grype

grype copied to clipboard

**What happened**: when i run grype db search CVE-2021-44228 i get this errors: `[0000] ERROR failed to inflate vulnerability record: failed to parse constraint='< 2.4.0 || = 2.4.0 || =...

TimBrown1611

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.4 to 3.26.5. Changelog Sourced from github/codeql-action's changelog. CodeQL Action Changelog See the releases page for the relevant changes to the CodeQL CLI and language packs. Note...

dependabot[bot]

`grype db status` reports "valid" when the DB is missing

2

**What happened**: ```console $ grype db update ✔ Vulnerability DB [updated] Vulnerability database updated to latest version! $ grype db status Location: /Users/dan/Library/Caches/grype/db/5 Built: 2024-08-22 01:31:37 +0000 UTC Schema: 5...

luhring

This issue tracks the work to turn down the infra related to Grype DB Schema v1 and Grype DB Schema v2. (Note to concerned visitors: anyone using grype after v0.13.0,...

willmurphyscode

Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) from 0.0.3-0.20240725180315-50ce3be7aa1f to 0.0.3. Release notes Sourced from github.com/anchore/stereoscope's releases. v0.0.3 Additional Changes Bump docker version [#234 @​jonjohnsonjr] (Full Changelog) Commits See full diff in compare view [![Dependabot...

dependabot[bot]

fix: hash vuln db only once on load

2

Fixes #1502 This PR aims to improve the performance of `LoadVulnerabilityDB` when `ValidateByHashOnGet` is set to `true` As described in the linked issue, `GetStore` and `Status` both hash the db....

lucasrod16

Grype only supports SKOPEO when using 'docker-archive' format.

3

**What happened**: Since the documentation: https://github.com/anchore/grype#supported-sources says: "or `skopeo copy` commands)" I tried to scan backup copies of our docker images and grype does not seem to scan the directories.....

SDDunt

Merge Configuration Files

7

**What would you like to be added**: When a Grype config is found in the repository and in the home directory I would like them to be merged **Why is...

henrysachs

Different results scanning PHP SBOMs generated by cdxgen and Syft

1

**What happened**: I'm working on detecting vulns in a PHP project and I get quite different results when scanning and I'm not sure if it's expected or there could be...

metametadata

In v5 and earlier we've had a DB check to ensure our quality gate DB in use was not too out of date. We've removed this since there is no...

wagoodman