Automic VaultAutomic Vault

brew

manifest-tool mit Homebrew, apk, dnf, Nix installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für manifest-tool in AI-Agent-Workflows.

Installation

Weitere Installationsbefehle

macOS

Homebrewverifiziert · 100%
brew install manifest-tool

local Homebrew formula metadata

Linux

Alpine Linux apkverifiziert · 92%
sudo apk add manifest-tool

Alpine Linux edge package indexes · manifest-tool · Quelle: dl-cdn.alpinelinux.org

Fedora dnfverifiziert · 92%
sudo dnf install manifest-tool

Fedora Rawhide package metadata · manifest-tool · Quelle: dl.fedoraproject.org

Nixverifiziert · 92%
nix profile install nixpkgs#manifest-tool

nixpkgs package indexes · pkgs/by-name/ma/manifest-tool/package.nix · Quelle: api.github.com

Überblick

Paketzusammenfassung

Command-line tool to create and query container image manifest list/indexes

Befehle und Aliase

  • manifest-tool

Verlauf

Projektgeschichte und Nutzung

manifest-tool is a Go command-line utility for inspecting and pushing multi-platform container image manifest lists and OCI image indexes. It helped make multi-architecture container image publishing practical before those workflows were common in mainstream container CLIs.

Projektgeschichte

The public repository was created in March 2016. The README describes manifest-tool as one of the first command-line tools capable of assembling Docker v2.2 manifest lists, later more commonly known as OCI image indexes.

The project's history section says the codebase began as a joint project with Harshal Patil from IBM Bangalore and was originally forked from registry client code in skopeo, which later became part of the Red Hat container tooling ecosystem. The v2 rewrite removed the original skopeo-derived code, while the old code remained part of v1 releases.

Adoptionsgeschichte

manifest-tool gained relevance during the transition from one-image-per-architecture publishing to a single image reference that can resolve to architecture-specific images. The README notes that Docker's early `docker manifest` command was based on code from manifest-tool through a Docker CLI pull request in early 2018.

The project distributes release binaries for many architectures and also publishes a Docker image, matching the multi-platform audience it serves. By 2026 the repository had hundreds of stars and forks, indicating continued use even after Docker and other container tools added overlapping functionality.

Wie es verwendet wird

Users inspect an image reference with `manifest-tool inspect` to see manifest or index entries and platform support. For publishing, `manifest-tool push` can read a YAML spec or command-line arguments that list platforms, source image templates, target image references, and tags.

For pushing to a registry, the README says credentials can be supplied on the command line, via credential helper support similar to the Docker client, or through an existing Docker client configuration.

Warum Paket-Nerds sich dafür interessieren

For package and container infrastructure maintainers, manifest-tool is historically important because it represents the period when multi-arch container images were still being assembled with specialized external tooling. It is also a useful reference point for the evolution from Docker manifest lists to OCI indexes.

Zeitleiste

  • 2016: Public GitHub repository created.
  • 2016: Docker v2.2 manifest lists were the target format described by the project.
  • 2018: Docker CLI manifest work drew on manifest-tool code according to the README.
  • 2025: v2.2.0 release published.
  • 2026: v2.2.2 release published.

Related projects

  • The README names skopeo as the original registry-client lineage for early manifest-tool code.
  • The README points to `mquery` as a related utility for querying public image references.
  • The Docker CLI `docker manifest` command is described by the README as having incorporated much of manifest-tool's original functionality.

Sicherheitslage

Risikostufe: orange

broad file, network, media, or database tool signal. infrastructure mutation or orchestration signal.

Risikoklassifikator

orange Risiko · mittel Konfidenz · infrastructure

Warum

  • broad file, network, media, or database tool signal
  • infrastructure mutation or orchestration signal

Signale

  • text:container
  • text:image

Installationsverhalten

  • In den Formelmetadaten ist kein Homebrew-Post-install-Hook erfasst.
  • Homebrew-Bottle-Metadaten sind für 6 Plattformziele verfügbar.
  • Build-Metadaten listen 1 Build-Abhängigkeiten.

Empfohlene Prüfung

Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.

Executables

Installierte Executables

BefehlArtSichtbarkeitHinweis
manifest-toolcliglobales Executable

Aktualität

Version und Aktualität

Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.

Seite generiert2026-07-08
Manager-Version2.2.2
Manager aktualisiert2026-05-06
lokale DatenOK
Upstreamaktuell
neueste erkannte Versionv2.2.2

https://github.com/estesp/manifest-tool

  • OKEs wurden keine Aktualitätswarnungen generiert.

Installationsmetadaten

Paketmetadaten

Paketschlüsselbrew:manifest-tool
Version2.2.2
PaketmanagerHomebrew
Paketmanager-Seitehttps://formulae.brew.sh/formula/manifest-tool
Homepagehttps://github.com/estesp/manifest-tool/
Repositoryhttps://github.com/estesp/manifest-tool
Upstream-Dokumentationhttps://github.com/estesp/manifest-tool#readme
LizenzApache-2.0
Quellarchivhttps://github.com/estesp/manifest-tool/archive/refs/tags/v2.2.2.tar.gz
Zuletzt aktualisiert2026-05-06T12:33:46Z
Pulseupdated
Build-Abhängigkeitengo
Bottleverfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnicht definiert
Dienstkeiner deklariert

Registry-Fakten

Details aus der Quelldatenbank

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namemanifest-tool
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

Source-Datenbank-Treffer

Andere Paketmanager-Einträge

Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.

Nix95%

manifest-tool

nix profile install nixpkgs#manifest-tool
  • normalized package name match
  • Abgeglichen nach: Manifest Tool
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/ma/manifest-tool/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
apk95%

manifest-tool 2.2.1-r4

tool for inspecting and creating multi-platform container images

https://github.com/estesp/manifest-tool

sudo apk add manifest-tool
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: manifest-tool
  • 1 Abhängigkeiten
  • 1 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Manifest Tool
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: manifest-tool from https://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
dnf95%

manifest-tool 2.0.8-12.fc44

A command line tool used for creating manifest list objects

https://github.com/estesp/manifest-tool

sudo dnf install manifest-tool
  • License: Apache-2.0
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: manifest-tool
  • 2 Abhängigkeiten
  • 2 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Manifest Tool
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: manifest-tool from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

Quellspur

Aus Repository-Daten generiert

Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.

Verwendete Quellen

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment