mirror of
https://github.com/webinstall/webi-installers.git
synced 2026-04-06 18:36:50 +00:00
23100394ac
Renames: - github_repo → github_releases (back-compat kept) - github_source → github_sources (back-compat kept) - gitea_repo → gitea_releases (back-compat kept) New keys: - gitea_sources, gitlab_releases, gitlab_sources All keys now accept either owner/repo shorthand or full URLs: - github_releases = sharkdp/bat - github_releases = https://github.com/sharkdp/bat - gitea_releases = https://git.rootprojects.org/root/pathman Defaults: github → github.com, gitlab → gitlab.com. Gitea has no default (self-hosted only). Updated all 73 releases.conf files from github_repo to github_releases.
title, homepage, tagline
| title | homepage | tagline |
|---|---|---|
| Grype | https://github.com/anchore/grype/ | Grype is a vulnerability scanner for container images and filesystems. |
To update or switch versions, run webi grype@stable (or @v0.6, @beta, etc)
Files
~/.config/envman/PATH.env
~/.grype.yaml
~/.local/bin/grype
Cheat Sheet
It also helps find vulnerabilities for major operating system and language-specific packages. Supports Docker, OCI and Singularity image formats, OpenVEX support for filtering and augmenting scanning results. Works with
syft, a powerfulSBOM(software bill of materials) tool for container images and file systems
How to for vulnerabilities in an image
grype <image>
How to scan all image layers
grype <image> --scope all-layers
How to scan a running container
docker run --rm \
--volume /var/run/docker.sock:/var/run/docker.sock \
--name Grype anchore/grype:latest \
my_image_name:my_image_tag