{"id":15129984,"url":"https://github.com/ozeranskii/image-vuln-scanner","last_synced_at":"2026-02-21T11:01:37.848Z","repository":{"id":251326669,"uuid":"837075403","full_name":"ozeranskii/image-vuln-scanner","owner":"ozeranskii","description":"A CLI tool for scanning Docker images for vulnerabilities using Trivy and Grype.","archived":false,"fork":false,"pushed_at":"2026-02-10T11:12:41.000Z","size":207,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-10T16:07:48.298Z","etag":null,"topics":["cli","grype","k8s","security","security-tools","trivy","vulnerability","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ozeranskii.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":["https://tbank.ru/cf/8IOgAixS5mB"],"github":"ozeranskii","buy_me_a_coffee":"ozeranskii","thanks_dev":"u/gh/ozeranskii"}},"created_at":"2024-08-02T06:52:59.000Z","updated_at":"2026-02-10T11:11:41.000Z","dependencies_parsed_at":"2024-08-02T08:46:37.348Z","dependency_job_id":"718991a2-26dc-4279-9b94-acc45687e3b3","html_url":"https://github.com/ozeranskii/image-vuln-scanner","commit_stats":null,"previous_names":["ozeranskii/image-vuln-scanner"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ozeranskii/image-vuln-scanner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ozeranskii%2Fimage-vuln-scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ozeranskii%2Fimage-vuln-scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ozeranskii%2Fimage-vuln-scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ozeranskii%2Fimage-vuln-scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ozeranskii","download_url":"https://codeload.github.com/ozeranskii/image-vuln-scanner/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ozeranskii%2Fimage-vuln-scanner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29679049,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-21T09:33:50.764Z","status":"ssl_error","status_checked_at":"2026-02-21T09:33:19.949Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","grype","k8s","security","security-tools","trivy","vulnerability","vulnerability-scanners"],"created_at":"2024-09-26T02:25:54.472Z","updated_at":"2026-02-21T11:01:37.825Z","avatar_url":"https://github.com/ozeranskii.png","language":"Python","funding_links":["https://tbank.ru/cf/8IOgAixS5mB","https://github.com/sponsors/ozeranskii","https://buymeacoffee.com/ozeranskii","https://thanks.dev/u/gh/ozeranskii"],"categories":[],"sub_categories":[],"readme":"# Image Scanner\n\nA CLI tool for scanning Docker images for vulnerabilities using Trivy and Grype.\n\n## Installation\n\n### Prerequisites\n\nBefore you begin, ensure you have the following dependencies installed:\n\n1. **Python 3.8+**: You can download Python from the [official website](https://www.python.org/downloads/).\n2. **Poetry**: Poetry is a tool for dependency management and packaging in Python. You can install it by following the instructions [here](https://python-poetry.org/docs/#installation).\n3. **kubectl**: `kubectl` is a command-line tool for interacting with Kubernetes clusters. You can install it by following the instructions below.\n4. **Trivy or Grype**: These are vulnerability scanners. Installation instructions for each are provided below.\n\n### Install the project dependencies\n\nUse Poetry to install the dependencies and the package:\n\n```shell\npoetry install\n```\nThis will install all required dependencies listed in pyproject.toml and create a virtual environment for the project.\n\n#### Install kubectl\n\nTo use this tool, you need to have `kubectl` installed and configured to access your Kubernetes cluster. To install kubectl, follow the instructions [here](https://kubernetes.io/docs/tasks/tools/).\n\nExample installation on macOS using Homebrew:\n\n```shell\nbrew install kubectl\n```\n\n### Install Trivy and Grype\n\nEnsure you have Trivy and Grype installed on your system:\n\n#### Trivy\n\nTrivy is a comprehensive and easy-to-use vulnerability scanner for containers. To install Trivy, follow the instructions [here](https://github.com/aquasecurity/trivy#installation).\n\nExample installation on macOS using Homebrew:\n\n```shell\nbrew install aquasecurity/trivy/trivy\n```\n\n#### Grype\n\nGrype is a vulnerability scanner for container images and filesystems. To install Grype, follow the instructions [here](https://github.com/anchore/grype#installation).\n\nExample installation on macOS using Homebrew:\n\n```shell\nbrew tap anchore/grype\nbrew install grype\n```\n\n## Usage\n\nTo use the CLI tool, you need to specify the Kubernetes namespace, label selector, output file, and the scanner type (either `trivy` or `grype`).\n\nExample command:\n\n```shell\npoetry run image-vuln-scanner --namespace production --label-selector stack=python --output-file scan_results.json --scanner-type grype\n```\n\n## CLI Arguments\n\n- `--namespace` (required): The Kubernetes namespace to scan.\n- `--label-selector` (required): The label selector to filter the resources.\n- `--output-file` (optional): The output file to save the scan results.\n- `--scanner-type` (required): The vulnerability scanner to use (`trivy` or `grype`).\n- `--max-concurrent-tasks` (optional): The maximum number of concurrent tasks (default is 4).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fozeranskii%2Fimage-vuln-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fozeranskii%2Fimage-vuln-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fozeranskii%2Fimage-vuln-scanner/lists"}