Python wrapper for Grype
Project description
PyGrype
A python wrapper for Anchore Grype
Status
Supported commands
-
completion - db
- check
- delete
- diff
- import
- list
- status
- update
-
help - scan
- version
Getting started
Prerequisites
PyGrype relies on either an existing grype binary, or a local Docker install.
Install grype binary following the official instructions.
Install Docker following the official instructions
Installation
install using pip
pip install pygrype
Usage
Pygrype is wrapper around the grype binary, and can be used in two ways: using a local binary, or using the official Docker container.
Using Local Binary
Instantiate Grype without any arguments. This will use the default binary backend, and will look for the grype binary in the system path.
from pygrype import Grype
grype = Grype()
or specify the binary
from pygrype import Grype, GrypeBinaryBackend
binary_backend = GrypeBinaryBackend(path='/opt/grype')
grype = Grype(backend=binary_backend)
Using Docker
Instantiate Grype with the GrypeDockerBackend backend. This will use the official grype Docker container to run scans. The backend will use the latest version of the container by default, but you can specify a specific version using the optional tag argument.
from pygrype import Grype, GrypeDockerBackend
docker_backend = GrypeDockerBackend(tag="v0.79.2")
grype = Grype(backend=docker_backend)
Full example
from pygrype import Grype
grype = Grype()
version_info = grype.version()
print(f'Using grype {version_info.version}')
images = [
'alpine:3.12',
'ubuntu:18.04',
'debian:9'
]
for image in images:
scan = grype.scan(image)
criticals = len(list(filter(lambda x: x.vulnerability.severity.lower() == 'critical', scan.matches)))
print(f'{image} has {len(scan.matches)} vulnerabilities ({criticals} critical)')
Example output
Using grype 0.62.3
alpine:3.12 has 23 vulnerabilities (3 critical)
ubuntu:18.04 has 18 vulnerabilities (0 critical)
debian:9 has 213 vulnerabilities (23 critical)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pygrype-0.4.0.tar.gz.
File metadata
- Download URL: pygrype-0.4.0.tar.gz
- Upload date:
- Size: 12.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.9.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6a374b5135865fd1c437e128174849c7a7f093e6473b5c16a7a253083cdfd479
|
|
| MD5 |
b69273d0b82ff2e263bfb95bac331466
|
|
| BLAKE2b-256 |
8c3f9be0d717c70134ffd899e9c8e48495d9f66f9fa90339cf396bb3df175f20
|
File details
Details for the file pygrype-0.4.0-py3-none-any.whl.
File metadata
- Download URL: pygrype-0.4.0-py3-none-any.whl
- Upload date:
- Size: 15.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.9.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
68cc7f9b9c1f13033cfbce64f9ca4f476455fe886bc89c5a5ae9992f31cec2cd
|
|
| MD5 |
31aeaad68a191308f2a6e03ebf03f94a
|
|
| BLAKE2b-256 |
23278176d6ad7b1908aa05c997888466aad0ae6567ac457a9c3fc718287fffe6
|
