Dan Luhring
Dan Luhring
**What happened**: Grype shows "No vulnerability database update available" when it _hasn't actually_ checked to see if a database update is available. **What you expected to happen**: If Grype is...
As of #227, we publish an image to Docker Hub for Grype: https://hub.docker.com/r/anchore/grype However, we don't provide any guidance on Docker Hub itself, and it would be helpful to users...
Our current [documentation for using templates](https://github.com/anchore/grype#using-templates) points users to the JSON output to learn about what data is available to the template author. This is insufficient, because although it currently...
**What would you like to be added**: For cases where the user provides a template file to Grype, let's have Grype validate the template **at the beginning** of the app's...
Partially addresses #572
It would be great if Syft captured some global information from apk while analyzing Alpine images/systems in order to provide a fuller picture of apk-based software installations. And specifically, if...
CPE should be: `cpe:2.3:a:redis.js:redis:*:*:*:*:*:node.js:*:*` Vulnerability example for this CPE: https://nvd.nist.gov/vuln/detail/CVE-2021-29469 For more context (internal link): https://anchore.slack.com/archives/C1DMGFP3J/p1620774479360500
**What would you like to be added**: Ensure that all SBOMs produced by Syft cover the NTIA's [Minimum Elements For a Software Bill of Materials (SBOM)](https://www.ntia.doc.gov/report/2021/minimum-elements-software-bill-materials-sbom). Direct link to PDF:...
Hi there! The README asks for an issue to be submitted if we solve the issue of macOS Keychain requiring manual approval while running `gon`. Here's how we solved it...
I was trying out the steps listed to get a Developer ID certificate, and I realized I needed to: 1. enroll in the Apple Developer Program 1. pay $99 for...