[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-4979":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":42,"readmeContent":43,"aiSummary":44,"trendingCount":16,"starSnapshotCount":16,"syncStatus":45,"lastSyncTime":46,"discoverSource":47},4979,"grype","anchore\u002Fgrype","anchore","A vulnerability scanner for container images and filesystems","",null,"Go",12382,807,81,321,0,12,48,196,56,43.72,"Apache License 2.0",false,"main",true,[27,28,29,30,31,32,33,34,35,36,37,38,39,40,41],"container-image","containers","cyclonedx","docker","go","golang","hacktoberfest","oci","openvex","security","static-analysis","tool","vex","vulnerabilities","vulnerability","2026-06-12 02:01:06","\u003Cp align=\"center\">\n    \u003Cimg alt=\"Grype logo\" src=\"https:\u002F\u002Fuser-images.githubusercontent.com\u002F5199289\u002F136855393-d0a9eef9-ccf1-4e2b-9d7c-7aad16a567e5.png\" width=\"234\">\n\u003C\u002Fp>\n\n# Grype\n\n**A vulnerability scanner for container images and filesystems.**\n\n\u003Cp align=\"center\">\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Factions?query=workflow%3A%22Static+Analysis+%2B+Unit+%2B+Integration%22\">\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Fworkflows\u002FStatic%20Analysis%20+%20Unit%20+%20Integration\u002Fbadge.svg\" alt=\"Static Analysis + Unit + Integration\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Factions\u002Fworkflows\u002Fvalidations.yaml\">\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Fworkflows\u002FValidations\u002Fbadge.svg\" alt=\"Validations\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fgoreportcard.com\u002Freport\u002Fgithub.com\u002Fanchore\u002Fgrype\">\u003Cimg src=\"https:\u002F\u002Fgoreportcard.com\u002Fbadge\u002Fgithub.com\u002Fanchore\u002Fgrype\" alt=\"Go Report Card\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Freleases\u002Flatest\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Frelease\u002Fanchore\u002Fgrype.svg\" alt=\"GitHub release\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fgo-mod\u002Fgo-version\u002Fanchore\u002Fgrype.svg\" alt=\"GitHub go.mod Go version\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Fblob\u002Fmain\u002FLICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-Apache%202.0-blue.svg\" alt=\"License: Apache-2.0\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca href=\"https:\u002F\u002Fanchore.com\u002Fdiscourse\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDiscourse-Join-blue?logo=discourse\" alt=\"Join our Discourse\">\u003C\u002Fa>&nbsp;\n    &nbsp;\u003Ca rel=\"me\" href=\"https:\u002F\u002Ffosstodon.org\u002F@grype\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FMastodon-Follow-blue?logoColor=white&logo=mastodon\" alt=\"Follow on Mastodon\">\u003C\u002Fa>&nbsp;\n\u003C\u002Fp>\n\n![grype-demo](https:\u002F\u002Fuser-images.githubusercontent.com\u002F590471\u002F90276236-9868f300-de31-11ea-8068-4268b6b68529.gif)\n\n## Features\n\n- Scan **container images**, **filesystems**, and **SBOMs** for known vulnerabilities (see the docs for a full list of [supported scan targets](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fguides\u002Fvulnerability\u002Fscan-targets\u002F))\n- Supports major OS package ecosystems (Alpine, Debian, Ubuntu, RHEL, Oracle Linux, Amazon Linux, and [more](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fcapabilities\u002Fall-os\u002F))\n- Supports language-specific packages (Ruby, Java, JavaScript, Python, .NET, Go, PHP, Rust, and [more](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fcapabilities\u002Fall-packages\u002F))\n- Supports Docker, OCI, and [Singularity](https:\u002F\u002Fgithub.com\u002Fsylabs\u002Fsingularity) image formats\n- Threat & risk prioritization with **EPSS**, **KEV**, and **risk scoring** (see [interpreting the results docs](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fguides\u002Fvulnerability\u002Finterpreting-results\u002F))\n- [OpenVEX](https:\u002F\u002Fgithub.com\u002Fopenvex) support for filtering and augmenting scan results\n\n> [!TIP]\n> New to Grype? Check out the [Getting Started guide](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fguides\u002Fvulnerability\u002Fgetting-started\u002F) for a walkthrough!\n\n## Installation\n\nThe quickest way to get up and going:\n```bash\ncurl -sSfL https:\u002F\u002Fget.anchore.io\u002Fgrype | sudo sh -s -- -b \u002Fusr\u002Flocal\u002Fbin\n```\n\n> [!TIP]\n> See [Installation docs](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Finstallation\u002Fgrype\u002F) for more ways to get Grype, including Homebrew, Docker, Chocolatey, MacPorts, and more!\n\n## The basics\n\nScan a container image or directory for vulnerabilities:\n\n```bash\n# container image\ngrype alpine:latest\n\n# directory\ngrype .\u002Fmy-project\n```\n\nScan an SBOM for even faster vulnerability detection:\n\n```bash\n# scan a Syft SBOM\ngrype sbom:.\u002Fsbom.json\n\n# pipe an SBOM into Grype\ncat .\u002Fsbom.json | grype\n```\n\n> [!TIP]\n> Check out the [Getting Started guide](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fguides\u002Fvulnerability\u002Fgetting-started\u002F) to explore all of the capabilities and features.\n>\n> Want to know all of the ins-and-outs of Grype? Check out the [CLI docs](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Freference\u002Fgrype\u002Fcli\u002F) and [configuration docs](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Freference\u002Fgrype\u002Fconfiguration\u002F).\n\n## Contributing\n\nWe encourage users to help make these tools better by [submitting issues](https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype\u002Fissues) when you find a bug or want a new feature.\nCheck out our [contributing overview](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fcontributing\u002F) and [developer-specific documentation](https:\u002F\u002Foss.anchore.com\u002Fdocs\u002Fcontributing\u002Fgrype\u002F) if you are interested in providing code contributions.\n\n\u003Cp xmlns:cc=\"http:\u002F\u002Fcreativecommons.org\u002Fns#\" xmlns:dct=\"http:\u002F\u002Fpurl.org\u002Fdc\u002Fterms\u002F\">\n  Grype development is sponsored by \u003Ca href=\"https:\u002F\u002Fanchore.com\u002F\">Anchore\u003C\u002Fa>, and is released under the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype?tab=Apache-2.0-1-ov-file\">Apache-2.0 License\u003C\u002Fa>.\n  The \u003Ca property=\"dct:title\" rel=\"cc:attributionURL\" href=\"https:\u002F\u002Fanchore.com\u002Fwp-content\u002Fuploads\u002F2024\u002F11\u002Fgrype-logo.svg\">Grype logo\u003C\u002Fa> by \u003Ca rel=\"cc:attributionURL dct:creator\" property=\"cc:attributionName\" href=\"https:\u002F\u002Fanchore.com\u002F\">Anchore\u003C\u002Fa> is licensed under \u003Ca href=\"https:\u002F\u002Fcreativecommons.org\u002Flicenses\u002Fby\u002F4.0\u002F\" target=\"_blank\" rel=\"license noopener noreferrer\" style=\"display:inline-block;\">CC BY 4.0\u003Cimg style=\"height:22px!important;margin-left:3px;vertical-align:text-bottom;\" src=\"https:\u002F\u002Fmirrors.creativecommons.org\u002Fpresskit\u002Ficons\u002Fcc.svg\" alt=\"\">\u003Cimg style=\"height:22px!important;margin-left:3px;vertical-align:text-bottom;\" src=\"https:\u002F\u002Fmirrors.creativecommons.org\u002Fpresskit\u002Ficons\u002Fby.svg\" alt=\"\">\u003C\u002Fa>\n\u003C\u002Fp>\n\nFor commercial support options with Syft or Grype, please [contact Anchore](https:\u002F\u002Fget.anchore.com\u002Fcontact\u002F).\n\n## Come talk to us!\n\nThe Grype Team holds regular community meetings online. All are welcome to join to bring topics for discussion.\n- Check the [calendar](https:\u002F\u002Fcalendar.google.com\u002Fcalendar\u002Fu\u002F0\u002Fr?cid=Y182OTM4dGt0MjRtajI0NnNzOThiaGtnM29qNEBncm91cC5jYWxlbmRhci5nb29nbGUuY29t) for the next meeting date.\n- Add items to the [agenda](https:\u002F\u002Fdocs.google.com\u002Fdocument\u002Fd\u002F1ZtSAa6fj2a6KRWviTn3WoJm09edvrNUp4Iz_dOjjyY8\u002Fedit?usp=sharing) (join [this group](https:\u002F\u002Fgroups.google.com\u002Fg\u002Fanchore-oss-community) for write access to the [agenda](https:\u002F\u002Fdocs.google.com\u002Fdocument\u002Fd\u002F1ZtSAa6fj2a6KRWviTn3WoJm09edvrNUp4Iz_dOjjyY8\u002Fedit?usp=sharing))\n- See you there!\n","Grype 是一个用于扫描容器镜像和文件系统中已知漏洞的工具。它使用 Go 语言开发，能够检测包括 Alpine、Debian、Ubuntu 等主流操作系统包生态系统以及 Ruby、Java、JavaScript 等多种编程语言包中的安全漏洞。此外，Grype 支持 Docker、OCI 和 Singularity 多种容器格式，并且提供基于 EPSS、KEV 的威胁与风险优先级排序功能及 OpenVEX 标准支持以增强结果解读能力。该工具非常适合需要对容器化应用进行安全性评估的企业和个人开发者，在软件开发生命周期早期阶段识别并修复潜在的安全问题。",2,"2026-06-11 03:01:51","top_language"]