{"id":22824394,"url":"https://github.com/opt-nc/grype-contribs","last_synced_at":"2026-05-09T17:34:35.498Z","repository":{"id":45974489,"uuid":"514971548","full_name":"opt-nc/grype-contribs","owner":"opt-nc","description":"A set of resources around Anchore's grype tool","archived":false,"fork":false,"pushed_at":"2024-04-11T23:07:00.000Z","size":65,"stargazers_count":0,"open_issues_count":4,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-06T05:30:30.504Z","etag":null,"topics":["cve-search","devops","devops-tools","devsecops","docker","docker-image","gotemplate","grype","infosec","jq","json","productivity","reporting","security","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"https://dev.to/optnc/grype-0420-is-out-and-hello-grype-contribs-3g4i","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opt-nc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-17T22:42:34.000Z","updated_at":"2022-10-13T23:06:16.000Z","dependencies_parsed_at":"2025-02-06T05:28:23.245Z","dependency_job_id":"cd569a5a-ce1b-4653-81ec-ab35d41f0c22","html_url":"https://github.com/opt-nc/grype-contribs","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opt-nc%2Fgrype-contribs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opt-nc%2Fgrype-contribs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opt-nc%2Fgrype-contribs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opt-nc%2Fgrype-contribs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opt-nc","download_url":"https://codeload.github.com/opt-nc/grype-contribs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246395897,"owners_count":20770279,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve-search","devops","devops-tools","devsecops","docker","docker-image","gotemplate","grype","infosec","jq","json","productivity","reporting","security","vulnerability-scanners"],"created_at":"2024-12-12T17:06:31.876Z","updated_at":"2026-05-09T17:34:30.471Z","avatar_url":"https://github.com/opt-nc.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# ❔ About\n\nThe aim of this repo is to summarize some resources around [Grype](https://github.com/anchore/grype)\nto **take the best ouf this great tool.**\n\n# 🔖 Discover `grype-contribs`\n\nTo learn more about this project, take a glance at : \n\n- [📢 Grype 0.42.0 is out... and hello grype-contribs 👶 ](https://dev.to/optnc/grype-0420-is-out-and-hello-grype-contribs-3g4i)\n- 📺 [Youtbe demo](https://youtu.be/C2-i_fc5fKk)\n\n[![asciicast](https://asciinema.org/a/RoLhz0Ehe0sp74wA1NNipB0PH.svg)](https://asciinema.org/a/RoLhz0Ehe0sp74wA1NNipB0PH)\n\n# 🧰 Prerequisites\n\nFor an optimal usage of these resources, you'll need :\n\n- `git`\n- [`brew`](https://brew.sh/) installed\n- `python3` and `pip`\n\n##  Install tools\n\n```\nbrew tap anchore/grype\nbrew install grype\n```\n\nWe'll use [`termgraph`](https://github.com/mkaz/termgraph),  _\"A command-line tool that draws basic graphs in the terminal,\"_ :\n\n```\npython3 -m pip install termgraph\n```\n\nFinally clone this repo : \n\n```\ngh repo clone opt-nc/grype-contribs\ncd grype-contribs\n```\n\n👉 You are ready.\n\n\n## 📜 Templating\n\nSince [`v0.42.0`](https://github.com/anchore/grype/releases/tag/v0.42.0), and\nits issue [`#724`](https://github.com/anchore/grype/issues/724#issuecomment-1139563814)\nit is possible to transform analysis report with [templates](https://github.com/anchore/grype#using-templates).\n\nThis feature makes it possible to build nicely useable and highly customizable reports.\n\n\n### 📊  Aggregated report in the terminal (`termgraph`)\n\n```shell\nclear\n # Put your image here\nexport IMAGE=nginx:latest\necho \"☝️ About to analyze $IMAGE with grype ❕\"\ngrype $IMAGE -o template -t tmpl/csv-vulnerability_id-severity-no-headers.tmpl \u003e work/analysis.csv\ncat work/analysis.csv\necho \"\"\necho \"✅ grype analysis done.\"\necho \"$(tail -n +2 work/analysis.csv)\" \u003e work/analysis.csv\necho \"➕ Aggregating datas :\"\nawk -F, '{a[$1]+=$2;}END{for(i in a)print i\", \"a[i];}' work/analysis.csv \u003e work/analysis-aggregated.csv\ncat work/analysis-aggregated.csv\necho \"📊 Charting analysis\"\ntermgraph  work/analysis-aggregated.csv --title \"🛡️  Grype report for [${IMAGE}] 🐳\"\n# Visit https://github.com/opt-nc/grype-tools/ for more tools around reporting and templates\n```\n\n### 🔗 Html report\n\nWith installed version:\n```sh\nclear\nexport IMAGE=nginx:latest\necho \"☝️ About to analyze $IMAGE with grype ❕\"\ngrype $IMAGE -o template -t tmpl/html-table.tmpl \u003e work/analysis.html\nfirefox work/analysis.html\n```\n\nOr with docker:\n```sh\nclear\nexport IMAGE=nginx:latest\necho \"☝️ About to analyze $IMAGE with grype ❕\"\n\ndocker run --rm \\\n  -v ${PWD}/tmpl/html-table.tmpl:/config/html-table.tmpl:ro \\\n  anchore/grype:latest \\\n  \\\n  $IMAGE -o template -t /config/html-table.tmpl \u003e work/analysis.html\n\nopen work/analysis.html\n```\n\nDepending on your needs, add the appropriate options as shown in grype [official documentation](https://github.com/anchore/grype):\n```sh\n# to scan scan a container running or images on host\n  --volume /var/run/docker.sock:/var/run/docker.sock\n\n# to access a private registry (with config.json configured on host)\n  -v ~/.docker/config.json:/config/config.json:ro -e \"DOCKER_CONFIG=/config\"\n```\n\n## 💡 Ideas\n\n- [Better `html` template](https://github.com/opt-nc/grype-contribs/issues/5) \n- Concatenate multiple reports within a same csv for advanced JupterNotebook and other reporting tools (OpenSearch, ELK, PowerBI,...)\n- Jupter NoteBooks on `json`\n- Nicer HTML reports\n- Package as a Makefile\n- Develop markdown template and implement pandoc toolchain for various exports\n- JupyterBook report template based on raw csv export\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopt-nc%2Fgrype-contribs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopt-nc%2Fgrype-contribs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopt-nc%2Fgrype-contribs/lists"}