Repositories list

• .github

  Public
  Anchore, Inc

  github-profilegithub-profile-readme

  0•0•0•0•Updated Aug 3, 2025Aug 3, 2025

• grype

  Public
  A vulnerability scanner for container images and filesystems

  godockergolang+ 12securitytoolcontainersstatic-analysisocivulnerabilityvex+ 5

  Go

  •

  Apache License 2.0

  •670•10k•289•27•Updated Aug 2, 2025Aug 2, 2025

• scan-action

  Public
  Anchore container analysis and scan provided as a GitHub Action

  actionsgithub-actionsworkflow+ 3vulnerabilitiespolicy-evaluationanchore-engine

  JavaScript

  •

  MIT License

  •80•250•16•2•Updated Aug 2, 2025Aug 2, 2025

• harbor-scanner-adapter

  Public
  Harbor Scanner Adapter for Anchore Engine and Enterprise

  dockervulnerabilitiesharbor+ 1vulnerability-scanner

  Go

  •

  Apache License 2.0

  •17•39•17•2•Updated Aug 1, 2025Aug 1, 2025

• anchore-charts

  Public
  Helm charts for Anchore tools and services

  kubernetessecurityhelm+ 2helm-chartssecurity-vulnerability-assessment

  Python

  •

  Apache License 2.0

  •73•48•23•6•Updated Aug 1, 2025Aug 1, 2025

• homebrew-grype

  Public
  homebrew tap for grype

  Ruby

  •

  Apache License 2.0

  •2•0•0•0•Updated Aug 1, 2025Aug 1, 2025

• vunnel

  Public
  Tool for collecting vulnerability data from various sources (used to build the grype database)

  datavulnerabilityhacktoberfest+ 1grype

  Python

  •

  Apache License 2.0

  •38•101•31•10•Updated Aug 1, 2025Aug 1, 2025

• vulnerability-match-labels

  Public
  Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners

  labelsdatasetvulnerabilities+ 1hacktoberfest

  Python

  •

  Creative Commons Zero v1.0 Universal

  •6•11•4•1•Updated Aug 1, 2025Aug 1, 2025

• yardstick

  Public
  Compare vulnerability scanners results (to make them better!)

  vulnerabilityhacktoberfestvulnerability-scanners+ 1grype

  Python

  •

  Apache License 2.0

  •5•22•6•2•Updated Aug 1, 2025Aug 1, 2025

• cve-data-enrichment

  Public
  Creative Commons Zero v1.0 Universal

  •9•15•0•2•Updated Aug 1, 2025Aug 1, 2025

• syft

  Public
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems

  godockergolang+ 8toolcontainersstatic-analysisocispdxhacktoberfestsbom+ 1

  Go

  •

  Apache License 2.0

  •690•7.4k•441•39•Updated Aug 1, 2025Aug 1, 2025

• grype-db

  Public
  sqlitevulnerabilityhacktoberfest+ 1grype

  Go

  •

  Apache License 2.0

  •23•51•10•7•Updated Aug 1, 2025Aug 1, 2025

• nvd-data-overrides

  Public
  Python

  •

  Creative Commons Zero v1.0 Universal

  •6•47•1•1•Updated Aug 1, 2025Aug 1, 2025

• quill

  Public
  Simple mac binary signing from any platform

  macapplesigning+ 8binarydarwinmachohacktoberfestcodesigningcodesignnotarization+ 1

  Go

  •

  Apache License 2.0

  •15•443•13•3•Updated Aug 1, 2025Aug 1, 2025

• ecs-inventory

  Public
  Anchore ECS Inventory can poll ECS Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use

  Go

  •

  Apache License 2.0

  •5•6•0•2•Updated Jul 31, 2025Jul 31, 2025

• vcpkg-test-fixture

  Public
  0•0•0•0•Updated Jul 31, 2025Jul 31, 2025

• grant

  Public
  Search an SBOM for licenses and the packages they belong to

  golangstatic-analysiscompliance+ 2licensesbom

  Go

  •

  Apache License 2.0

  •7•98•28•2•Updated Jul 31, 2025Jul 31, 2025

• vulnerability-data-tools

  Public
  Python

  •

  Apache License 2.0

  •4•14•3•1•Updated Jul 31, 2025Jul 31, 2025

• sbom-action

  Public
  GitHub Action for creating software bill of materials using Syft.

  TypeScript

  •

  Apache License 2.0

  •33•196•12•4•Updated Jul 31, 2025Jul 31, 2025

• kubernetes-admission-controller

  Public
  Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore

  Go

  •

  Apache License 2.0

  •30•65•11•0•Updated Jul 30, 2025Jul 30, 2025

• k8s-inventory

  Public
  Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use

  godockerkubernetes+ 7golangsecuritytoolcontainersvulnerabilitycontainer-imageanchore

  Go

  •

  Apache License 2.0

  •16•67•5•0•Updated Jul 30, 2025Jul 30, 2025

• enterprise-client-go

  Public
  Go client for Enterprise API (Not Officially Supported)

  Mustache

  •

  Apache License 2.0

  •2•3•0•4•Updated Jul 30, 2025Jul 30, 2025

• clio

  Public
  An easy way to bootstrap your application with batteries included.

  gocligolang+ 6loggerviperevent-bushacktoberfestcobrabubbletea

  Go

  •

  Apache License 2.0

  •7•12•2•5•Updated Jul 30, 2025Jul 30, 2025

• homebrew-syft

  Public
  homebrew tap for syft

  Ruby

  •

  Apache License 2.0

  •0•2•1•0•Updated Jul 30, 2025Jul 30, 2025

• stereoscope

  Public
  go library for processing container images and simulating a squash filesystem

  gocontainerhacktoberfest+ 3squashfscontainer-imagegolang

  Go

  •

  Apache License 2.0

  •49•98•18•5•Updated Jul 30, 2025Jul 30, 2025

• chronicle

  Public
  a fast changelog generator sourced from PRs and Issues

  githubgolangchangelog+ 2hacktoberfestchangelog-generator

  Go

  •

  Apache License 2.0

  •5•62•14•7•Updated Jul 30, 2025Jul 30, 2025

• binny

  Public
  Manage a directory of binaries without a package manager

  package-managerbinaryhacktoberfest+ 2github-releasego-installer

  Go

  •

  Apache License 2.0

  •4•36•5•8•Updated Jul 30, 2025Jul 30, 2025

• workflows

  Public
  reusable workflows to be used for the oss projects

  Apache License 2.0

  •0•1•0•1•Updated Jul 30, 2025Jul 30, 2025

• s3c-workshops

  Public
  Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

  securitycontainersk8s+ 5vulnerability-scannersfedrampdevsecopssbomsupply-chain-security

  Dockerfile

  •4•6•0•1•Updated Jul 30, 2025Jul 30, 2025

• test-images

  Public
  Container automation for testing and validation

  Dockerfile

  •2•3•0•1•Updated Jul 24, 2025Jul 24, 2025