Dan Nurmi

Hi rmoriz, It is possible that the whole cycle is taking less time than a full sync - one thing to note: the feeds sync operation is incremental, in that...

Hi all, I've made a commit to the latest anchore (master and 1.1-master) that includes a mapping between images that identify as 'redhat' and out internal RHEL/centos flavor (which is...

Hi @hariramb - That is looking good - as long as you get package details and do not get the distro not supported warning, then the scanner should be working...

Hi @hariramb - thanks! We'll run our tests and then will push a new dev container, I'll let you know here when it has been pushed (or, if you're subscribed...

Hi @hariramb - I just pushed a new docker.io/anchore/cli:dev container that has the latest from anchore master - should all synced up. Thanks again -Dan

Hi @SyCode7 | Does the anchor-cli provide formatting options for scan results e.g json ? It sure does! you can use the '--json' option to anchore-cli for any command to...

Hi Matt! The CVE scan requires that anchore has been called with a 'anchore feeds sync' at least once, which pulls down the latest vulnerability data for all of the...

Matt, Interesting - the container we use for Jenkins (anchore/jenkins:latest) does an initial sync on build, so it shouldn't be required if you're using that container (the default, if you're...

hi @Ninroot - the anchore project hosted here has been deprecated, as we've moved all anchore image scanning work to the newer project called 'anchore-engine' - please see https://github.com/anchore/anchore-engine for...

@zhill , @mylespollie , I agree that keeping the output self-contained would be beneficial - what do you both think of introducing a new option that allows for a user...