Repositories list

• chronicle

  Public

  anchore/chronicle’s past year of commit activity
  a fast changelog generator sourced from PRs and Issues

  githubgolangchangelog+ 2hacktoberfestchangelog-generator

  Go

  •

  Apache License 2.0

  •4•60•15•4•Updated Feb 4, 2026Feb 4, 2026

• security-identifiers

  Public
  Contains the Anchore-allocated security identifiers and the relationships to upstream security data source identifiers

  Creative Commons Zero v1.0 Universal

  •0•1•0•0•Updated Feb 4, 2026Feb 4, 2026

• nvd-data-overrides

  Public

  anchore/nvd-data-overrides’s past year of commit activity
  Python

  •

  Creative Commons Zero v1.0 Universal

  •6•48•1•0•Updated Feb 4, 2026Feb 4, 2026

• cve-data-enrichment

  Public

  anchore/cve-data-enrichment’s past year of commit activity
  Shell

  •

  Creative Commons Zero v1.0 Universal

  •9•16•1•0•Updated Feb 4, 2026Feb 4, 2026

• grype-db

  Public

  anchore/grype-db’s past year of commit activity
  sqlitevulnerabilityhacktoberfest+ 1grype

  Go

  •

  Apache License 2.0

  •32•59•11•12•Updated Feb 4, 2026Feb 4, 2026

• oss-docs

  Public

  anchore/oss-docs’s past year of commit activity
  Anchore OSS Documentation

  Python

  •

  Apache License 2.0

  •4•4•5•11•Updated Feb 4, 2026Feb 4, 2026

• scan-action

  Public
  Anchore container analysis and scan provided as a GitHub Action

  workflowactionsvulnerabilities+ 3policy-evaluationanchore-enginegithub-actions

  JavaScript

  •

  MIT License

  •86•267•20•2•Updated Feb 4, 2026Feb 4, 2026

• .github

  Public
  Anchore, Inc

  github-profilegithub-profile-readme

  0•1•0•0•Updated Feb 4, 2026Feb 4, 2026

• vunnel

  Public

  anchore/vunnel’s past year of commit activity
  Tool for collecting vulnerability data from various sources (used to build the grype database)

  datavulnerabilityhacktoberfest+ 1grype

  Python

  •

  Apache License 2.0

  •49•110•37•11•Updated Feb 3, 2026Feb 3, 2026

• grype

  Public

  anchore/grype’s past year of commit activity
  A vulnerability scanner for container images and filesystems

  godockergolang+ 12securitytoolcontainersstatic-analysisocivulnerabilityvex+ 5

  Go

  •

  Apache License 2.0

  •736•11k•330•29•Updated Feb 3, 2026Feb 3, 2026

• binny

  Public
  Manage a directory of binaries without a package manager

  package-managerbinaryhacktoberfest+ 2github-releasego-installer

  Go

  •

  Apache License 2.0

  •4•48•8•1•Updated Feb 3, 2026Feb 3, 2026

• homebrew-grype

  Public

  anchore/homebrew-grype’s past year of commit activity
  homebrew tap for grype

  Ruby

  •

  Apache License 2.0

  •2•0•0•1•Updated Feb 3, 2026Feb 3, 2026

• homebrew-grant

  Public
  Ruby

  •

  Apache License 2.0

  •1•1•0•0•Updated Feb 3, 2026Feb 3, 2026

• grant

  Public
  A license scanner for container images and filesystems.

  golangstatic-analysiscompliance+ 2licensesbom

  Go

  •

  Apache License 2.0

  •12•135•24•0•Updated Feb 3, 2026Feb 3, 2026

• homebrew-syft

  Public
  homebrew tap for syft

  Ruby

  •

  Apache License 2.0

  •0•2•1•1•Updated Feb 3, 2026Feb 3, 2026

• syft

  Public
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems

  godockergolang+ 8toolcontainersstatic-analysisocispdxhacktoberfestsbom+ 1

  Go

  •

  Apache License 2.0

  •757•8.3k•472•46•Updated Feb 3, 2026Feb 3, 2026

• vulnerability-index-spec-files

  Public
  Controls the rendering of specific vulnerability data records

  Creative Commons Zero v1.0 Universal

  •0•0•0•0•Updated Feb 3, 2026Feb 3, 2026

• sbom-action

  Public
  GitHub Action for creating software bill of materials using Syft.

  TypeScript

  •

  Apache License 2.0

  •34•218•13•3•Updated Feb 3, 2026Feb 3, 2026

• harbor-scanner-adapter

  Public
  Harbor Scanner Adapter for Anchore Engine and Enterprise

  dockervulnerabilitiesharbor+ 1vulnerability-scanner

  Go

  •

  Apache License 2.0

  •17•40•17•1•Updated Feb 3, 2026Feb 3, 2026

• k8s-inventory

  Public
  Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use

  godockerkubernetes+ 7golangsecuritytoolcontainersvulnerabilitycontainer-imageanchore

  Go

  •

  Apache License 2.0

  •17•68•4•4•Updated Feb 3, 2026Feb 3, 2026

• quill

  Public

  anchore/quill’s past year of commit activity
  Simple mac binary signing from any platform

  macapplesigning+ 8binarydarwinmachohacktoberfestcodesigningcodesignnotarization+ 1

  Go

  •

  Apache License 2.0

  •15•477•15•1•Updated Feb 3, 2026Feb 3, 2026

• go-macholibre

  Public
  Go

  •

  Apache License 2.0

  •1•5•0•1•Updated Feb 3, 2026Feb 3, 2026

• clio

  Public
  An easy way to bootstrap your application with batteries included.

  gocligolang+ 6loggerviperevent-bushacktoberfestcobrabubbletea

  Go

  •

  Apache License 2.0

  •6•14•2•0•Updated Feb 3, 2026Feb 3, 2026

• security-cli

  Public
  Tool for performing various Anchore security data curation tasks

  Python

  •

  Apache License 2.0

  •0•0•0•0•Updated Feb 2, 2026Feb 2, 2026

• vulnerability-match-labels

  Public
  Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners

  labelsdatasetvulnerabilities+ 1hacktoberfest

  Python

  •

  Creative Commons Zero v1.0 Universal

  •10•14•4•1•Updated Feb 2, 2026Feb 2, 2026

• vulnerability-data-tools

  Public
  Python

  •

  Apache License 2.0

  •4•16•3•1•Updated Feb 2, 2026Feb 2, 2026

• go-lzo

  Public
  A LZO1X decompression library written in go that is permissively licensed

  godecompressionlzo

  Go

  •

  MIT License

  •0•1•0•6•Updated Jan 30, 2026Jan 30, 2026

• go-make

  Public
  Go

  •

  Apache License 2.0

  •1•0•0•2•Updated Jan 30, 2026Jan 30, 2026

• yardstick

  Public
  Compare vulnerability scanners results (to make them better!)

  vulnerabilityhacktoberfestvulnerability-scanners+ 1grype

  Python

  •

  Apache License 2.0

  •7•27•6•2•Updated Jan 29, 2026Jan 29, 2026

• fangs

  Public
  Go

  •

  Apache License 2.0

  •2•17•2•2•Updated Jan 29, 2026Jan 29, 2026