{"id":13533342,"url":"https://github.com/anchore/anchore-engine","last_synced_at":"2025-10-02T15:31:04.814Z","repository":{"id":38849648,"uuid":"102645710","full_name":"anchore/anchore-engine","owner":"anchore","description":"A service that analyzes docker images and scans for vulnerabilities","archived":true,"fork":false,"pushed_at":"2023-01-26T23:58:18.000Z","size":187084,"stargazers_count":1580,"open_issues_count":249,"forks_count":271,"subscribers_count":53,"default_branch":"master","last_synced_at":"2024-09-25T01:33:16.077Z","etag":null,"topics":["anchore-engine","containers","docker","docker-image","dockerhub","python","security","static-analysis","vulnerabilities","whitelist"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/anchore.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.rst","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-06T18:47:20.000Z","updated_at":"2024-09-18T03:03:05.000Z","dependencies_parsed_at":"2023-02-04T12:46:56.040Z","dependency_job_id":null,"html_url":"https://github.com/anchore/anchore-engine","commit_stats":null,"previous_names":[],"tags_count":91,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anchore%2Fanchore-engine","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anchore%2Fanchore-engine/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anchore%2Fanchore-engine/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anchore%2Fanchore-engine/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/anchore","download_url":"https://codeload.github.com/anchore/anchore-engine/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219875832,"owners_count":16554706,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anchore-engine","containers","docker","docker-image","dockerhub","python","security","static-analysis","vulnerabilities","whitelist"],"created_at":"2024-08-01T07:01:18.888Z","updated_at":"2025-10-02T15:30:54.798Z","avatar_url":"https://github.com/anchore.png","language":"Python","readme":"# Anchore Engine [![CircleCI](https://circleci.com/gh/anchore/anchore-engine/tree/master.svg?style=svg)](https://circleci.com/gh/anchore/anchore-engine/tree/master)\n\n**IMPORTANT NOTE**\n\nAs of 2023, Anchore Engine is no longer maintained. There will be no future versions released. Users are advised to use [Syft](https://github.com/anchore/syft) and [Grype](https://github.com/anchore/grype).\n\nFor users interested in a supported commercial solution for container scanning and complaiance, [schedule a demo](https://get.anchore.com/demo-request/) to see Anchore Enterprise’s broad set of enterprise capabilities including SBOM management, vulnerability management, and compliance management.\n\n**About**\n\nAnchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images. Anchore Engine is provided as a Docker container image that can be run standalone or within an orchestration platform such as Kubernetes, Docker Swarm, Rancher, Amazon ECS, and other container orchestration platforms.\n\nWith a deployment of Anchore Engine running in your environment, container images are downloaded and analyzed from Docker V2 compatible container registries and then evaluated against a vulnerability database.\n\nHistorical documentation is available at [Anchore Documentation](https://engine.anchore.io).\n\nAnchore Engine can be accessed directly through a RESTful API or via the Anchore [CLI](https://github.com/anchore/anchore-cli).\n\n**Supported Operating Systems**\n\n- Alpine\n- Amazon Linux 2\n- CentOS\n- Debian\n- Google Distroless\n- Oracle Linux\n- Red Hat Enterprise Linux\n- Red Hat Universal Base Image (UBI)\n- Ubuntu\n\n**Supported Packages**\n\n- GEM\n- Java Archive (jar, war, ear)\n- NPM\n- Python (PIP)\n- Go Modules\n\n## Installation\n\nThere are several ways to get started with Anchore Engine, for the latest information on quickstart and full production installation with docker-compose, Helm, and other methods, please visit:\n\n- [Anchore Engine Installation](https://engine.anchore.io/docs/install/)\n\nThe Anchore Engine is distributed as a [Docker Image](https://hub.docker.com/r/anchore/anchore-engine/) available from DockerHub.\n\n## Quick Start (TLDR)\n\nSee [documentation](https://engine.anchore.io/docs/quickstart/) for the full quickstart guide.\n\nTo quickly bring up an installation of Anchore Engine on a system with docker (and docker-compose) installed, follow these simple steps:\n\n```\ncurl https://engine.anchore.io/docs/quickstart/docker-compose.yaml \u003e docker-compose.yaml\ndocker-compose up -d\n```\n\nOnce the Engine is up and running, you can begin to interact with the system using the CLI.\n\n## Getting Started using the CLI\n\nThe [Anchore CLI](https://github.com/anchore/anchore-cli) is an easy way to control and interact with the Anchore Engine.\n\nThe Anchore CLI can be installed using the Python pip command, or by running the CLI from the [Anchore Engine CLI](https://hub.docker.com/r/anchore/engine-cli) container image. See the [Anchore CLI](https://github.com/anchore/anchore-cli) project on Github for code and more installation options and usage.\n\n## CLI Quick Start (TLDR)\n\nBy default, the Anchore CLI tries to connect to the Anchore Engine at http://localhost:8228/v1 with no authentication.\nThe username, password, and URL for the server can be passed to the Anchore CLI as command-line arguments:\n\n    --u   TEXT   Username     eg. admin\n    --p   TEXT   Password     eg. foobar\n    --url TEXT   Service URL  eg. http://localhost:8228/v1\n\nRather than passing these parameters for every call to the tool, they can also be set as environment variables:\n\n    ANCHORE_CLI_URL=http://myserver.example.com:8228/v1\n    ANCHORE_CLI_USER=admin\n    ANCHORE_CLI_PASS=foobar\n\nAdd an image to the Anchore Engine:\n\n    anchore-cli image add docker.io/library/debian:latest\n\nWait for the image to move to the 'analyzed' state:\n\n    anchore-cli image wait docker.io/library/debian:latest\n\nList images analyzed by the Anchore Engine:\n\n    anchore-cli image list\n\nGet image overview and summary information:\n\n    anchore-cli image get docker.io/library/debian:latest\n\nList feeds and wait for at least one vulnerability data feed sync to complete. The first sync can take some time (20-30 minutes) after that syncs will only merge deltas.\n\n    anchore-cli system feeds list\n    anchore-cli system wait\n\nObtain the results of the vulnerability scan on an image:\n\n    anchore-cli image vuln docker.io/library/debian:latest os\n\nList operating system packages present in an image:\n\n    anchore-cli image content docker.io/library/debian:latest os\n\n## API\n\nFor the external API definition (the user-facing service), see [External API Swagger Spec](https://github.com/anchore/anchore-engine/blob/master/anchore_engine/services/apiext/swagger/swagger.yaml). If you have Anchore Engine running, you can also review the Swagger by directing your browser at http://\u003cyour-anchore-engine-api-host\u003e:8228/v1/ui/ (NOTE: the trailing slash is required for the embedded swagger UI browser to be viewed properly).\n\nEach service implements its own API, and all APIs are defined in Swagger/OpenAPI spec. You can find each in the _anchore_engine/services/\\\u003cservicename\\\u003e/api/swagger_ directory.\n\n## More Information\n\nFor further details on the use of the Anchore CLI with the Anchore Engine, please refer to the [Anchore Engine Documentation](https://engine.anchore.io/)\n\n## Developing\n\nThis repo was reformatted using [Black](https://black.readthedocs.io/en/stable/) in Nov. 2020. This commit can\nbe ignored in your local environment when using `git blame` since it impacted so many files. To ignore the commit you need\nto configure git-blame to use the provided file: .git-blame-ignore-revs as a list of commits to ignore for blame.\n\nSet your local git configuration to use the provided file by running this from within the root of this source tree:\n`git config blame.ignoreRevsFile .git-blame-ignore-revs`\n","funding_links":[],"categories":["Containers","Container Tools","Python","Application Recommendation","Container and Kubernetes Security","Container Security"],"sub_categories":["MultiCloud Governance","Threat modelling","🔒 Cybersecurity","Image Scanning"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanchore%2Fanchore-engine","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fanchore%2Fanchore-engine","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanchore%2Fanchore-engine/lists"}