> mcr.microsoft.com/oss/nginx/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">IMAGE          CREATED        CREATED BY                                      SIZE      COMMENT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">a372df41e06d   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain"> minute ago   </span><span class="token function" style="color:#d73a49">mount</span><span class="token plain"> / from </span><span class="token builtin class-name">exec</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">sh</span><span class="token plain"> -c </span><span class="token function" style="color:#d73a49">apt</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> --no-ins…   </span><span class="token number" style="color:#36acaa">26</span><span class="token plain">.1MB    buildkit.exporter.image.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   CMD </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;nginx&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;-g&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;daemon off;&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   EXPOSE map</span><span class="token punctuation" style="color:#393A34">[</span><span class="token number" style="color:#36acaa">80</span><span class="token plain">/tcp:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENTRYPOINT </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;/docker-entrypoint.sh&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">            0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">30</span><span class="token plain">-tune-worker-processes.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">4</span><span class="token plain">.61kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">20</span><span class="token plain">-envsubst-on-templates.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.04kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh /docker…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.96kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY docker-entrypoint.sh / </span><span class="token comment" style="color:#999988;font-style:italic"># buildkit          1.2kB     buildkit.dockerfile.v0</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   RUN /bin/sh -c </span><span class="token builtin class-name">set</span><span class="token plain"> -x     </span><span class="token operator" style="color:#393A34">&amp;&amp;</span><span class="token plain"> addgroup --syst…   </span><span class="token number" style="color:#36acaa">61</span><span class="token plain">.1MB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">PKG_RELEASE</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1</span><span class="token plain">~bullseye                      0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NJS_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">0.7</span><span class="token plain">.0                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NGINX_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1.20</span><span class="token plain">.2                        0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   LABEL </span><span class="token assign-left variable" style="color:#36acaa">maintainer</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">NGINX Docker Maintainers </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">d…   0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop)  CMD [&quot;bash&quot;]                 0B</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop) ADD file:09675d11695f65c55…   80.4MB</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Run the container to verify that the image has no regressions:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run -it --rm --name nginx-test mcr.microsoft.com/oss/nginx/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Looking </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> shell scripts </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /docker-entrypoint.d/</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Configuration complete</span><span class="token punctuation" style="color:#393A34">;</span><span class="token plain"> ready </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> start up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: using the &quot;epoll&quot; event method</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: nginx/1.20.2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker processes</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 31</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 32</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 33</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 34</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 35</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 36</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 37</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 38</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">38</span><span class="token comment" style="color:#999988;font-style:italic">#38: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">36</span><span class="token comment" style="color:#999988;font-style:italic">#36: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">33</span><span class="token comment" style="color:#999988;font-style:italic">#33: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">32</span><span class="token comment" style="color:#999988;font-style:italic">#32: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">34</span><span class="token comment" style="color:#999988;font-style:italic">#34: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">35</span><span class="token comment" style="color:#999988;font-style:italic">#35: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">37</span><span class="token comment" style="color:#999988;font-style:italic">#37: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">31</span><span class="token comment" style="color:#999988;font-style:italic">#31: signal 28 (SIGWINCH) received</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can stop the container by opening a new shell instance and running: <code>docker stop nginx-test</code></p></li></ol></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installation</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/troubleshooting"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Troubleshooting</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#sample-steps" class="table-of-contents__link toc-highlight">Sample Steps</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/troubleshooting.html b/website/troubleshooting.html
index eea70a50..1a3d988a 100644
--- a/website/troubleshooting.html
+++ b/website/troubleshooting.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/">v0.4.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/troubleshooting">Next</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/troubleshooting">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/troubleshooting">Troubleshooting</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Troubleshooting</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.4.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Troubleshooting</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="filtering-vulnerabilities">Filtering Vulnerabilities<a href="#filtering-vulnerabilities" class="hash-link" aria-label="Direct link to Filtering Vulnerabilities" title="Direct link to Filtering Vulnerabilities">​</a></h2><p>You might want to filter/ignore some of the vulnerabilities while patching. To do so, you need to first filter those undesired vulnerabilities from your scanner output.</p><p>For Trivy, vulnerabilities can be filtered by the following 2 ways:</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="rego-policy">Rego Policy<a href="#rego-policy" class="hash-link" aria-label="Direct link to Rego Policy" title="Direct link to Rego Policy">​</a></h3><p>An example rego file which demonstrates how to ignore certain Vulnerability IDs or Package Names:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">cat</span><span class="token plain"> trivy_ignore.rego</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">package trivy</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">import</span><span class="token plain"> data.lib.trivy</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">default ignore </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">false</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Ignore the following Vulnerability IDs</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore_vulnerability_ids :</span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">   </span><span class="token string" style="color:#e3116c">&quot;CVE-2018-14618&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Ignore the following Package Names</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore_pkgs :</span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token string" style="color:#e3116c">&quot;bash&quot;</span><span class="token plain">, </span><span class="token string" style="color:#e3116c">&quot;vim&quot;</span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># For ignoring vulnID</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">   input.VulnerabilityID </span><span class="token operator" style="color:#393A34">==</span><span class="token plain"> ignore_vulnerability_ids</span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">_</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># For ignoring pkgName</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ignore </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    input.PkgName </span><span class="token operator" style="color:#393A34">==</span><span class="token plain"> ignore_pkgs</span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">_</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>After adding the above rego file, run the image scan with the <code>--ignore-policy</code> flag followed by the file name to ignore them while scanning:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --ignore-policy trivy_ignore.rego ruby:2.4.0</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In the above example, the vulnerability &quot;CVE-2018-14618&quot;  and the packages &quot;bash&quot; &amp; &quot;vim&quot; are ignored while scanning, and hence patching the image.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="ignore-file">Ignore File<a href="#ignore-file" class="hash-link" aria-label="Direct link to Ignore File" title="Direct link to Ignore File">​</a></h3><p>Use a <code>.trivyignore</code> file to list all the vulnerabilities you want to ignore.</p><p>Example:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">cat</span><span class="token plain"> .trivyignore</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Accept the risk</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">CVE-2018-14618</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In the above example, the vulnerability CVE-2018-14618 is ignored while scanning, and hence while patching the image.</p><p>For a more detailed explanation on how to ignore certain vulnerabilities with Trivy, please refer to the official documentation <a href="https://aquasecurity.github.io/trivy/v0.44/docs/configuration/filtering/" target="_blank" rel="noopener noreferrer">here</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/quick-start"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Quick Start</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/design"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Design</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#filtering-vulnerabilities" class="table-of-contents__link toc-highlight">Filtering Vulnerabilities</a><ul><li><a href="#rego-policy" class="table-of-contents__link toc-highlight">Rego Policy</a></li><li><a href="#ignore-file" class="table-of-contents__link toc-highlight">Ignore File</a></li></ul></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x.html b/website/v0.1.x.html
index b88f91d0..97bb1666 100644
--- a/website/v0.1.x.html
+++ b/website/v0.1.x.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.1.x">v0.1.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.1.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.1.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Introduction</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.1.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><h1>Project Copacetic: Directly patch container image vulnerabilities</h1><p><code>copa</code> is a CLI tool written in <a href="https://golang.org" target="_blank" rel="noopener noreferrer">Go</a> and based on <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> that can be used to directly patch container images given the vulnerability scanning results from popular tools like <a href="https://github.com/aquasecurity/trivy" target="_blank" rel="noopener noreferrer">Trivy</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="why">Why?<a href="#why" class="hash-link" aria-label="Direct link to Why?" title="Direct link to Why?">​</a></h2><p>We needed the ability to patch containers quickly without going upstream for a full rebuild. As the window between <a href="https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/" target="_blank" rel="noopener noreferrer">vulnerability disclosure and active exploitation continues to narrow</a>, there is a growing operational need to patch critical security vulnerabilities in container images so they can be quickly redeployed into production. The need is especially acute when those vulnerabilities are:</p><ul><li>inherited from base images several levels deep and waiting on updated releases to percolate through the supply chain is not an option</li><li>found in 3rd party app images you don&#x27;t maintain with update cadences that don&#x27;t meet your security SLAs.</li></ul><img loading="lazy" title="direct image patching" src="/copacetic/website/img/direct-image-patching.png" class="img_ev3q"><p>In addition to filling the operational gap not met by left-shift security practices and tools, the ability of <code>copa</code> to patch a container without requiring a rebuild of the container image provides other benefits:</p><ul><li>Allows users other than the image publishers to also patch container images, such as DevSecOps engineers.</li><li>Reduces the storage and transmission costs of redistributing patched images by only creating an additional patch layer, instead of rebuilding the entire image which usually results in different layer hashes that break layer caching.</li><li>Reduces the turnaround time for patching a container image by not having to wait for base image updates and being a faster operation than a full image rebuild.</li><li>Reduces the complexity of patching the image from running a rebuild pipeline to running a single tool on the image.</li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how">How?<a href="#how" class="hash-link" aria-label="Direct link to How?" title="Direct link to How?">​</a></h2><p>The <code>copa</code> tool is an extensible engine that:</p><ol><li>Parses the needed update packages from the container image’s vulnerability report produced by a scanner like Trivy. New adapters can be written to accommodate more report formats.</li><li>Obtains and processes the needed update packages using the appropriate package manager tools such as apt, apk, etc. New adapters can be written to support more package managers.</li><li>Applies the resulting update binaries to the container image using buildkit.</li></ol><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>This approach is motivated by the core principles of making direct container patching broadly applicable and accessible:</p><ul><li><strong>Copa supports patching <em>existing</em> container images</strong>.<ul><li>Devs don&#x27;t need to build their images using specific tools or modify them in some way just to support container patching.</li></ul></li><li><strong>Copa works with the existing vulnerability scanning and mitigation ecosystems</strong>.<ul><li>Image publishers don&#x27;t need to create new workflows for container patching since Copa supports patching container images using the security update packages already being published today.</li><li>Consumers do not need to migrate to a new and potentially more limited support ecosystem for custom distros or change their container vulnerability scanning pipelines to include remediation, since Copa can be integrated seamlessly as an extra step to patch containers based on those scanning reports.</li></ul></li><li><strong>Copa reduces the technical expertise needed and waiting on dependencies needed to patch an image</strong>.<ul><li>For OS package vulnerabilities, no specialized knowledge about a specific image is needed to be patch it as Copa relies on the vulnerability remediation knowledge already embedded in the reports produced by popular container scanning tools today.</li></ul></li></ul><p>For more details, refer to the <a href="/copacetic/website/v0.1.x/design">copa design</a> documentation.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.1.x/installation"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Installation</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#why" class="table-of-contents__link toc-highlight">Why?</a></li><li><a href="#how" class="table-of-contents__link toc-highlight">How?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x/code-of-conduct.html b/website/v0.1.x/code-of-conduct.html
index d7c72ffd..1224a577 100644
--- a/website/v0.1.x/code-of-conduct.html
+++ b/website/v0.1.x/code-of-conduct.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -62,7 +62,7 @@
 <a href="https://github.com/mozilla/diversity" target="_blank" rel="noopener noreferrer">Mozilla&#x27;s code of conduct enforcement ladder</a>.</p><p>For answers to common questions about this code of conduct, see the FAQ at
 <a href="https://www.contributor-covenant.org/faq" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/faq</a>. Translations are available at
 <a href="https://www.contributor-covenant.org/translations" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/translations</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.1.x/contributing"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#our-pledge" class="table-of-contents__link toc-highlight">Our Pledge</a></li><li><a href="#our-standards" class="table-of-contents__link toc-highlight">Our Standards</a></li><li><a href="#enforcement-responsibilities" class="table-of-contents__link toc-highlight">Enforcement Responsibilities</a></li><li><a href="#scope" class="table-of-contents__link toc-highlight">Scope</a></li><li><a href="#enforcement" class="table-of-contents__link toc-highlight">Enforcement</a></li><li><a href="#enforcement-guidelines" class="table-of-contents__link toc-highlight">Enforcement Guidelines</a><ul><li><a href="#1-correction" class="table-of-contents__link toc-highlight">1. Correction</a></li><li><a href="#2-warning" class="table-of-contents__link toc-highlight">2. Warning</a></li><li><a href="#3-temporary-ban" class="table-of-contents__link toc-highlight">3. Temporary Ban</a></li><li><a href="#4-permanent-ban" class="table-of-contents__link toc-highlight">4. Permanent Ban</a></li></ul></li><li><a href="#attribution" class="table-of-contents__link toc-highlight">Attribution</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x/contributing.html b/website/v0.1.x/contributing.html
index 3904cea1..8900eccd 100644
--- a/website/v0.1.x/contributing.html
+++ b/website/v0.1.x/contributing.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -27,7 +27,7 @@
 personal information I submit with it, including my sign-off) is
 maintained indefinitely and may be redistributed consistent with
 this project or the open source license(s) involved.</p></blockquote><p>Contributors <em>sign-off</em> that they adhere to these requirements by adding a <code>Signed-off-by</code> line to commit messages.</p><div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">This is my commit message</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">Signed-off-by: Random J Developer &lt;random@developer.example.org&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Git even has a <code>-s</code> command line option to append this automatically to your commit message:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit -s -m </span><span class="token string" style="color:#e3116c">&#x27;This is my commit message&#x27;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Pull requests that do not contain a valid <code>Signed-off-by</code> line cannot be merged.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="i-didnt-sign-my-commit-now-what">I didn&#x27;t sign my commit, now what?<a href="#i-didnt-sign-my-commit-now-what" class="hash-link" aria-label="Direct link to I didn&#x27;t sign my commit, now what?" title="Direct link to I didn&#x27;t sign my commit, now what?">​</a></h3><p>No worries - You can easily amend your commit with a sign-off and force push the change to your submitting branch:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> switch </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit --amend --no-edit --signoff</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> push --force-with-lease </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">remote-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="code-of-conduct">Code of Conduct<a href="#code-of-conduct" class="hash-link" aria-label="Direct link to Code of Conduct" title="Direct link to Code of Conduct">​</a></h2><p>This project has adopted the <a href="/copacetic/website/v0.1.x/code-of-conduct">Contributor Covenant Code of Conduct</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.1.x/faq"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">FAQ</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.1.x/code-of-conduct"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Code of Conduct</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#contributing-issues" class="table-of-contents__link toc-highlight">Contributing Issues</a></li><li><a href="#contributing-code" class="table-of-contents__link toc-highlight">Contributing Code</a><ul><li><a href="#getting-started" class="table-of-contents__link toc-highlight">Getting Started</a></li><li><a href="#visual-studio-code-development-container" class="table-of-contents__link toc-highlight">Visual Studio Code Development Container</a></li><li><a href="#tests" class="table-of-contents__link toc-highlight">Tests</a></li><li><a href="#pull-requests" class="table-of-contents__link toc-highlight">Pull Requests</a></li></ul></li><li><a href="#developer-certificate-of-origin-dco" class="table-of-contents__link toc-highlight">Developer Certificate of Origin (DCO)</a><ul><li><a href="#i-didnt-sign-my-commit-now-what" class="table-of-contents__link toc-highlight">I didn&#39;t sign my commit, now what?</a></li></ul></li><li><a href="#code-of-conduct" class="table-of-contents__link toc-highlight">Code of Conduct</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x/design.html b/website/v0.1.x/design.html
index 1198c9b6..55198e65 100644
--- a/website/v0.1.x/design.html
+++ b/website/v0.1.x/design.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.1.x">v0.1.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/design">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/design">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/design">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/design">v0.2.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.1.x/design">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.1.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.1.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/design">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Design</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.1.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Design</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-tenets">Design Tenets<a href="#design-tenets" class="hash-link" aria-label="Direct link to Design Tenets" title="Direct link to Design Tenets">​</a></h2><ul><li><p><strong>Copa is intended to accelerate container patching by eliminating waiting on base image dependency chains to update.</strong> This is a raison d’etre for the Copa project, so if we figured out a different way to patch containers that still relied on waiting for base images to be rebuilt and republished, we would consider spinning that off into a different project instead of making it part of Copa.</p></li><li><p><strong>Copa is intended to work with the existing ecosystem of container images.</strong> The project should have a strong preference for solutions that do not require image producers to create or modify their images in special ways to use Copa.</p></li><li><p><strong>Copa is intended to allow parties other than the image authors to address container vulnerabilities.</strong> Copa should require a minimum of special knowledge about the lineage and construction of an image from the user to patch it successfully.</p></li><li><p><strong>Copa is intended to do one thing well and be composable with other tools and processes.</strong> Copa does not have to be a universal multitool for container patching. For example, it is preferable that it integrates with popular container scanning tools rather than incorporating custom container scanning into the project itself. Similarly, it does not need to become a general container manipulation tool in the vein of crane.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-reasoning">Design Reasoning<a href="#design-reasoning" class="hash-link" aria-label="Direct link to Design Reasoning" title="Direct link to Design Reasoning">​</a></h2><p>The design of copa arises from the application of those tenets to the observed issues in previous efforts directly update container images via rebasing, for example, the experimental <a href="https://github.com/google/go-containerregistry/blob/main/cmd/crane/rebase.md" target="_blank" rel="noopener noreferrer"><code>crane rebase</code></a>:</p><ul><li><p>Rebasing requires that all actors involved in creation of the image are coordinated so that some layers can be switched out without breaking the image. Attempting to switch out layers in the container overlay structure is brittle because most existing containers are created by writing over shared configuration files and data stores in base images. For example, an <code>apt install</code> during image creation will overwrite the dpkg <code>status</code> file in the base image, which will mask any package updates in a rebased layer. Since many existing container scanners rely on the reported package status to find vulnerable package versions, this can cause new vulnerabilities to not be reported or for patched binaries not to be recognized by the scanners.</p><p>To avoid breaking integration with the existing container ecosystem, copa patches the filesystem bundle as a whole instead of as a collection of layers so that the resulting image state is consistent. This strategy also allows copa to patch vulnerabilties introduced at any layer in the image, including OS packages added in the app layers that is not addressed by a simple rebase. It also supports the core tenet of supporting patching without requiring coordination with all the publishers of the base images that a given image transitively depends on.</p></li><li><p>Rebasing also requires that the user knows <em>a priori</em> what base image (or transitive base image) is in the target image to determine which appropriate rebase image to use. This makes it very difficult for anyone not intimately involved with authoring the image from being able to remediate it, which is one of our tenets.</p><p>While it is possible to embed extra metadata or annotations into the target image to facilitate this base image (or transitive base image) lookup, that would require that the images to be patched be modified or created especially to support updates, which goes against another of our tenets to be able to patch images without requiring them to be customized explicitly for that purpose.</p><p>The design of copa addresses this by reframing the problem of updating containers and understanding the structure or lineage of a container image to the more specific problem of what packages in a given container image need to be updated. This allows copa to tap into the expertise embedded in the much more robust ecosystem for detecting and remediating vulnerabilities at the package level that already exists today. By making copa an additional remediation step that can be run after a container scan in existing workflows, we avoid both of those issues with an additional benefit: it incurs no additional work on the part of base image publishers to support patching of images based on their base images, the existing channels for publishing update packages is sufficient to service those container images as well.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="architecture">Architecture<a href="#architecture" class="hash-link" aria-label="Direct link to Architecture" title="Direct link to Architecture">​</a></h2><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>The requirements presented encourage an extensible model in order to support broad applicability. Specifically, there are two areas that the tool will need to accommodate multiple implementations to support more use cases:</p><ul><li>The data schema of various vulnerability scanners producing the input vulnerability report.</li><li>The state management of various package managers and process for applying patches appropriately through them.</li></ul><p>Effectively, <code>copa patch</code> can be considered a command that bridges an extensible <code>Parse</code> action with an extensible <code>Apply</code> action as illustrated in the diagram; the implementation can be thought of as an engine that uses this abstract Go interface to apply security update packages:</p><div class="language-go codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-go codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdatePackage </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Name    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Version </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdateManifest </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSType    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSVersion </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Arch      </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Updates   </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">UpdatePackage</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> ScanReportParser </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Parse</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">reportPath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">(</span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> PackageManager </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Apply</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">imagePath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> report </span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="implementation">Implementation<a href="#implementation" class="hash-link" aria-label="Direct link to Implementation" title="Direct link to Implementation">​</a></h2><img loading="lazy" title="buildkit graph execution" src="/copacetic/website/img/graph-execution.png" class="img_ev3q"><p><code>copa</code> is a pseudo-frontend to <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> implemented as a CLI tool. Effectively, instead of taking a container definition to create from scratch, it takes the reference to the target image to patch and a container scan report and builds a series of <a href="https://github.com/moby/buildkit/tree/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4#exploring-llb" target="_blank" rel="noopener noreferrer">LLB graphs</a> for buildkit to execute:</p><ol><li>Actions to probe the image as a filesystem bundle, for example, retrieving the package manager status in the image.<ul><li>Within each distribution type identified by the scanner report (e.g. Debian) there can be different ways of applying patches to the target image (e.g. distroless), which can be differentiated through these actions.</li></ul></li><li>Actions to fetch and deploy tools that can be injected into the target image to perform the patching.<ul><li>In cases where the package tools are not available in the target image, a standard version of the OS container matching the target image&#x27;s is used to stage the necessary tooling for patches.</li><li>In the case of distroless images for example, where there is no valid package status file in the target image, the tooling container is also used to pull down and process the necessary package updates for copy to the target image.</li><li>Although not pictured, this can also be used to obtain tools (e.g. busybox) to be used in the image probing stage as well.</li></ul></li><li>Actions to deploy the required patch packages to the target image.<ul><li><code>copa</code> integrates with buildkit at the API level because it uses the <a href="https://github.com/moby/buildkit/blob/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4/docs/merge%2Bdiff.md" target="_blank" rel="noopener noreferrer">diff and merge</a> graph operations directly so that it can stage all the necessary tooling in the target image while producing a resulting image that only contains the original image plus a new layer with all the deployed patches.</li></ul></li></ol><h2 class="anchor anchorWithStickyNavbar_LWe7" id="tradeoffs">Tradeoffs<a href="#tradeoffs" class="hash-link" aria-label="Direct link to Tradeoffs" title="Direct link to Tradeoffs">​</a></h2><ul><li>The core architectural choice of relying on packages as the unit of patching creates a couple of constraints:<ul><li>By relying on existing vulnerability scanner behavior that only detects vulnerabilities via presence/absence of vulnerable packages, copa is limited in the kinds of vulnerabilities it can address and false positive/negatives from scanners flow downstream to copa.</li><li>copa depends on individual package manager adapters to correctly deploy patches to the target images, but there is a long tail of compatibility issues that arise depending on the target image itself (e.g. outdated package manager config/keys, invalid/missing package graph, etc.). Overall, the maintenance cost of the project is expected to be non-trivial to address this.</li></ul></li><li>No support for windows containers given the dependency on buildkit.</li></ul></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.1.x/quick-start"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Quick Start</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.1.x/faq"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">FAQ</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#design-tenets" class="table-of-contents__link toc-highlight">Design Tenets</a></li><li><a href="#design-reasoning" class="table-of-contents__link toc-highlight">Design Reasoning</a></li><li><a href="#architecture" class="table-of-contents__link toc-highlight">Architecture</a></li><li><a href="#implementation" class="table-of-contents__link toc-highlight">Implementation</a></li><li><a href="#tradeoffs" class="table-of-contents__link toc-highlight">Tradeoffs</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x/faq.html b/website/v0.1.x/faq.html
index 7d2c44ca..f496645a 100644
--- a/website/v0.1.x/faq.html
+++ b/website/v0.1.x/faq.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.1.x">v0.1.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/faq">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/faq">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/faq">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/faq">v0.2.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.1.x/faq">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.1.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.1.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/faq">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">FAQ</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.1.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>FAQ</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-kind-of-vulnerabilities-can-copa-patch">What kind of vulnerabilities can Copa patch?<a href="#what-kind-of-vulnerabilities-can-copa-patch" class="hash-link" aria-label="Direct link to What kind of vulnerabilities can Copa patch?" title="Direct link to What kind of vulnerabilities can Copa patch?">​</a></h2><p>Copa is capable of patching &quot;OS level&quot; vulnerabilities. This includes packages (like <code>openssl</code>) in the image that are managed by a package manager such as <code>apt</code> or <code>yum</code>. Copa is not currently capable of patching vulnerabilities at the &quot;application level&quot; such as Python packages or Go modules.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.1.x/design"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Design</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.1.x/contributing"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#what-kind-of-vulnerabilities-can-copa-patch" class="table-of-contents__link toc-highlight">What kind of vulnerabilities can Copa patch?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x/installation.html b/website/v0.1.x/installation.html
index 8e8b7da2..fa1238a1 100644
--- a/website/v0.1.x/installation.html
+++ b/website/v0.1.x/installation.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.1.x">v0.1.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/installation">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/installation">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/installation">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/installation">v0.2.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.1.x/installation">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.1.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.1.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/installation">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Installation</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.1.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Installation</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="homebrew">Homebrew<a href="#homebrew" class="hash-link" aria-label="Direct link to Homebrew" title="Direct link to Homebrew">​</a></h2><p>On macOS and Linux, <code>copa</code> can be installed via <a href="https://brew.sh/" target="_blank" rel="noopener noreferrer">Homebrew</a>:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">brew </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> copa</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="github">GitHub<a href="#github" class="hash-link" aria-label="Direct link to GitHub" title="Direct link to GitHub">​</a></h2><p>You can download the latest and previous versions of <code>copa</code> from the <a href="https://github.com/project-copacetic/copacetic/releases" target="_blank" rel="noopener noreferrer">GitHub releases page</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="development-setup">Development Setup<a href="#development-setup" class="hash-link" aria-label="Direct link to Development Setup" title="Direct link to Development Setup">​</a></h2><p>The following instructions are for <strong>Ubuntu 22.04</strong> with the dependency versions supported as part of the <a href="/copacetic/website/v0.1.x/contributing#visual-studio-code-development-container">dev container</a> environment we use for builds and tests. For other distributions and OS, refer to the appropriate installation instructions for each of the components instead.</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> clone https://github.com/project-copacetic/copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">cd</span><span class="token plain"> copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">make</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># OPTIONAL: install copa to a pathed folder</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">mv</span><span class="token plain"> dist/linux_amd64/release/copa /usr/local/bin/</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.1.x"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Introduction</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.1.x/quick-start"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Quick Start</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#homebrew" class="table-of-contents__link toc-highlight">Homebrew</a></li><li><a href="#github" class="table-of-contents__link toc-highlight">GitHub</a></li><li><a href="#development-setup" class="table-of-contents__link toc-highlight">Development Setup</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.1.x/quick-start.html b/website/v0.1.x/quick-start.html
index 681bfa5a..6e02ba2d 100644
--- a/website/v0.1.x/quick-start.html
+++ b/website/v0.1.x/quick-start.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -15,7 +15,7 @@
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.1.x">v0.1.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/quick-start">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/quick-start">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/quick-start">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/quick-start">v0.2.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.1.x/quick-start">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.1.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.1.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.1.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/quick-start">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Quick Start</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.1.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Quick Start</h1></header><p>This sample illustrates how to patch containers using vulnerability reports with <code>copa</code>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="prerequisites">Prerequisites<a href="#prerequisites" class="hash-link" aria-label="Direct link to Prerequisites" title="Direct link to Prerequisites">​</a></h2><ul><li>An Ubuntu 22.04 VM configured through the <a href="/copacetic/website/v0.1.x/installation">setup instructions</a> or a VSCode <a href="/copacetic/website/v0.1.x/contributing#visual-studio-code-development-container">devcontainer</a> environment. This includes:<ul><li><code>copa</code> tool <a href="/copacetic/website/v0.1.x/installation">built &amp; pathed</a>.</li><li><a href="https://github.com/moby/buildkit/#quick-start" target="_blank" rel="noopener noreferrer">buildkit</a> daemon installed &amp; pathed.</li><li><a href="https://docs.docker.com/desktop/linux/install/#generic-installation-steps" target="_blank" rel="noopener noreferrer">docker</a> daemon running and CLI installed &amp; pathed.</li><li><a href="https://aquasecurity.github.io/trivy/latest/getting-started/installation/" target="_blank" rel="noopener noreferrer">trivy CLI</a> installed &amp; pathed.</li></ul></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="sample-steps">Sample Steps<a href="#sample-steps" class="hash-link" aria-label="Direct link to Sample Steps" title="Direct link to Sample Steps">​</a></h2><ol><li><p>Scan the container image for patchable OS vulnerabilities, outputting the results to a JSON file:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6.json docker.io/library/nginx:1.21.6</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also see the existing patchable vulnerabilities in table form on the shell with:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Patch the image using the Trivy report. You will need to start <code>buildkitd</code> if it is not already running:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> buildkitd </span><span class="token operator" style="color:#393A34">&amp;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Alternatively, you can run <code>buildkitd</code> in a container, which allows copa to be run without root access to the local buildkit socket:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token builtin class-name">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#36acaa">BUILDKIT_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">v0.11.4</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#36acaa">BUILDKIT_PORT</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">8888</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --detach </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --rm </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --privileged </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -p </span><span class="token number" style="color:#36acaa">127.0</span><span class="token plain">.0.1:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token builtin class-name">:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token plain">/tcp </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --name buildkitd </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --entrypoint buildkitd </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token string" style="color:#e3116c">&quot;moby/buildkit:</span><span class="token string variable" style="color:#36acaa">$BUILDKIT_VERSION</span><span class="token string" style="color:#e3116c">&quot;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --addr tcp://0.0.0.0:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -i docker.io/library/nginx:1.21.6 </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -r nginx.1.21.6.json </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -a tcp://0.0.0.0:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In either case, <code>copa</code> is non-destructive and exports a new image with the specified <code>1.21.6-patched</code> label to the local Docker daemon.</p><blockquote><p><strong>NOTE:</strong> if you&#x27;re running this sample against an image from a private registry instead,
 ensure that the credentials are configured in the default Docker config.json before running <code>copa patch</code>,
 for example, via <code>sudo docker login -u &lt;user&gt; -p &lt;password&gt; &lt;registry&gt;</code>.</p></blockquote></li><li><p>Scan the patched image and verify that the vulnerabilities have been patched:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also inspect the structure of the patched image with <code>docker history</code> to see the new patch layer appended to the image:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">history</span><span class="token plain"> docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">IMAGE          CREATED        CREATED BY                                      SIZE      COMMENT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">a372df41e06d   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain"> minute ago   </span><span class="token function" style="color:#d73a49">mount</span><span class="token plain"> / from </span><span class="token builtin class-name">exec</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">sh</span><span class="token plain"> -c </span><span class="token function" style="color:#d73a49">apt</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> --no-ins…   </span><span class="token number" style="color:#36acaa">26</span><span class="token plain">.1MB    buildkit.exporter.image.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   CMD </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;nginx&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;-g&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;daemon off;&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   EXPOSE map</span><span class="token punctuation" style="color:#393A34">[</span><span class="token number" style="color:#36acaa">80</span><span class="token plain">/tcp:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENTRYPOINT </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;/docker-entrypoint.sh&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">            0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">30</span><span class="token plain">-tune-worker-processes.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">4</span><span class="token plain">.61kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">20</span><span class="token plain">-envsubst-on-templates.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.04kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh /docker…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.96kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY docker-entrypoint.sh / </span><span class="token comment" style="color:#999988;font-style:italic"># buildkit          1.2kB     buildkit.dockerfile.v0</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   RUN /bin/sh -c </span><span class="token builtin class-name">set</span><span class="token plain"> -x     </span><span class="token operator" style="color:#393A34">&amp;&amp;</span><span class="token plain"> addgroup --syst…   </span><span class="token number" style="color:#36acaa">61</span><span class="token plain">.1MB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">PKG_RELEASE</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1</span><span class="token plain">~bullseye                      0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NJS_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">0.7</span><span class="token plain">.0                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NGINX_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1.20</span><span class="token plain">.2                        0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   LABEL </span><span class="token assign-left variable" style="color:#36acaa">maintainer</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">NGINX Docker Maintainers </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">d…   0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop)  CMD [&quot;bash&quot;]                 0B</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop) ADD file:09675d11695f65c55…   80.4MB</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Run the container to verify that the image has no regressions:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run -it --rm --name nginx-test docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Looking </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> shell scripts </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /docker-entrypoint.d/</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Configuration complete</span><span class="token punctuation" style="color:#393A34">;</span><span class="token plain"> ready </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> start up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: using the &quot;epoll&quot; event method</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: nginx/1.20.2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker processes</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 31</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 32</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 33</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 34</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 35</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 36</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 37</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 38</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">38</span><span class="token comment" style="color:#999988;font-style:italic">#38: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">36</span><span class="token comment" style="color:#999988;font-style:italic">#36: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">33</span><span class="token comment" style="color:#999988;font-style:italic">#33: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">32</span><span class="token comment" style="color:#999988;font-style:italic">#32: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">34</span><span class="token comment" style="color:#999988;font-style:italic">#34: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">35</span><span class="token comment" style="color:#999988;font-style:italic">#35: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">37</span><span class="token comment" style="color:#999988;font-style:italic">#37: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">31</span><span class="token comment" style="color:#999988;font-style:italic">#31: signal 28 (SIGWINCH) received</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can stop the container by opening a new shell instance and running: <code>docker stop nginx-test</code></p></li></ol></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.1.x/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installation</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.1.x/design"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Design</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#sample-steps" class="table-of-contents__link toc-highlight">Sample Steps</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x.html b/website/v0.2.x.html
index 3b424031..fdd5f123 100644
--- a/website/v0.2.x.html
+++ b/website/v0.2.x.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.2.x">v0.2.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.2.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.2.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Introduction</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.2.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><h1>Project Copacetic: Directly patch container image vulnerabilities</h1><p><code>copa</code> is a CLI tool written in <a href="https://golang.org" target="_blank" rel="noopener noreferrer">Go</a> and based on <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> that can be used to directly patch container images given the vulnerability scanning results from popular tools like <a href="https://github.com/aquasecurity/trivy" target="_blank" rel="noopener noreferrer">Trivy</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="why">Why?<a href="#why" class="hash-link" aria-label="Direct link to Why?" title="Direct link to Why?">​</a></h2><p>We needed the ability to patch containers quickly without going upstream for a full rebuild. As the window between <a href="https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/" target="_blank" rel="noopener noreferrer">vulnerability disclosure and active exploitation continues to narrow</a>, there is a growing operational need to patch critical security vulnerabilities in container images so they can be quickly redeployed into production. The need is especially acute when those vulnerabilities are:</p><ul><li>inherited from base images several levels deep and waiting on updated releases to percolate through the supply chain is not an option</li><li>found in 3rd party app images you don&#x27;t maintain with update cadences that don&#x27;t meet your security SLAs.</li></ul><img loading="lazy" title="direct image patching" src="/copacetic/website/img/direct-image-patching.png" class="img_ev3q"><p>In addition to filling the operational gap not met by left-shift security practices and tools, the ability of <code>copa</code> to patch a container without requiring a rebuild of the container image provides other benefits:</p><ul><li>Allows users other than the image publishers to also patch container images, such as DevSecOps engineers.</li><li>Reduces the storage and transmission costs of redistributing patched images by only creating an additional patch layer, instead of rebuilding the entire image which usually results in different layer hashes that break layer caching.</li><li>Reduces the turnaround time for patching a container image by not having to wait for base image updates and being a faster operation than a full image rebuild.</li><li>Reduces the complexity of patching the image from running a rebuild pipeline to running a single tool on the image.</li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how">How?<a href="#how" class="hash-link" aria-label="Direct link to How?" title="Direct link to How?">​</a></h2><p>The <code>copa</code> tool is an extensible engine that:</p><ol><li>Parses the needed update packages from the container image’s vulnerability report produced by a scanner like Trivy. New adapters can be written to accommodate more report formats.</li><li>Obtains and processes the needed update packages using the appropriate package manager tools such as apt, apk, etc. New adapters can be written to support more package managers.</li><li>Applies the resulting update binaries to the container image using buildkit.</li></ol><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>This approach is motivated by the core principles of making direct container patching broadly applicable and accessible:</p><ul><li><strong>Copa supports patching <em>existing</em> container images</strong>.<ul><li>Devs don&#x27;t need to build their images using specific tools or modify them in some way just to support container patching.</li></ul></li><li><strong>Copa works with the existing vulnerability scanning and mitigation ecosystems</strong>.<ul><li>Image publishers don&#x27;t need to create new workflows for container patching since Copa supports patching container images using the security update packages already being published today.</li><li>Consumers do not need to migrate to a new and potentially more limited support ecosystem for custom distros or change their container vulnerability scanning pipelines to include remediation, since Copa can be integrated seamlessly as an extra step to patch containers based on those scanning reports.</li></ul></li><li><strong>Copa reduces the technical expertise needed and waiting on dependencies needed to patch an image</strong>.<ul><li>For OS package vulnerabilities, no specialized knowledge about a specific image is needed to be patch it as Copa relies on the vulnerability remediation knowledge already embedded in the reports produced by popular container scanning tools today.</li></ul></li></ul><p>For more details, refer to the <a href="/copacetic/website/v0.2.x/design">copa design</a> documentation.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.2.x/installation"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Installation</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#why" class="table-of-contents__link toc-highlight">Why?</a></li><li><a href="#how" class="table-of-contents__link toc-highlight">How?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x/code-of-conduct.html b/website/v0.2.x/code-of-conduct.html
index 9eb91aba..1838ab4d 100644
--- a/website/v0.2.x/code-of-conduct.html
+++ b/website/v0.2.x/code-of-conduct.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -62,7 +62,7 @@
 <a href="https://github.com/mozilla/diversity" target="_blank" rel="noopener noreferrer">Mozilla&#x27;s code of conduct enforcement ladder</a>.</p><p>For answers to common questions about this code of conduct, see the FAQ at
 <a href="https://www.contributor-covenant.org/faq" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/faq</a>. Translations are available at
 <a href="https://www.contributor-covenant.org/translations" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/translations</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.2.x/contributing"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#our-pledge" class="table-of-contents__link toc-highlight">Our Pledge</a></li><li><a href="#our-standards" class="table-of-contents__link toc-highlight">Our Standards</a></li><li><a href="#enforcement-responsibilities" class="table-of-contents__link toc-highlight">Enforcement Responsibilities</a></li><li><a href="#scope" class="table-of-contents__link toc-highlight">Scope</a></li><li><a href="#enforcement" class="table-of-contents__link toc-highlight">Enforcement</a></li><li><a href="#enforcement-guidelines" class="table-of-contents__link toc-highlight">Enforcement Guidelines</a><ul><li><a href="#1-correction" class="table-of-contents__link toc-highlight">1. Correction</a></li><li><a href="#2-warning" class="table-of-contents__link toc-highlight">2. Warning</a></li><li><a href="#3-temporary-ban" class="table-of-contents__link toc-highlight">3. Temporary Ban</a></li><li><a href="#4-permanent-ban" class="table-of-contents__link toc-highlight">4. Permanent Ban</a></li></ul></li><li><a href="#attribution" class="table-of-contents__link toc-highlight">Attribution</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x/contributing.html b/website/v0.2.x/contributing.html
index 463e10a4..e6a937a6 100644
--- a/website/v0.2.x/contributing.html
+++ b/website/v0.2.x/contributing.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -27,7 +27,7 @@
 personal information I submit with it, including my sign-off) is
 maintained indefinitely and may be redistributed consistent with
 this project or the open source license(s) involved.</p></blockquote><p>Contributors <em>sign-off</em> that they adhere to these requirements by adding a <code>Signed-off-by</code> line to commit messages.</p><div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">This is my commit message</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">Signed-off-by: Random J Developer &lt;random@developer.example.org&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Git even has a <code>-s</code> command line option to append this automatically to your commit message:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit -s -m </span><span class="token string" style="color:#e3116c">&#x27;This is my commit message&#x27;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Pull requests that do not contain a valid <code>Signed-off-by</code> line cannot be merged.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="i-didnt-sign-my-commit-now-what">I didn&#x27;t sign my commit, now what?<a href="#i-didnt-sign-my-commit-now-what" class="hash-link" aria-label="Direct link to I didn&#x27;t sign my commit, now what?" title="Direct link to I didn&#x27;t sign my commit, now what?">​</a></h3><p>No worries - You can easily amend your commit with a sign-off and force push the change to your submitting branch:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> switch </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit --amend --no-edit --signoff</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> push --force-with-lease </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">remote-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="code-of-conduct">Code of Conduct<a href="#code-of-conduct" class="hash-link" aria-label="Direct link to Code of Conduct" title="Direct link to Code of Conduct">​</a></h2><p>This project has adopted the <a href="/copacetic/website/v0.2.x/code-of-conduct">Contributor Covenant Code of Conduct</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.2.x/faq"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">FAQ</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.2.x/code-of-conduct"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Code of Conduct</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#contributing-issues" class="table-of-contents__link toc-highlight">Contributing Issues</a></li><li><a href="#contributing-code" class="table-of-contents__link toc-highlight">Contributing Code</a><ul><li><a href="#getting-started" class="table-of-contents__link toc-highlight">Getting Started</a></li><li><a href="#visual-studio-code-development-container" class="table-of-contents__link toc-highlight">Visual Studio Code Development Container</a></li><li><a href="#tests" class="table-of-contents__link toc-highlight">Tests</a></li><li><a href="#pull-requests" class="table-of-contents__link toc-highlight">Pull Requests</a></li></ul></li><li><a href="#developer-certificate-of-origin-dco" class="table-of-contents__link toc-highlight">Developer Certificate of Origin (DCO)</a><ul><li><a href="#i-didnt-sign-my-commit-now-what" class="table-of-contents__link toc-highlight">I didn&#39;t sign my commit, now what?</a></li></ul></li><li><a href="#code-of-conduct" class="table-of-contents__link toc-highlight">Code of Conduct</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x/design.html b/website/v0.2.x/design.html
index dc874573..71d5bdb4 100644
--- a/website/v0.2.x/design.html
+++ b/website/v0.2.x/design.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.2.x">v0.2.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/design">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/design">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/design">v0.3.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.2.x/design">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/design">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.2.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.2.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/design">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Design</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.2.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Design</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-tenets">Design Tenets<a href="#design-tenets" class="hash-link" aria-label="Direct link to Design Tenets" title="Direct link to Design Tenets">​</a></h2><ul><li><p><strong>Copa is intended to accelerate container patching by eliminating waiting on base image dependency chains to update.</strong> This is a raison d’etre for the Copa project, so if we figured out a different way to patch containers that still relied on waiting for base images to be rebuilt and republished, we would consider spinning that off into a different project instead of making it part of Copa.</p></li><li><p><strong>Copa is intended to work with the existing ecosystem of container images.</strong> The project should have a strong preference for solutions that do not require image producers to create or modify their images in special ways to use Copa.</p></li><li><p><strong>Copa is intended to allow parties other than the image authors to address container vulnerabilities.</strong> Copa should require a minimum of special knowledge about the lineage and construction of an image from the user to patch it successfully.</p></li><li><p><strong>Copa is intended to do one thing well and be composable with other tools and processes.</strong> Copa does not have to be a universal multitool for container patching. For example, it is preferable that it integrates with popular container scanning tools rather than incorporating custom container scanning into the project itself. Similarly, it does not need to become a general container manipulation tool in the vein of crane.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-reasoning">Design Reasoning<a href="#design-reasoning" class="hash-link" aria-label="Direct link to Design Reasoning" title="Direct link to Design Reasoning">​</a></h2><p>The design of copa arises from the application of those tenets to the observed issues in previous efforts directly update container images via rebasing, for example, the experimental <a href="https://github.com/google/go-containerregistry/blob/main/cmd/crane/rebase.md" target="_blank" rel="noopener noreferrer"><code>crane rebase</code></a>:</p><ul><li><p>Rebasing requires that all actors involved in creation of the image are coordinated so that some layers can be switched out without breaking the image. Attempting to switch out layers in the container overlay structure is brittle because most existing containers are created by writing over shared configuration files and data stores in base images. For example, an <code>apt install</code> during image creation will overwrite the dpkg <code>status</code> file in the base image, which will mask any package updates in a rebased layer. Since many existing container scanners rely on the reported package status to find vulnerable package versions, this can cause new vulnerabilities to not be reported or for patched binaries not to be recognized by the scanners.</p><p>To avoid breaking integration with the existing container ecosystem, copa patches the filesystem bundle as a whole instead of as a collection of layers so that the resulting image state is consistent. This strategy also allows copa to patch vulnerabilties introduced at any layer in the image, including OS packages added in the app layers that is not addressed by a simple rebase. It also supports the core tenet of supporting patching without requiring coordination with all the publishers of the base images that a given image transitively depends on.</p></li><li><p>Rebasing also requires that the user knows <em>a priori</em> what base image (or transitive base image) is in the target image to determine which appropriate rebase image to use. This makes it very difficult for anyone not intimately involved with authoring the image from being able to remediate it, which is one of our tenets.</p><p>While it is possible to embed extra metadata or annotations into the target image to facilitate this base image (or transitive base image) lookup, that would require that the images to be patched be modified or created especially to support updates, which goes against another of our tenets to be able to patch images without requiring them to be customized explicitly for that purpose.</p><p>The design of copa addresses this by reframing the problem of updating containers and understanding the structure or lineage of a container image to the more specific problem of what packages in a given container image need to be updated. This allows copa to tap into the expertise embedded in the much more robust ecosystem for detecting and remediating vulnerabilities at the package level that already exists today. By making copa an additional remediation step that can be run after a container scan in existing workflows, we avoid both of those issues with an additional benefit: it incurs no additional work on the part of base image publishers to support patching of images based on their base images, the existing channels for publishing update packages is sufficient to service those container images as well.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="architecture">Architecture<a href="#architecture" class="hash-link" aria-label="Direct link to Architecture" title="Direct link to Architecture">​</a></h2><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>The requirements presented encourage an extensible model in order to support broad applicability. Specifically, there are two areas that the tool will need to accommodate multiple implementations to support more use cases:</p><ul><li>The data schema of various vulnerability scanners producing the input vulnerability report.</li><li>The state management of various package managers and process for applying patches appropriately through them.</li></ul><p>Effectively, <code>copa patch</code> can be considered a command that bridges an extensible <code>Parse</code> action with an extensible <code>Apply</code> action as illustrated in the diagram; the implementation can be thought of as an engine that uses this abstract Go interface to apply security update packages:</p><div class="language-go codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-go codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdatePackage </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Name    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Version </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdateManifest </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSType    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSVersion </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Arch      </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Updates   </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">UpdatePackage</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> ScanReportParser </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Parse</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">reportPath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">(</span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> PackageManager </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Apply</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">imagePath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> report </span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="implementation">Implementation<a href="#implementation" class="hash-link" aria-label="Direct link to Implementation" title="Direct link to Implementation">​</a></h2><img loading="lazy" title="buildkit graph execution" src="/copacetic/website/img/graph-execution.png" class="img_ev3q"><p><code>copa</code> is a pseudo-frontend to <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> implemented as a CLI tool. Effectively, instead of taking a container definition to create from scratch, it takes the reference to the target image to patch and a container scan report and builds a series of <a href="https://github.com/moby/buildkit/tree/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4#exploring-llb" target="_blank" rel="noopener noreferrer">LLB graphs</a> for buildkit to execute:</p><ol><li>Actions to probe the image as a filesystem bundle, for example, retrieving the package manager status in the image.<ul><li>Within each distribution type identified by the scanner report (e.g. Debian) there can be different ways of applying patches to the target image (e.g. distroless), which can be differentiated through these actions.</li></ul></li><li>Actions to fetch and deploy tools that can be injected into the target image to perform the patching.<ul><li>In cases where the package tools are not available in the target image, a standard version of the OS container matching the target image&#x27;s is used to stage the necessary tooling for patches.</li><li>In the case of distroless images for example, where there is no valid package status file in the target image, the tooling container is also used to pull down and process the necessary package updates for copy to the target image.</li><li>Although not pictured, this can also be used to obtain tools (e.g. busybox) to be used in the image probing stage as well.</li></ul></li><li>Actions to deploy the required patch packages to the target image.<ul><li><code>copa</code> integrates with buildkit at the API level because it uses the <a href="https://github.com/moby/buildkit/blob/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4/docs/merge%2Bdiff.md" target="_blank" rel="noopener noreferrer">diff and merge</a> graph operations directly so that it can stage all the necessary tooling in the target image while producing a resulting image that only contains the original image plus a new layer with all the deployed patches.</li></ul></li></ol><h2 class="anchor anchorWithStickyNavbar_LWe7" id="tradeoffs">Tradeoffs<a href="#tradeoffs" class="hash-link" aria-label="Direct link to Tradeoffs" title="Direct link to Tradeoffs">​</a></h2><ul><li>The core architectural choice of relying on packages as the unit of patching creates a couple of constraints:<ul><li>By relying on existing vulnerability scanner behavior that only detects vulnerabilities via presence/absence of vulnerable packages, copa is limited in the kinds of vulnerabilities it can address and false positive/negatives from scanners flow downstream to copa.</li><li>copa depends on individual package manager adapters to correctly deploy patches to the target images, but there is a long tail of compatibility issues that arise depending on the target image itself (e.g. outdated package manager config/keys, invalid/missing package graph, etc.). Overall, the maintenance cost of the project is expected to be non-trivial to address this.</li></ul></li><li>No support for windows containers given the dependency on buildkit.</li></ul></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.2.x/quick-start"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Quick Start</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.2.x/faq"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">FAQ</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#design-tenets" class="table-of-contents__link toc-highlight">Design Tenets</a></li><li><a href="#design-reasoning" class="table-of-contents__link toc-highlight">Design Reasoning</a></li><li><a href="#architecture" class="table-of-contents__link toc-highlight">Architecture</a></li><li><a href="#implementation" class="table-of-contents__link toc-highlight">Implementation</a></li><li><a href="#tradeoffs" class="table-of-contents__link toc-highlight">Tradeoffs</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x/faq.html b/website/v0.2.x/faq.html
index 0f62c6cc..c1e66708 100644
--- a/website/v0.2.x/faq.html
+++ b/website/v0.2.x/faq.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.2.x">v0.2.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/faq">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/faq">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/faq">v0.3.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.2.x/faq">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/faq">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.2.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.2.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/faq">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">FAQ</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.2.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>FAQ</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-kind-of-vulnerabilities-can-copa-patch">What kind of vulnerabilities can Copa patch?<a href="#what-kind-of-vulnerabilities-can-copa-patch" class="hash-link" aria-label="Direct link to What kind of vulnerabilities can Copa patch?" title="Direct link to What kind of vulnerabilities can Copa patch?">​</a></h2><p>Copa is capable of patching &quot;OS level&quot; vulnerabilities. This includes packages (like <code>openssl</code>) in the image that are managed by a package manager such as <code>apt</code> or <code>yum</code>. Copa is not currently capable of patching vulnerabilities at the &quot;application level&quot; such as Python packages or Go modules.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.2.x/design"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Design</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.2.x/contributing"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#what-kind-of-vulnerabilities-can-copa-patch" class="table-of-contents__link toc-highlight">What kind of vulnerabilities can Copa patch?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x/installation.html b/website/v0.2.x/installation.html
index 0c8f639d..7a273fb3 100644
--- a/website/v0.2.x/installation.html
+++ b/website/v0.2.x/installation.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.2.x">v0.2.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/installation">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/installation">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/installation">v0.3.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.2.x/installation">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/installation">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.2.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.2.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/installation">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Installation</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.2.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Installation</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="homebrew">Homebrew<a href="#homebrew" class="hash-link" aria-label="Direct link to Homebrew" title="Direct link to Homebrew">​</a></h2><p>On macOS and Linux, <code>copa</code> can be installed via <a href="https://brew.sh/" target="_blank" rel="noopener noreferrer">Homebrew</a>:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">brew </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> copa</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="github">GitHub<a href="#github" class="hash-link" aria-label="Direct link to GitHub" title="Direct link to GitHub">​</a></h2><p>You can download the latest and previous versions of <code>copa</code> from the <a href="https://github.com/project-copacetic/copacetic/releases" target="_blank" rel="noopener noreferrer">GitHub releases page</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="development-setup">Development Setup<a href="#development-setup" class="hash-link" aria-label="Direct link to Development Setup" title="Direct link to Development Setup">​</a></h2><p>The following instructions are for <strong>Ubuntu 22.04</strong> with the dependency versions supported as part of the <a href="/copacetic/website/v0.2.x/contributing#visual-studio-code-development-container">dev container</a> environment we use for builds and tests. For other distributions and OS, refer to the appropriate installation instructions for each of the components instead.</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> clone https://github.com/project-copacetic/copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">cd</span><span class="token plain"> copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">make</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># OPTIONAL: install copa to a pathed folder</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">mv</span><span class="token plain"> dist/linux_amd64/release/copa /usr/local/bin/</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.2.x"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Introduction</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.2.x/quick-start"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Quick Start</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#homebrew" class="table-of-contents__link toc-highlight">Homebrew</a></li><li><a href="#github" class="table-of-contents__link toc-highlight">GitHub</a></li><li><a href="#development-setup" class="table-of-contents__link toc-highlight">Development Setup</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.2.x/quick-start.html b/website/v0.2.x/quick-start.html
index ae040ddb..1d578942 100644
--- a/website/v0.2.x/quick-start.html
+++ b/website/v0.2.x/quick-start.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -15,7 +15,7 @@
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.2.x">v0.2.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/quick-start">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/quick-start">v0.4.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.3.x/quick-start">v0.3.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.2.x/quick-start">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/quick-start">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.2.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.2.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.2.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/quick-start">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Quick Start</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.2.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Quick Start</h1></header><p>This sample illustrates how to patch containers using vulnerability reports with <code>copa</code>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="prerequisites">Prerequisites<a href="#prerequisites" class="hash-link" aria-label="Direct link to Prerequisites" title="Direct link to Prerequisites">​</a></h2><ul><li>An Ubuntu 22.04 VM configured through the <a href="/copacetic/website/v0.2.x/installation">setup instructions</a> or a VSCode <a href="/copacetic/website/v0.2.x/contributing#visual-studio-code-development-container">devcontainer</a> environment. This includes:<ul><li><code>copa</code> tool <a href="/copacetic/website/v0.2.x/installation">built &amp; pathed</a>.</li><li><a href="https://github.com/moby/buildkit/#quick-start" target="_blank" rel="noopener noreferrer">buildkit</a> daemon installed &amp; pathed.</li><li><a href="https://docs.docker.com/desktop/linux/install/#generic-installation-steps" target="_blank" rel="noopener noreferrer">docker</a> daemon running and CLI installed &amp; pathed.</li><li><a href="https://aquasecurity.github.io/trivy/latest/getting-started/installation/" target="_blank" rel="noopener noreferrer">trivy CLI</a> installed &amp; pathed.</li></ul></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="sample-steps">Sample Steps<a href="#sample-steps" class="hash-link" aria-label="Direct link to Sample Steps" title="Direct link to Sample Steps">​</a></h2><ol><li><p>Scan the container image for patchable OS vulnerabilities, outputting the results to a JSON file:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6.json docker.io/library/nginx:1.21.6</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also see the existing patchable vulnerabilities in table form on the shell with:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Patch the image using the Trivy report. You will need to start <code>buildkitd</code> if it is not already running:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> buildkitd </span><span class="token operator" style="color:#393A34">&amp;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Alternatively, you can run <code>buildkitd</code> in a container, which allows copa to be run without root access to the local buildkit socket:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token builtin class-name">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#36acaa">BUILDKIT_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">v0.11.4</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#36acaa">BUILDKIT_PORT</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">8888</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --detach </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --rm </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --privileged </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -p </span><span class="token number" style="color:#36acaa">127.0</span><span class="token plain">.0.1:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token builtin class-name">:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token plain">/tcp </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --name buildkitd </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --entrypoint buildkitd </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token string" style="color:#e3116c">&quot;moby/buildkit:</span><span class="token string variable" style="color:#36acaa">$BUILDKIT_VERSION</span><span class="token string" style="color:#e3116c">&quot;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --addr tcp://0.0.0.0:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -i docker.io/library/nginx:1.21.6 </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -r nginx.1.21.6.json </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -a tcp://0.0.0.0:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In either case, <code>copa</code> is non-destructive and exports a new image with the specified <code>1.21.6-patched</code> label to the local Docker daemon.</p><blockquote><p><strong>NOTE:</strong> if you&#x27;re running this sample against an image from a private registry instead,
 ensure that the credentials are configured in the default Docker config.json before running <code>copa patch</code>,
 for example, via <code>sudo docker login -u &lt;user&gt; -p &lt;password&gt; &lt;registry&gt;</code>.</p></blockquote></li><li><p>Scan the patched image and verify that the vulnerabilities have been patched:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also inspect the structure of the patched image with <code>docker history</code> to see the new patch layer appended to the image:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">history</span><span class="token plain"> docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">IMAGE          CREATED        CREATED BY                                      SIZE      COMMENT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">a372df41e06d   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain"> minute ago   </span><span class="token function" style="color:#d73a49">mount</span><span class="token plain"> / from </span><span class="token builtin class-name">exec</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">sh</span><span class="token plain"> -c </span><span class="token function" style="color:#d73a49">apt</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> --no-ins…   </span><span class="token number" style="color:#36acaa">26</span><span class="token plain">.1MB    buildkit.exporter.image.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   CMD </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;nginx&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;-g&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;daemon off;&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   EXPOSE map</span><span class="token punctuation" style="color:#393A34">[</span><span class="token number" style="color:#36acaa">80</span><span class="token plain">/tcp:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENTRYPOINT </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;/docker-entrypoint.sh&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">            0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">30</span><span class="token plain">-tune-worker-processes.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">4</span><span class="token plain">.61kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">20</span><span class="token plain">-envsubst-on-templates.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.04kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh /docker…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.96kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY docker-entrypoint.sh / </span><span class="token comment" style="color:#999988;font-style:italic"># buildkit          1.2kB     buildkit.dockerfile.v0</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   RUN /bin/sh -c </span><span class="token builtin class-name">set</span><span class="token plain"> -x     </span><span class="token operator" style="color:#393A34">&amp;&amp;</span><span class="token plain"> addgroup --syst…   </span><span class="token number" style="color:#36acaa">61</span><span class="token plain">.1MB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">PKG_RELEASE</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1</span><span class="token plain">~bullseye                      0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NJS_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">0.7</span><span class="token plain">.0                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NGINX_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1.20</span><span class="token plain">.2                        0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   LABEL </span><span class="token assign-left variable" style="color:#36acaa">maintainer</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">NGINX Docker Maintainers </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">d…   0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop)  CMD [&quot;bash&quot;]                 0B</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop) ADD file:09675d11695f65c55…   80.4MB</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Run the container to verify that the image has no regressions:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run -it --rm --name nginx-test docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Looking </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> shell scripts </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /docker-entrypoint.d/</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Configuration complete</span><span class="token punctuation" style="color:#393A34">;</span><span class="token plain"> ready </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> start up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: using the &quot;epoll&quot; event method</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: nginx/1.20.2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker processes</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 31</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 32</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 33</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 34</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 35</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 36</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 37</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 38</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">38</span><span class="token comment" style="color:#999988;font-style:italic">#38: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">36</span><span class="token comment" style="color:#999988;font-style:italic">#36: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">33</span><span class="token comment" style="color:#999988;font-style:italic">#33: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">32</span><span class="token comment" style="color:#999988;font-style:italic">#32: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">34</span><span class="token comment" style="color:#999988;font-style:italic">#34: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">35</span><span class="token comment" style="color:#999988;font-style:italic">#35: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">37</span><span class="token comment" style="color:#999988;font-style:italic">#37: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">31</span><span class="token comment" style="color:#999988;font-style:italic">#31: signal 28 (SIGWINCH) received</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can stop the container by opening a new shell instance and running: <code>docker stop nginx-test</code></p></li></ol></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.2.x/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installation</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.2.x/design"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Design</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#sample-steps" class="table-of-contents__link toc-highlight">Sample Steps</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x.html b/website/v0.3.x.html
index eb66429d..399c7b5c 100644
--- a/website/v0.3.x.html
+++ b/website/v0.3.x.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.3.x">v0.3.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/">v0.4.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.3.x">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.3.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.3.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Introduction</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.3.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><h1>Project Copacetic: Directly patch container image vulnerabilities</h1><p><code>copa</code> is a CLI tool written in <a href="https://golang.org" target="_blank" rel="noopener noreferrer">Go</a> and based on <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> that can be used to directly patch container images given the vulnerability scanning results from popular tools like <a href="https://github.com/aquasecurity/trivy" target="_blank" rel="noopener noreferrer">Trivy</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="why">Why?<a href="#why" class="hash-link" aria-label="Direct link to Why?" title="Direct link to Why?">​</a></h2><p>We needed the ability to patch containers quickly without going upstream for a full rebuild. As the window between <a href="https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/" target="_blank" rel="noopener noreferrer">vulnerability disclosure and active exploitation continues to narrow</a>, there is a growing operational need to patch critical security vulnerabilities in container images so they can be quickly redeployed into production. The need is especially acute when those vulnerabilities are:</p><ul><li>inherited from base images several levels deep and waiting on updated releases to percolate through the supply chain is not an option</li><li>found in 3rd party app images you don&#x27;t maintain with update cadences that don&#x27;t meet your security SLAs.</li></ul><img loading="lazy" title="direct image patching" src="/copacetic/website/img/direct-image-patching.png" class="img_ev3q"><p>In addition to filling the operational gap not met by left-shift security practices and tools, the ability of <code>copa</code> to patch a container without requiring a rebuild of the container image provides other benefits:</p><ul><li>Allows users other than the image publishers to also patch container images, such as DevSecOps engineers.</li><li>Reduces the storage and transmission costs of redistributing patched images by only creating an additional patch layer, instead of rebuilding the entire image which usually results in different layer hashes that break layer caching.</li><li>Reduces the turnaround time for patching a container image by not having to wait for base image updates and being a faster operation than a full image rebuild.</li><li>Reduces the complexity of patching the image from running a rebuild pipeline to running a single tool on the image.</li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how">How?<a href="#how" class="hash-link" aria-label="Direct link to How?" title="Direct link to How?">​</a></h2><p>The <code>copa</code> tool is an extensible engine that:</p><ol><li>Parses the needed update packages from the container image’s vulnerability report produced by a scanner like Trivy. New adapters can be written to accommodate more report formats.</li><li>Obtains and processes the needed update packages using the appropriate package manager tools such as apt, apk, etc. New adapters can be written to support more package managers.</li><li>Applies the resulting update binaries to the container image using buildkit.</li></ol><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>This approach is motivated by the core principles of making direct container patching broadly applicable and accessible:</p><ul><li><strong>Copa supports patching <em>existing</em> container images</strong>.<ul><li>Devs don&#x27;t need to build their images using specific tools or modify them in some way just to support container patching.</li></ul></li><li><strong>Copa works with the existing vulnerability scanning and mitigation ecosystems</strong>.<ul><li>Image publishers don&#x27;t need to create new workflows for container patching since Copa supports patching container images using the security update packages already being published today.</li><li>Consumers do not need to migrate to a new and potentially more limited support ecosystem for custom distros or change their container vulnerability scanning pipelines to include remediation, since Copa can be integrated seamlessly as an extra step to patch containers based on those scanning reports.</li></ul></li><li><strong>Copa reduces the technical expertise needed and waiting on dependencies needed to patch an image</strong>.<ul><li>For OS package vulnerabilities, no specialized knowledge about a specific image is needed to be patch it as Copa relies on the vulnerability remediation knowledge already embedded in the reports produced by popular container scanning tools today.</li></ul></li></ul><p>For more details, refer to the <a href="/copacetic/website/v0.3.x/design">copa design</a> documentation.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.3.x/installation"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Installation</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#why" class="table-of-contents__link toc-highlight">Why?</a></li><li><a href="#how" class="table-of-contents__link toc-highlight">How?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x/code-of-conduct.html b/website/v0.3.x/code-of-conduct.html
index 6eaac5fd..9624461c 100644
--- a/website/v0.3.x/code-of-conduct.html
+++ b/website/v0.3.x/code-of-conduct.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -62,7 +62,7 @@
 <a href="https://github.com/mozilla/diversity" target="_blank" rel="noopener noreferrer">Mozilla&#x27;s code of conduct enforcement ladder</a>.</p><p>For answers to common questions about this code of conduct, see the FAQ at
 <a href="https://www.contributor-covenant.org/faq" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/faq</a>. Translations are available at
 <a href="https://www.contributor-covenant.org/translations" target="_blank" rel="noopener noreferrer">https://www.contributor-covenant.org/translations</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.3.x/contributing"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#our-pledge" class="table-of-contents__link toc-highlight">Our Pledge</a></li><li><a href="#our-standards" class="table-of-contents__link toc-highlight">Our Standards</a></li><li><a href="#enforcement-responsibilities" class="table-of-contents__link toc-highlight">Enforcement Responsibilities</a></li><li><a href="#scope" class="table-of-contents__link toc-highlight">Scope</a></li><li><a href="#enforcement" class="table-of-contents__link toc-highlight">Enforcement</a></li><li><a href="#enforcement-guidelines" class="table-of-contents__link toc-highlight">Enforcement Guidelines</a><ul><li><a href="#1-correction" class="table-of-contents__link toc-highlight">1. Correction</a></li><li><a href="#2-warning" class="table-of-contents__link toc-highlight">2. Warning</a></li><li><a href="#3-temporary-ban" class="table-of-contents__link toc-highlight">3. Temporary Ban</a></li><li><a href="#4-permanent-ban" class="table-of-contents__link toc-highlight">4. Permanent Ban</a></li></ul></li><li><a href="#attribution" class="table-of-contents__link toc-highlight">Attribution</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x/contributing.html b/website/v0.3.x/contributing.html
index cd5439fe..0b412c47 100644
--- a/website/v0.3.x/contributing.html
+++ b/website/v0.3.x/contributing.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -27,7 +27,7 @@
 personal information I submit with it, including my sign-off) is
 maintained indefinitely and may be redistributed consistent with
 this project or the open source license(s) involved.</p></blockquote><p>Contributors <em>sign-off</em> that they adhere to these requirements by adding a <code>Signed-off-by</code> line to commit messages.</p><div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">This is my commit message</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">Signed-off-by: Random J Developer &lt;random@developer.example.org&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Git even has a <code>-s</code> command line option to append this automatically to your commit message:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit -s -m </span><span class="token string" style="color:#e3116c">&#x27;This is my commit message&#x27;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Pull requests that do not contain a valid <code>Signed-off-by</code> line cannot be merged.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="i-didnt-sign-my-commit-now-what">I didn&#x27;t sign my commit, now what?<a href="#i-didnt-sign-my-commit-now-what" class="hash-link" aria-label="Direct link to I didn&#x27;t sign my commit, now what?" title="Direct link to I didn&#x27;t sign my commit, now what?">​</a></h3><p>No worries - You can easily amend your commit with a sign-off and force push the change to your submitting branch:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> switch </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> commit --amend --no-edit --signoff</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">git</span><span class="token plain"> push --force-with-lease </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">remote-name</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">branch-name</span><span class="token operator" style="color:#393A34">&gt;</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="code-of-conduct">Code of Conduct<a href="#code-of-conduct" class="hash-link" aria-label="Direct link to Code of Conduct" title="Direct link to Code of Conduct">​</a></h2><p>This project has adopted the <a href="/copacetic/website/v0.3.x/code-of-conduct">Contributor Covenant Code of Conduct</a>.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.3.x/faq"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">FAQ</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.3.x/code-of-conduct"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Code of Conduct</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#bi-weekly-community-meeting" class="table-of-contents__link toc-highlight">Bi-Weekly Community Meeting</a></li><li><a href="#slack" class="table-of-contents__link toc-highlight">Slack</a></li><li><a href="#contributing-issues" class="table-of-contents__link toc-highlight">Contributing Issues</a></li><li><a href="#contributing-code" class="table-of-contents__link toc-highlight">Contributing Code</a><ul><li><a href="#getting-started" class="table-of-contents__link toc-highlight">Getting Started</a></li><li><a href="#visual-studio-code-development-container" class="table-of-contents__link toc-highlight">Visual Studio Code Development Container</a></li><li><a href="#tests" class="table-of-contents__link toc-highlight">Tests</a></li><li><a href="#pull-requests" class="table-of-contents__link toc-highlight">Pull Requests</a></li></ul></li><li><a href="#developer-certificate-of-origin-dco" class="table-of-contents__link toc-highlight">Developer Certificate of Origin (DCO)</a><ul><li><a href="#i-didnt-sign-my-commit-now-what" class="table-of-contents__link toc-highlight">I didn&#39;t sign my commit, now what?</a></li></ul></li><li><a href="#code-of-conduct" class="table-of-contents__link toc-highlight">Code of Conduct</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x/design.html b/website/v0.3.x/design.html
index b53cc4b9..f7af803c 100644
--- a/website/v0.3.x/design.html
+++ b/website/v0.3.x/design.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.3.x">v0.3.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/design">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/design">v0.4.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.3.x/design">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/design">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/design">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.3.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.3.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/design">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Design</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.3.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Design</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-tenets">Design Tenets<a href="#design-tenets" class="hash-link" aria-label="Direct link to Design Tenets" title="Direct link to Design Tenets">​</a></h2><ul><li><p><strong>Copa is intended to accelerate container patching by eliminating waiting on base image dependency chains to update.</strong> This is a raison d’etre for the Copa project, so if we figured out a different way to patch containers that still relied on waiting for base images to be rebuilt and republished, we would consider spinning that off into a different project instead of making it part of Copa.</p></li><li><p><strong>Copa is intended to work with the existing ecosystem of container images.</strong> The project should have a strong preference for solutions that do not require image producers to create or modify their images in special ways to use Copa.</p></li><li><p><strong>Copa is intended to allow parties other than the image authors to address container vulnerabilities.</strong> Copa should require a minimum of special knowledge about the lineage and construction of an image from the user to patch it successfully.</p></li><li><p><strong>Copa is intended to do one thing well and be composable with other tools and processes.</strong> Copa does not have to be a universal multitool for container patching. For example, it is preferable that it integrates with popular container scanning tools rather than incorporating custom container scanning into the project itself. Similarly, it does not need to become a general container manipulation tool in the vein of crane.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="design-reasoning">Design Reasoning<a href="#design-reasoning" class="hash-link" aria-label="Direct link to Design Reasoning" title="Direct link to Design Reasoning">​</a></h2><p>The design of copa arises from the application of those tenets to the observed issues in previous efforts directly update container images via rebasing, for example, the experimental <a href="https://github.com/google/go-containerregistry/blob/main/cmd/crane/rebase.md" target="_blank" rel="noopener noreferrer"><code>crane rebase</code></a>:</p><ul><li><p>Rebasing requires that all actors involved in creation of the image are coordinated so that some layers can be switched out without breaking the image. Attempting to switch out layers in the container overlay structure is brittle because most existing containers are created by writing over shared configuration files and data stores in base images. For example, an <code>apt install</code> during image creation will overwrite the dpkg <code>status</code> file in the base image, which will mask any package updates in a rebased layer. Since many existing container scanners rely on the reported package status to find vulnerable package versions, this can cause new vulnerabilities to not be reported or for patched binaries not to be recognized by the scanners.</p><p>To avoid breaking integration with the existing container ecosystem, copa patches the filesystem bundle as a whole instead of as a collection of layers so that the resulting image state is consistent. This strategy also allows copa to patch vulnerabilties introduced at any layer in the image, including OS packages added in the app layers that is not addressed by a simple rebase. It also supports the core tenet of supporting patching without requiring coordination with all the publishers of the base images that a given image transitively depends on.</p></li><li><p>Rebasing also requires that the user knows <em>a priori</em> what base image (or transitive base image) is in the target image to determine which appropriate rebase image to use. This makes it very difficult for anyone not intimately involved with authoring the image from being able to remediate it, which is one of our tenets.</p><p>While it is possible to embed extra metadata or annotations into the target image to facilitate this base image (or transitive base image) lookup, that would require that the images to be patched be modified or created especially to support updates, which goes against another of our tenets to be able to patch images without requiring them to be customized explicitly for that purpose.</p><p>The design of copa addresses this by reframing the problem of updating containers and understanding the structure or lineage of a container image to the more specific problem of what packages in a given container image need to be updated. This allows copa to tap into the expertise embedded in the much more robust ecosystem for detecting and remediating vulnerabilities at the package level that already exists today. By making copa an additional remediation step that can be run after a container scan in existing workflows, we avoid both of those issues with an additional benefit: it incurs no additional work on the part of base image publishers to support patching of images based on their base images, the existing channels for publishing update packages is sufficient to service those container images as well.</p></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="architecture">Architecture<a href="#architecture" class="hash-link" aria-label="Direct link to Architecture" title="Direct link to Architecture">​</a></h2><img loading="lazy" title="report-driven vulnerability patching" src="/copacetic/website/img/vulnerability-patch.png" class="img_ev3q"><p>The requirements presented encourage an extensible model in order to support broad applicability. Specifically, there are two areas that the tool will need to accommodate multiple implementations to support more use cases:</p><ul><li>The data schema of various vulnerability scanners producing the input vulnerability report.</li><li>The state management of various package managers and process for applying patches appropriately through them.</li></ul><p>Effectively, <code>copa patch</code> can be considered a command that bridges an extensible <code>Parse</code> action with an extensible <code>Apply</code> action as illustrated in the diagram; the implementation can be thought of as an engine that uses this abstract Go interface to apply security update packages:</p><div class="language-go codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-go codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdatePackage </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Name    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Version </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> UpdateManifest </span><span class="token keyword" style="color:#00009f">struct</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSType    </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    OSVersion </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Arch      </span><span class="token builtin">string</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    Updates   </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">UpdatePackage</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> ScanReportParser </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Parse</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">reportPath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">(</span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">type</span><span class="token plain"> PackageManager </span><span class="token keyword" style="color:#00009f">interface</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token function" style="color:#d73a49">Apply</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">imagePath </span><span class="token builtin">string</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> report </span><span class="token operator" style="color:#393A34">*</span><span class="token plain">UpdateManifest</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token builtin">error</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="implementation">Implementation<a href="#implementation" class="hash-link" aria-label="Direct link to Implementation" title="Direct link to Implementation">​</a></h2><img loading="lazy" title="buildkit graph execution" src="/copacetic/website/img/graph-execution.png" class="img_ev3q"><p><code>copa</code> is a pseudo-frontend to <a href="https://github.com/moby/buildkit" target="_blank" rel="noopener noreferrer">buildkit</a> implemented as a CLI tool. Effectively, instead of taking a container definition to create from scratch, it takes the reference to the target image to patch and a container scan report and builds a series of <a href="https://github.com/moby/buildkit/tree/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4#exploring-llb" target="_blank" rel="noopener noreferrer">LLB graphs</a> for buildkit to execute:</p><ol><li>Actions to probe the image as a filesystem bundle, for example, retrieving the package manager status in the image.<ul><li>Within each distribution type identified by the scanner report (e.g. Debian) there can be different ways of applying patches to the target image (e.g. distroless), which can be differentiated through these actions.</li></ul></li><li>Actions to fetch and deploy tools that can be injected into the target image to perform the patching.<ul><li>In cases where the package tools are not available in the target image, a standard version of the OS container matching the target image&#x27;s is used to stage the necessary tooling for patches.</li><li>In the case of distroless images for example, where there is no valid package status file in the target image, the tooling container is also used to pull down and process the necessary package updates for copy to the target image.</li><li>Although not pictured, this can also be used to obtain tools (e.g. busybox) to be used in the image probing stage as well.</li></ul></li><li>Actions to deploy the required patch packages to the target image.<ul><li><code>copa</code> integrates with buildkit at the API level because it uses the <a href="https://github.com/moby/buildkit/blob/99f6199fa6f0c34dbb3acfa57e00b7189a6a79d4/docs/merge%2Bdiff.md" target="_blank" rel="noopener noreferrer">diff and merge</a> graph operations directly so that it can stage all the necessary tooling in the target image while producing a resulting image that only contains the original image plus a new layer with all the deployed patches.</li></ul></li></ol><h2 class="anchor anchorWithStickyNavbar_LWe7" id="tradeoffs">Tradeoffs<a href="#tradeoffs" class="hash-link" aria-label="Direct link to Tradeoffs" title="Direct link to Tradeoffs">​</a></h2><ul><li>The core architectural choice of relying on packages as the unit of patching creates a couple of constraints:<ul><li>By relying on existing vulnerability scanner behavior that only detects vulnerabilities via presence/absence of vulnerable packages, copa is limited in the kinds of vulnerabilities it can address and false positive/negatives from scanners flow downstream to copa.</li><li>copa depends on individual package manager adapters to correctly deploy patches to the target images, but there is a long tail of compatibility issues that arise depending on the target image itself (e.g. outdated package manager config/keys, invalid/missing package graph, etc.). Overall, the maintenance cost of the project is expected to be non-trivial to address this.</li></ul></li><li>No support for windows containers given the dependency on buildkit.</li></ul></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.3.x/quick-start"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Quick Start</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.3.x/faq"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">FAQ</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#design-tenets" class="table-of-contents__link toc-highlight">Design Tenets</a></li><li><a href="#design-reasoning" class="table-of-contents__link toc-highlight">Design Reasoning</a></li><li><a href="#architecture" class="table-of-contents__link toc-highlight">Architecture</a></li><li><a href="#implementation" class="table-of-contents__link toc-highlight">Implementation</a></li><li><a href="#tradeoffs" class="table-of-contents__link toc-highlight">Tradeoffs</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x/faq.html b/website/v0.3.x/faq.html
index f1f08026..de871774 100644
--- a/website/v0.3.x/faq.html
+++ b/website/v0.3.x/faq.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.3.x">v0.3.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/faq">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/faq">v0.4.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.3.x/faq">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/faq">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/faq">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.3.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.3.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/faq">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">FAQ</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.3.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>FAQ</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-kind-of-vulnerabilities-can-copa-patch">What kind of vulnerabilities can Copa patch?<a href="#what-kind-of-vulnerabilities-can-copa-patch" class="hash-link" aria-label="Direct link to What kind of vulnerabilities can Copa patch?" title="Direct link to What kind of vulnerabilities can Copa patch?">​</a></h2><p>Copa is capable of patching &quot;OS level&quot; vulnerabilities. This includes packages (like <code>openssl</code>) in the image that are managed by a package manager such as <code>apt</code> or <code>yum</code>. Copa is not currently capable of patching vulnerabilities at the &quot;application level&quot; such as Python packages or Go modules.</p></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.3.x/design"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Design</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.3.x/contributing"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Contributing</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#what-kind-of-vulnerabilities-can-copa-patch" class="table-of-contents__link toc-highlight">What kind of vulnerabilities can Copa patch?</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x/installation.html b/website/v0.3.x/installation.html
index 020e46ef..aa519a9f 100644
--- a/website/v0.3.x/installation.html
+++ b/website/v0.3.x/installation.html
@@ -7,13 +7,13 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.3.x">v0.3.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/installation">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/installation">v0.4.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.3.x/installation">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/installation">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/installation">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.3.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.3.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/installation">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Installation</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.3.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Installation</h1></header><h2 class="anchor anchorWithStickyNavbar_LWe7" id="homebrew">Homebrew<a href="#homebrew" class="hash-link" aria-label="Direct link to Homebrew" title="Direct link to Homebrew">​</a></h2><p>On macOS and Linux, <code>copa</code> can be installed via <a href="https://brew.sh/" target="_blank" rel="noopener noreferrer">Homebrew</a>:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">brew </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> copa</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h2 class="anchor anchorWithStickyNavbar_LWe7" id="github">GitHub<a href="#github" class="hash-link" aria-label="Direct link to GitHub" title="Direct link to GitHub">​</a></h2><p>You can download the latest and previous versions of <code>copa</code> from the <a href="https://github.com/project-copacetic/copacetic/releases" target="_blank" rel="noopener noreferrer">GitHub releases page</a>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="development-setup">Development Setup<a href="#development-setup" class="hash-link" aria-label="Direct link to Development Setup" title="Direct link to Development Setup">​</a></h2><p>The following instructions are for <strong>Ubuntu 22.04</strong> with the dependency versions supported as part of the <a href="/copacetic/website/v0.3.x/contributing#visual-studio-code-development-container">dev container</a> environment we use for builds and tests. For other distributions and OS, refer to the appropriate installation instructions for each of the components instead.</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">git</span><span class="token plain"> clone https://github.com/project-copacetic/copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">cd</span><span class="token plain"> copacetic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">make</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># OPTIONAL: install copa to a pathed folder</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">mv</span><span class="token plain"> dist/linux_amd64/release/copa /usr/local/bin/</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.3.x"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Introduction</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.3.x/quick-start"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Quick Start</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#homebrew" class="table-of-contents__link toc-highlight">Homebrew</a></li><li><a href="#github" class="table-of-contents__link toc-highlight">GitHub</a></li><li><a href="#development-setup" class="table-of-contents__link toc-highlight">Development Setup</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/website/v0.3.x/quick-start.html b/website/v0.3.x/quick-start.html
index f7d45131..46f8b329 100644
--- a/website/v0.3.x/quick-start.html
+++ b/website/v0.3.x/quick-start.html
@@ -7,7 +7,7 @@
 <link rel="preconnect" href="https://www.googletagmanager.com">
 <script async src="https://www.googletagmanager.com/gtag/js?id=G-3RC20QPKNS"></script>
 <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-3RC20QPKNS",{anonymize_ip:!0})</script><link rel="stylesheet" href="/copacetic/website/assets/css/styles.18145892.css">
-<link rel="preload" href="/copacetic/website/assets/js/runtime~main.f1c526f2.js" as="script">
+<link rel="preload" href="/copacetic/website/assets/js/runtime~main.fcaf8288.js" as="script">
 <link rel="preload" href="/copacetic/website/assets/js/main.6b3cb6b7.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -15,7 +15,7 @@
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://project-copacetic.github.io/copacetic/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><div class="navbar__logo"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--light_HNdA"><img src="/copacetic/website/img/logo.png" alt="Copacetic Logo" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate">Copacetic</b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a aria-current="page" class="navbar__link active" aria-haspopup="true" aria-expanded="false" role="button" href="/copacetic/website/v0.3.x">v0.3.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/copacetic/website/next/quick-start">Next</a></li><li><a class="dropdown__link" href="/copacetic/website/quick-start">v0.4.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/copacetic/website/v0.3.x/quick-start">v0.3.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.2.x/quick-start">v0.2.x</a></li><li><a class="dropdown__link" href="/copacetic/website/v0.1.x/quick-start">v0.1.x</a></li></ul></div><a href="https://github.com/project-copacetic/copacetic" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="searchBox_ZlJk"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" href="/copacetic/website/v0.3.x/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/design">Design</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/faq">FAQ</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/contributing">Contributing</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/copacetic/website/v0.3.x/code-of-conduct">Code of Conduct</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="theme-doc-version-banner alert alert--warning margin-bottom--md" role="alert"><div>This is documentation for <!-- -->Copacetic<!-- --> <b>v0.3.x</b>, which is no longer actively maintained.</div><div class="margin-top--md">For up-to-date documentation, see the <b><a href="/copacetic/website/quick-start">latest version</a></b> (<!-- -->v0.4.x<!-- -->).</div></div><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/copacetic/website/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Quick Start</span><meta itemprop="position" content="1"></li></ul></nav><span class="theme-doc-version-badge badge badge--secondary">Version: v0.3.x</span><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Quick Start</h1></header><p>This sample illustrates how to patch containers using vulnerability reports with <code>copa</code>.</p><h2 class="anchor anchorWithStickyNavbar_LWe7" id="prerequisites">Prerequisites<a href="#prerequisites" class="hash-link" aria-label="Direct link to Prerequisites" title="Direct link to Prerequisites">​</a></h2><ul><li>An Ubuntu 22.04 VM configured through the <a href="/copacetic/website/v0.3.x/installation">setup instructions</a> or a VSCode <a href="/copacetic/website/v0.3.x/contributing#visual-studio-code-development-container">devcontainer</a> environment. This includes:<ul><li><code>copa</code> tool <a href="/copacetic/website/v0.3.x/installation">built &amp; pathed</a>.</li><li><a href="https://github.com/moby/buildkit/#quick-start" target="_blank" rel="noopener noreferrer">buildkit</a> daemon installed &amp; pathed.</li><li><a href="https://docs.docker.com/desktop/linux/install/#generic-installation-steps" target="_blank" rel="noopener noreferrer">docker</a> daemon running and CLI installed &amp; pathed.</li><li><a href="https://aquasecurity.github.io/trivy/latest/getting-started/installation/" target="_blank" rel="noopener noreferrer">trivy CLI</a> installed &amp; pathed.</li></ul></li></ul><h2 class="anchor anchorWithStickyNavbar_LWe7" id="sample-steps">Sample Steps<a href="#sample-steps" class="hash-link" aria-label="Direct link to Sample Steps" title="Direct link to Sample Steps">​</a></h2><ol><li><p>Scan the container image for patchable OS vulnerabilities, outputting the results to a JSON file:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6.json docker.io/library/nginx:1.21.6</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also see the existing patchable vulnerabilities in table form on the shell with:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Patch the image using the Trivy report. You will need to start <code>buildkitd</code> if it is not already running:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> buildkitd </span><span class="token operator" style="color:#393A34">&amp;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">sudo</span><span class="token plain"> copa patch -i docker.io/library/nginx:1.21.6 -r nginx.1.21.6.json -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Alternatively, you can run <code>buildkitd</code> in a container, which allows copa to be run without root access to the local buildkit socket:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token builtin class-name">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#36acaa">BUILDKIT_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">v0.11.4</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token builtin class-name">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#36acaa">BUILDKIT_PORT</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">8888</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --detach </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --rm </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --privileged </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -p </span><span class="token number" style="color:#36acaa">127.0</span><span class="token plain">.0.1:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token builtin class-name">:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token plain">/tcp </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --name buildkitd </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --entrypoint buildkitd </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    </span><span class="token string" style="color:#e3116c">&quot;moby/buildkit:</span><span class="token string variable" style="color:#36acaa">$BUILDKIT_VERSION</span><span class="token string" style="color:#e3116c">&quot;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    --addr tcp://0.0.0.0:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">copa patch </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -i docker.io/library/nginx:1.21.6 </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -r nginx.1.21.6.json </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -t </span><span class="token number" style="color:#36acaa">1.21</span><span class="token plain">.6-patched </span><span class="token punctuation" style="color:#393A34">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">    -a tcp://0.0.0.0:</span><span class="token variable" style="color:#36acaa">$BUILDKIT_PORT</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In either case, <code>copa</code> is non-destructive and exports a new image with the specified <code>1.21.6-patched</code> label to the local Docker daemon.</p><blockquote><p><strong>NOTE:</strong> if you&#x27;re running this sample against an image from a private registry instead,
 ensure that the credentials are configured in the default Docker config.json before running <code>copa patch</code>,
 for example, via <code>sudo docker login -u &lt;user&gt; -p &lt;password&gt; &lt;registry&gt;</code>.</p></blockquote></li><li><p>Scan the patched image and verify that the vulnerabilities have been patched:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">trivy image --vuln-type os --ignore-unfixed docker.io/library/nginx:1.21.6-patched</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can also inspect the structure of the patched image with <code>docker history</code> to see the new patch layer appended to the image:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">history</span><span class="token plain"> docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">IMAGE          CREATED        CREATED BY                                      SIZE      COMMENT</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">a372df41e06d   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain"> minute ago   </span><span class="token function" style="color:#d73a49">mount</span><span class="token plain"> / from </span><span class="token builtin class-name">exec</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">sh</span><span class="token plain"> -c </span><span class="token function" style="color:#d73a49">apt</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">install</span><span class="token plain"> --no-ins…   </span><span class="token number" style="color:#36acaa">26</span><span class="token plain">.1MB    buildkit.exporter.image.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   CMD </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;nginx&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;-g&quot;</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;daemon off;&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   STOPSIGNAL SIGQUIT                              0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   EXPOSE map</span><span class="token punctuation" style="color:#393A34">[</span><span class="token number" style="color:#36acaa">80</span><span class="token plain">/tcp:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENTRYPOINT </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&quot;/docker-entrypoint.sh&quot;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain">            0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">30</span><span class="token plain">-tune-worker-processes.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">4</span><span class="token plain">.61kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">20</span><span class="token plain">-envsubst-on-templates.sh /docker-ent…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.04kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY </span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh /docker…   </span><span class="token number" style="color:#36acaa">1</span><span class="token plain">.96kB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   COPY docker-entrypoint.sh / </span><span class="token comment" style="color:#999988;font-style:italic"># buildkit          1.2kB     buildkit.dockerfile.v0</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   RUN /bin/sh -c </span><span class="token builtin class-name">set</span><span class="token plain"> -x     </span><span class="token operator" style="color:#393A34">&amp;&amp;</span><span class="token plain"> addgroup --syst…   </span><span class="token number" style="color:#36acaa">61</span><span class="token plain">.1MB    buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">PKG_RELEASE</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1</span><span class="token plain">~bullseye                      0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NJS_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">0.7</span><span class="token plain">.0                           0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   ENV </span><span class="token assign-left variable" style="color:#36acaa">NGINX_VERSION</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">1.20</span><span class="token plain">.2                        0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">3</span><span class="token plain"> months ago   LABEL </span><span class="token assign-left variable" style="color:#36acaa">maintainer</span><span class="token operator" style="color:#393A34">=</span><span class="token plain">NGINX Docker Maintainers </span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">d…   0B        buildkit.dockerfile.v0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop)  CMD [&quot;bash&quot;]                 0B</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token operator" style="color:#393A34">&lt;</span><span class="token plain">missing</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain">      </span><span class="token number" style="color:#36acaa">4</span><span class="token plain"> months ago   /bin/sh -c </span><span class="token comment" style="color:#999988;font-style:italic">#(nop) ADD file:09675d11695f65c55…   80.4MB</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></li><li><p>Run the container to verify that the image has no regressions:</p><div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">$ </span><span class="token function" style="color:#d73a49">docker</span><span class="token plain"> run -it --rm --name nginx-test docker.io/library/nginx:1.21.6-patched</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Looking </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> shell scripts </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /docker-entrypoint.d/</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">10</span><span class="token plain">-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 </span><span class="token keyword" style="color:#00009f">in</span><span class="token plain"> /etc/nginx/conf.d/default.conf</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">/docker-entrypoint.sh: Configuration complete</span><span class="token punctuation" style="color:#393A34">;</span><span class="token plain"> ready </span><span class="token keyword" style="color:#00009f">for</span><span class="token plain"> start up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: using the &quot;epoll&quot; event method</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: nginx/1.20.2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: OS: Linux 5.10.102.1-microsoft-standard-WSL2</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker processes</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 31</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 32</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 33</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 34</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 35</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 36</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 37</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: start worker process 38</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">38</span><span class="token comment" style="color:#999988;font-style:italic">#38: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">36</span><span class="token comment" style="color:#999988;font-style:italic">#36: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">33</span><span class="token comment" style="color:#999988;font-style:italic">#33: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">32</span><span class="token comment" style="color:#999988;font-style:italic">#32: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">34</span><span class="token comment" style="color:#999988;font-style:italic">#34: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">35</span><span class="token comment" style="color:#999988;font-style:italic">#35: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">37</span><span class="token comment" style="color:#999988;font-style:italic">#37: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">1</span><span class="token comment" style="color:#999988;font-style:italic">#1: signal 28 (SIGWINCH) received</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token number" style="color:#36acaa">2022</span><span class="token plain">/05/16 </span><span class="token number" style="color:#36acaa">18</span><span class="token plain">:00:17 </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">notice</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"> </span><span class="token number" style="color:#36acaa">31</span><span class="token comment" style="color:#999988;font-style:italic">#31: signal 28 (SIGWINCH) received</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>You can stop the container by opening a new shell instance and running: <code>docker stop nginx-test</code></p></li></ol></div></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/copacetic/website/v0.3.x/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installation</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/copacetic/website/v0.3.x/design"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Design</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#sample-steps" class="table-of-contents__link toc-highlight">Sample Steps</a></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2023 Linux Foundation. The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</div></div></div></footer></div>
-<script src="/copacetic/website/assets/js/runtime~main.f1c526f2.js"></script>
+<script src="/copacetic/website/assets/js/runtime~main.fcaf8288.js"></script>
 <script src="/copacetic/website/assets/js/main.6b3cb6b7.js"></script>
 </body>
 </html>
\ No newline at end of file