๐๏ธ About
I'm quite excited to announce the arrival of a set of new productivity resources for Grype
in :
opt-nc / grype-contribs
A set of resources around Anchore's grype tool
โ About
The aim of this repo is to summarize some resources around Grype to take the best ouf this great tool.
๐ Discover grype-contribs
To learn more about this project, take a glance at :
๐งฐ Prerequisites
For an optimal usage of these resources, you'll need :
git
-
brew
installed -
python3
andpip
Install tools
brew tap anchore/grype
brew install grype
We'll use termgraph
, "A command-line tool that draws basic graphs in the terminal," :
python3 -m pip install termgraph
Finally clone this repo :
gh repo clone opt-nc/grype-contribs
cd grype-contribs
๐ Templating
Since v0.42.0
, and
its issue #724
it is possible to transform analysis report with templates.
This feature makes it possible to build nicely useable and highly customizable reports.
๐ Aggregated report in the terminal (termgraph
)
๐ช jq
tricks
This time we opened a new topic around Grype
reporting :
Export vulnerabilities as well formated
csv
wthin a single line of code
๐ฐ ROI ๐
With clean csv
, you can easily create and share your analysis wit JupyterNotebook... see dedicated issue in the pipe :
๐ฟ Demo
๐ฎ Next jq
trick coming
๐ช Implement jq trick to group and count by severity #8
Provide the jq
query that takes in input a grype -o json
command and returns
"Negligible",0
"Low",4
"High",10
see Group vulnerabilities by severity
Top comments (4)
And more to come soon @mbarre ๐ค