grype
grype copied to clipboard
anchore
A vulnerability scanner for container images and filesystems
This is an aggregation use case. I have multiple jobs building containers and scanning them. I can easily produce a json for each with grype but come release time, i'd...
It should be trivial to see what data providers (from vunnel) populated the DB, along with timestamp information: ``` grype db providers alpine 2024-09-16T01:34:04.087474Z ... amazon 2024-09-16T01:34:04.087474Z ... chainguard 2024-10-16T01:34:04.087474Z...
Today we dispatch to the correct matcher(s) based on the `PackageType()` returned from any given matcher. This isn't very flexible, since it doesn't allow for the ability to introspect package...
With DB v6 there will be substantial changes made to the DB structure. We'd like to have a way for users to have a common interface with stable output (not...
Adds in a new DB curator for v6, which is responsible for: - using the new `distribution.Client` to facilitate validated updates of the DB - provide read-access to the DB...
Adds a new `distribution.Client` (for v6) responsible for: - fetching a `latest.json` file - determining if a given existing DB description is older or newer than a candidate update -...
**What happened**: When scanning several images Grype reported cups client-library packages ('cups-libs' / 'libcups2') being impacted by CVE-2024-47175. However, the client library packages are not impacted, only the (depending on...
Today the grype DB is distributed via a hosted `listing.json` file with URLs to DBs, listing out historical entries to N many days. There are a few points here: -...
Here are the rough steps today with v1-5 to get a match from the DB, starting within a matcher: 1. Matchers use the [search package Criteria](https://github.com/anchore/grype/blob/89c419091483d8f4f5e83a046dd0b45aaaba3eb5/grype/matcher/python/matcher.go#L34-L39) to access the given...
DB v6 is meant to cover [several use cases](https://github.com/anchore/grype-db/issues/108) (you can safely ignore this link). The high level goals are: - Make the distributed DB smaller - Via removing necessary...