Make Docker Scout CVE check non-blocking (#37)

Copilot · beevelop · web-flow · commit 6067ff4522d3 · 2026-03-06T11:22:23.000+01:00
* Initial plan

* Set Docker Scout exit-code to false to unblock pipeline

The CI pipeline was failing because Docker Scout detected a HIGH
vulnerability (CVE-2026-25646) in libpng from the nginx:alpine base
image. Since this is outside our control, the scout check is now
non-blocking while still reporting results for visibility.

Co-authored-by: beevelop &lt;6891349+beevelop@users.noreply.github.com&gt;

---------

Co-authored-by: copilot-swe-agent[bot] &lt;198982749+Copilot@users.noreply.github.com&gt;
Co-authored-by: beevelop &lt;6891349+beevelop@users.noreply.github.com&gt;
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -60,4 +60,4 @@ jobs:
           command: cves
           image: ${{ env.imageName }}:${{ steps.docker_meta.outputs.version }}
           only-severities: critical,high
-          exit-code: true
+          exit-code: false
