A python wrapper for Anchore Grype
Supported commands
-
completion - db
- check
- delete
- diff
- import
- list
- status
- update
-
help - scan
- version
PyGrype relies on an existing grype binary. Install grype following the official instructions.
install using pip
pip install pygrype
Instantiate Grype
using the default path
from pygrype import Grype
grype = Grype()
or specify the binary
from pygrype import Grype
grype = Grype(path='/opt/grype')
from pygrype import Grype
grype = Grype()
version_info = grype.version()
print(f'Using grype {version_info.version}')
images = [
'alpine:3.12',
'ubuntu:18.04',
'debian:9'
]
for image in images:
scan = grype.scan(image)
criticals = len(list(filter(lambda x: x.vulnerability.severity.lower() == 'critical', scan.matches)))
print(f'{image} has {len(scan.matches)} vulnerabilities ({criticals} critical)')
Example output
Using grype 0.62.3
alpine:3.12 has 23 vulnerabilities (3 critical)
ubuntu:18.04 has 18 vulnerabilities (0 critical)
debian:9 has 213 vulnerabilities (23 critical)