UNPKG

snyk-docker-plugin

Version:

Snyk CLI docker plugin

github.com/snyk/snyk-docker-plugin

snyk/snyk-docker-plugin

52 lines (30 loc) 1.71 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
![Snyk logo](https://snyk.io/style/asset/logo/snyk-print.svg) --- Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system. | :information_source: This repository is only a plugin to be used with the Snyk CLI tool. To use this plugin to test and fix vulnerabilities in your project, install the Snyk CLI tool first. Head over to [snyk.io](https://github.com/snyk/snyk) to get started. | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ## Snyk Docker CLI Plugin This plugin provides dependency metadata for Docker images. ## Supported functionality Package managers: - rpm, apk, deb Operating systems: - Debian, Red Hat, Alpine, Oracle, CentOS, SLES, OpenSUSE, Amazon Linux, vanilla Linux - Distroless and scratch images Platforms: - Linux: ARM, AMD, PPC, MIPS, s390x Image protocols: - Docker archive, OCI archive - pulling images from a Docker socket - pulling from container registries (with support for username and password authentication) Applications: - Node (npm, yarn) - Java (jar files) - detecting package manager manifests (Python, Ruby) Others: - Dockerfile analysis - identifying Node and Java binaries installed outside the package manager - running on Windows (_not_ the same as scanning Windows containers) - collecting the `rootFs` hashes for base image detection and recommendation ## Tests Refer to [test/README.md](test/README.md) for running and writing tests.