mirror of
https://github.com/webinstall/webi-installers.git
synced 2026-05-17 06:06:35 +00:00
9f28505af7
Stacked on the modifications PR. Now that no live code path references
the per-package fetchers, the shared HTTP/parsing helpers, the
in-process normalizer, or the example template, delete them. Pure
deletion — no behavior change.
- ~93 per-package <pkg>/releases.js fetcher modules.
- _common/{brew,fetcher,git-tag,gitea,github,github-source,
githubish,githubish-source}.js shared HTTP/parsing helpers.
- _webi/normalize.js in-process normalization layer (cache files
arrive normalized from webicached).
- _example/releases.js fetcher template for new packages.
The Go cache daemon (webicached) is now the sole producer of release
metadata; the Node process never makes an upstream request.
title, homepage, tagline
| title | homepage | tagline |
|---|---|---|
| Grype | https://github.com/anchore/grype/ | Grype is a vulnerability scanner for container images and filesystems. |
To update or switch versions, run webi grype@stable (or @v0.6, @beta, etc)
Files
~/.config/envman/PATH.env
~/.grype.yaml
~/.local/bin/grype
Cheat Sheet
It also helps find vulnerabilities for major operating system and language-specific packages. Supports Docker, OCI and Singularity image formats, OpenVEX support for filtering and augmenting scanning results. Works with
syft, a powerfulSBOM(software bill of materials) tool for container images and file systems
How to for vulnerabilities in an image
grype <image>
How to scan all image layers
grype <image> --scope all-layers
How to scan a running container
docker run --rm \
--volume /var/run/docker.sock:/var/run/docker.sock \
--name Grype anchore/grype:latest \
my_image_name:my_image_tag