# manifest-tool mit Homebrew, apk, dnf, Nix installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für manifest-tool in AI-Agent-Workflows.

## Installation

```sh
sudo av install brew:manifest-tool
```

Weitere Installationsbefehle:

### macOS

- Homebrew (100%):

```sh
brew install manifest-tool
```

  Evidenz: local Homebrew formula metadata

### Linux

- apk (92%):

```sh
sudo apk add manifest-tool
```

  Evidenz: Alpine Linux edge package indexes: manifest-tool from https://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz

- dnf (92%):

```sh
sudo dnf install manifest-tool
```

  Evidenz: Fedora Rawhide package metadata: manifest-tool from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#manifest-tool
```

  Evidenz: nixpkgs package indexes: pkgs/by-name/ma/manifest-tool/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Paketfakten

- **Paketschlüssel:** brew:manifest-tool
- **Paketmanager:** Homebrew
- **Paketmanager-Seite:** <https://formulae.brew.sh/formula/manifest-tool>
- **Version:** 2.2.2
- **Quellzusammenfassung:** Command-line tool to create and query container image manifest list/indexes
- **Homepage:** <https://github.com/estesp/manifest-tool/>
- **Repository:** <https://github.com/estesp/manifest-tool>
- **Upstream-Dokumentation:** <https://github.com/estesp/manifest-tool#readme>
- **Lizenz:** Apache-2.0
- **Quellarchiv:** <https://github.com/estesp/manifest-tool/archive/refs/tags/v2.2.2.tar.gz>
- **Zuletzt aktualisiert:** 2026-05-06T12:33:46Z
- **Generiert:** 2026-07-08T07:18:31+00:00

## Executables

- manifest-tool (cli)
- manifest-tool (Alias)

## Build-Abhängigkeiten

- go

## Installationsverhalten

- Post-install-Hook: nicht definiert
- Bottle: verfügbar auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Version und Aktualität

- Seite generiert: 2026-07-08
- Manager-Version: 2.2.2
- Manager aktualisiert: 2026-05-06
- lokale Daten: OK
- Upstream-Repository: https://github.com/estesp/manifest-tool
- neueste erkannte Version: v2.2.2 (aktuell)
## Projektgeschichte und Nutzung

manifest-tool is a Go command-line utility for inspecting and pushing multi-platform container image manifest lists and OCI image indexes. It helped make multi-architecture container image publishing practical before those workflows were common in mainstream container CLIs.

### Projektgeschichte

The public repository was created in March 2016. The README describes manifest-tool as one of the first command-line tools capable of assembling Docker v2.2 manifest lists, later more commonly known as OCI image indexes.

The project's history section says the codebase began as a joint project with Harshal Patil from IBM Bangalore and was originally forked from registry client code in skopeo, which later became part of the Red Hat container tooling ecosystem. The v2 rewrite removed the original skopeo-derived code, while the old code remained part of v1 releases.

### Adoptionsgeschichte

manifest-tool gained relevance during the transition from one-image-per-architecture publishing to a single image reference that can resolve to architecture-specific images. The README notes that Docker's early `docker manifest` command was based on code from manifest-tool through a Docker CLI pull request in early 2018.

The project distributes release binaries for many architectures and also publishes a Docker image, matching the multi-platform audience it serves. By 2026 the repository had hundreds of stars and forks, indicating continued use even after Docker and other container tools added overlapping functionality.

### Wie es verwendet wird

Users inspect an image reference with `manifest-tool inspect` to see manifest or index entries and platform support. For publishing, `manifest-tool push` can read a YAML spec or command-line arguments that list platforms, source image templates, target image references, and tags.

For pushing to a registry, the README says credentials can be supplied on the command line, via credential helper support similar to the Docker client, or through an existing Docker client configuration.

### Warum Paket-Nerds sich dafür interessieren

For package and container infrastructure maintainers, manifest-tool is historically important because it represents the period when multi-arch container images were still being assembled with specialized external tooling. It is also a useful reference point for the evolution from Docker manifest lists to OCI indexes.

### Zeitleiste

- 2016: Public GitHub repository created.
- 2016: Docker v2.2 manifest lists were the target format described by the project.
- 2018: Docker CLI manifest work drew on manifest-tool code according to the README.
- 2025: v2.2.0 release published.
- 2026: v2.2.2 release published.

### Related projects

- The README names skopeo as the original registry-client lineage for early manifest-tool code.
- The README points to `mquery` as a related utility for querying public image references.
- The Docker CLI `docker manifest` command is described by the README as having incorporated much of manifest-tool's original functionality.

### Quellen

- <https://github.com/docker/cli/pull/138>
- <https://github.com/estesp/manifest-tool>
- <https://github.com/estesp/manifest-tool#readme>
- <https://github.com/estesp/manifest-tool/releases/tag/v2.2.2>
- <https://github.com/estesp/mquery>


## Sicherheitshinweise

broad file, network, media, or database tool signal. infrastructure mutation or orchestration signal.

- **Geiger-Risiko:** orange / mittel
- broad file, network, media, or database tool signal
- infrastructure mutation or orchestration signal

## Details aus der Quelldatenbank

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** manifest-tool
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Andere Paketmanager-Einträge

- Nix - manifest-tool: normalized package name match | nixpkgs package indexes: pkgs/by-name/ma/manifest-tool/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- apk - manifest-tool - 2.2.1-r4: normalized package name match | Alpine Linux edge package indexes: manifest-tool from https://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz | tool for inspecting and creating multi-platform container images | https://github.com/estesp/manifest-tool
- dnf - manifest-tool - 2.0.8-12.fc44: normalized package name match | Fedora Rawhide package metadata: manifest-tool from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | A command line tool used for creating manifest list objects | https://github.com/estesp/manifest-tool


## Verwandte Links

- [Cloud CLI packages](https://www.automicvault.com/de/pkg/cloud-clis/) - Belongs to a cloud or infrastructure command family.
- [Source-control packages](https://www.automicvault.com/de/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/de/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/de/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [go](https://www.automicvault.com/de/pkg/brew/go/) - Build dependency declared by Homebrew.
- [cdebug](https://www.automicvault.com/de/pkg/brew/cdebug/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [cekit](https://www.automicvault.com/de/pkg/brew/cekit/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [chunkah](https://www.automicvault.com/de/pkg/brew/chunkah/) - Shares av.db curated category or tags: cli, containers, developer-tools, oci.
- [devcontainer](https://www.automicvault.com/de/pkg/brew/devcontainer/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [dockcheck](https://www.automicvault.com/de/pkg/brew/dockcheck/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [docker](https://www.automicvault.com/de/pkg/brew/docker/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [docker-buildx](https://www.automicvault.com/de/pkg/brew/docker-buildx/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [docker-clean](https://www.automicvault.com/de/pkg/brew/docker-clean/) - Shares av.db curated category or tags: cli, containers, developer-tools, docker.
- [cek](https://www.automicvault.com/de/pkg/brew/cek/) - Both packages work with overlapping file formats or content types. Shared terms: cli, container, containers, developer, developer-tools.
- [diffoci](https://www.automicvault.com/de/pkg/brew/diffoci/) - Local package facts share a topical domain. Shared terms: cli, container, containers, developer, developer-tools.

## Combined YAML source

View the package source record on GitHub. [combined/manifest-tool.yml](https://github.com/automic-vault/db/blob/main/combined/manifest-tool.yml)


## Quellen

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
