๐๏ธ About
I'm quite excited to announce the arrival of a set of new productivity resources for Grype in :
opt-nc
/
grype-contribs
A set of resources around Anchore's grype tool
โ About
The aim of this repo is to summarize some resources around Grype to take the best ouf this great tool.
๐ Discover grype-contribs
To learn more about this project, take a glance at :
๐งฐ Prerequisites
For an optimal usage of these resources, you'll need :
git-
brewinstalled -
python3andpip
Install tools
brew tap anchore/grype
brew install grype
We'll use termgraph, "A command-line tool that draws basic graphs in the terminal," :
python3 -m pip install termgraph
Finally clone this repo :
gh repo clone opt-nc/grype-contribs
cd grype-contribs
๐ Templating
Since v0.42.0, and
its issue #724
it is possible to transform analysis report with templates.
This feature makes it possible to build nicely useable and highly customizable reports.
๐ Aggregated report in the terminal (termgraph)
๐ช jq tricks
This time we opened a new topic around Grype reporting :
Export vulnerabilities as well formated
csvwthin a single line of code
๐ฐ ROI ๐
With clean csv, you can easily create and share your analysis wit JupyterNotebook... see dedicated issue in the pipe :
๐ฟ Demo
๐ฎ Next jq trick coming
๐ช Implement jq trick to group and count by severity
#8
Provide the jq query that takes in input a grype -o json command and returns
"Negligible",0
"Low",4
"High",10
see Group vulnerabilities by severity
Top comments (4)
And more to come soon @mbarre ๐ค