grype-server

SBOM scanning using grype wrapped in a convenient REST API.

This allows for a centralised install of grype which will sync the vulnerabiltiy DB periodically instead of requiring all clients to have access to the internet and the bandwidth to download the vulnerability DB.

Usage

Running

docker run -d -p 9991:9991 --name grype-server <registry-name>/grype-server run --log-level info

Scanning an SBOM

curl -X POST https://<ip>:9991/scanSBOM --data-binary @- <<'EOF'
{
    "sbom": "<base 64 encoded SBOM>"
}
EOF

NOTE
Supported SBOM formats include CycloneDX XML and JSON, SPDX and Syft.

Contributing

If you are ready to jump in and test, add code, or help with documentation, please follow the instructions on our contributing guide for details on how to open issues, setup VMClarity for development and test.

Code of Conduct

You can view our code of conduct here.

License

Apache License, Version 2.0

Name		Name	Last commit message	Last commit date
Latest commit History 69 Commits
.github		.github
api		api
grype-server		grype-server
.gitignore		.gitignore
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
SECURITY.md		SECURITY.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

grype-server

Table of Contents

Usage

Running

Scanning an SBOM

Contributing

Code of Conduct

License

About

Releases 12

Packages

Contributors 10

Languages

License

openclarity/grype-server

Folders and files

Latest commit

History

Repository files navigation

grype-server

Table of Contents

Usage

Running

Scanning an SBOM

Contributing

Code of Conduct

License

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases 12

Packages 0

Contributors 10

Languages

Packages