issues
search
anchore
/
grype
A vulnerability scanner for container images and filesystems
Apache License 2.0
8.7k
stars
569
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
some non-PEP440 version constraints for GHSA python packages in grype-db
#2229
willmurphyscode
opened
4 hours ago
0
chore(deps): bump github.com/charmbracelet/lipgloss from 0.13.1 to 1.0.0
#2228
dependabot[bot]
closed
4 hours ago
0
Remove gentoo integration test
#2227
wagoodman
closed
1 day ago
0
Search for distro namespaces with incomplete information
#2226
wagoodman
closed
1 day ago
0
Add support for scanning single purl from the CLI
#2225
wagoodman
closed
1 day ago
0
Feature request: Grype Convert
#2224
tidusete
opened
1 day ago
1
Improve purl input
#2223
wagoodman
closed
1 day ago
0
Missing alpine patch version yields inaccurate results
#2222
wagoodman
closed
1 day ago
0
chore(deps): bump anchore/sbom-action from 0.17.5 to 0.17.6
#2221
dependabot[bot]
closed
2 days ago
0
chore(deps): bump github.com/adrg/xdg from 0.5.1 to 0.5.2
#2220
dependabot[bot]
closed
2 days ago
0
bump syft to v1.15.0, sterescope to v0.0.5
#2219
willmurphyscode
closed
3 days ago
0
docs: update config section to be valid
#2218
kzantow
closed
3 days ago
0
POM data should be derived from pom.xml when available
#2217
wagoodman
opened
3 days ago
0
Should only check maven central if pom info is missing
#2216
wagoodman
opened
3 days ago
3
Replace hashicorp semver lib
#2215
wagoodman
opened
3 days ago
0
chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.1 to 1.1.2
#2214
dependabot[bot]
closed
3 days ago
0
chore(deps): update tools to latest versions
#2213
anchore-actions-token-generator[bot]
closed
3 days ago
0
Grype Output Schema
#2212
Amndeep7
opened
1 week ago
1
chore(deps): bump actions/setup-go from 5.0.2 to 5.1.0
#2211
dependabot[bot]
closed
1 week ago
0
False positive: GHSA-cx63-2mw6-8hw5 (CVE-2024-6345) python311-setuptools in SLES 15.5 Ecosystem cause by Syft noise with extra reference
#2210
sekveaja
opened
1 week ago
0
chore(deps): bump actions/checkout from 4.2.1 to 4.2.2
#2209
dependabot[bot]
closed
1 week ago
0
chore(deps): bump github/codeql-action from 3.26.13 to 3.27.0
#2208
dependabot[bot]
closed
1 week ago
0
chore(deps): bump github.com/charmbracelet/lipgloss from 0.13.0 to 0.13.1
#2207
dependabot[bot]
closed
1 week ago
0
Environment variables are not expanded in the configuration
#2206
sttcns
closed
3 days ago
3
chore(deps): bump anchore/sbom-action from 0.17.4 to 0.17.5
#2205
dependabot[bot]
closed
1 week ago
0
chore(deps): bump actions/cache from 4.1.1 to 4.1.2
#2204
dependabot[bot]
closed
1 week ago
0
Update to Syft v1.14.2
#2203
wagoodman
closed
1 week ago
0
Displaying disputed CVE
#2202
levpachmanov
closed
3 days ago
2
Updated README.md with period & correct phrase.
#2201
Piyush-r-bhaskar
closed
1 week ago
0
Java archive cataloger performance in 0.82.x much slower than 0.81.0
#2200
driseley
closed
1 week ago
6
Add more views into grype results
#2199
wagoodman
opened
1 week ago
0
chore(deps): bump github.com/adrg/xdg from 0.5.0 to 0.5.1
#2198
dependabot[bot]
closed
2 weeks ago
0
fix: azurelinux considered as comprehensive distro
#2197
westonsteimel
closed
2 weeks ago
1
chore(deps): update tools to latest versions
#2196
anchore-actions-token-generator[bot]
closed
2 weeks ago
0
Unable to parse apk constraint phrase: failed to create comparator for '&{>= 1.0.2zk}'
#2195
bergernir
closed
1 week ago
6
feat: multi-level configuration and profiles
#2194
kzantow
closed
1 week ago
0
chore(deps): bump anchore/sbom-action from 0.17.3 to 0.17.4
#2193
dependabot[bot]
closed
2 weeks ago
0
Flaky checks on STDIN for purl provider
#2192
sfc-gh-ylefloch
closed
1 day ago
1
chore(deps): update Syft to v1.14.1
#2191
anchore-actions-token-generator[bot]
closed
2 weeks ago
0
chore: bump syft to main
#2190
willmurphyscode
closed
2 weeks ago
1
dependency: bump syft to main pre-release
#2189
willmurphyscode
closed
2 weeks ago
0
Account for implicit 0s in rpm release versions
#2188
wagoodman
closed
2 weeks ago
0
chore: bump syft in quality gate to v1.14.0
#2187
westonsteimel
closed
2 weeks ago
0
Use epoch from metadata when missing from version string
#2186
wagoodman
closed
2 weeks ago
2
chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.5 to 1.4.6
#2185
dependabot[bot]
closed
2 weeks ago
0
chore(deps): bump anchore/sbom-action from 0.17.2 to 0.17.3
#2184
dependabot[bot]
closed
2 weeks ago
0
chore(deps): bump github/codeql-action from 3.26.12 to 3.26.13
#2183
dependabot[bot]
closed
2 weeks ago
0
Skip matching on packages with missing version info
#2182
wagoodman
closed
2 weeks ago
0
Mariner Linux "util-linux" package FP
#2181
Atharex
opened
2 weeks ago
4
Display warnings even when `-v` is not passed and no tty is present
#2180
metametadata
opened
2 weeks ago
6
Next