Description

Please add support for scanning docker image which is present locally (just built) instead of pulling it from the registry.

Preferred Solution

If the image is available locally, don't reach the registry, and do that only if it's absent. Or implement additional flag like --image-priority local | --image-priority remote to control the behaviour.

Additional Context

I as a user want to prevent situation when image was pushed to the registry with leaked secret(s)/vulnerabilities.