mirror of
https://github.com/webinstall/webi-installers.git
synced 2026-04-06 18:36:50 +00:00
0861ebc8b8
Source type is now inferred from the primary key: github_repo = owner/repo (was source=github + owner + repo) git_url = https://... (was source=gittag + url) gitea_repo = owner/repo (was source=gitea + owner + repo) hashicorp_product = name (was source=hashicorp + product) One-off dist sources (nodedist, zigdist, etc.) keep the explicit source= key since they're already one-liners. Parser still accepts the old format via the default fallback branch.
title, homepage, tagline
| title | homepage | tagline |
|---|---|---|
| Grype | https://github.com/anchore/grype/ | Grype is a vulnerability scanner for container images and filesystems. |
To update or switch versions, run webi grype@stable (or @v0.6, @beta, etc)
Files
~/.config/envman/PATH.env
~/.grype.yaml
~/.local/bin/grype
Cheat Sheet
It also helps find vulnerabilities for major operating system and language-specific packages. Supports Docker, OCI and Singularity image formats, OpenVEX support for filtering and augmenting scanning results. Works with
syft, a powerfulSBOM(software bill of materials) tool for container images and file systems
How to for vulnerabilities in an image
grype <image>
How to scan all image layers
grype <image> --scope all-layers
How to scan a running container
docker run --rm \
--volume /var/run/docker.sock:/var/run/docker.sock \
--name Grype anchore/grype:latest \
my_image_name:my_image_tag