安装

使用 Automic Vault 安装

Automic Vault

sudo av install brew:grype

macOS

Homebrewverified · 100%

brew install grype

local Homebrew formula metadata

MacPortsverified · 94%

sudo port install grype

MacPorts ports tree · security/grype/Portfile · source: api.github.com

Linux

Alpine Linux apkverified · 92%

sudo apk add grype

Alpine Linux edge package indexes · grype · source: dl-cdn.alpinelinux.org

Nixverified · 92%

nix profile install nixpkgs#grype

nixpkgs package indexes · pkgs/by-name/gr/grype/package.nix · source: api.github.com

openSUSE zypperverified · 92%

sudo zypper install grype

openSUSE Tumbleweed package metadata · grype · source: download.opensuse.org

Windows

Chocolateyverified · 92%

choco install grype

Chocolatey community package catalog · grype · source: community.chocolatey.org

Scoopverified · 92%

scoop install main/grype

Scoop official bucket manifest trees · bucket/grype.json · source: api.github.com

Windows Package Managerverified · 92%

winget install --id Anchore.Grype -e

Windows Package Manager source index · Anchore.Grype · source: cdn.winget.microsoft.com

软件包管理器来源

https://formulae.brew.sh/formula/grype

平台说明

没有特定于此软件包的平台说明。

概览

软件包摘要

Vulnerability scanner for container images and filesystems

主页

https://github.com/anchore/grype

命令和别名

grype

安全态势

风险级别：red

broad file, network, media, or database tool signal. escape, surveillance, or offensive capability signal.

Risk classifier

red risk · medium confidence · escape-surveillance-offensive

Why

broad file, network, media, or database tool signal
escape, surveillance, or offensive capability signal
infrastructure mutation or orchestration signal

Signals

text:container
text:image
text:vulnerability scanner

Install behavior

No Homebrew post-install hook is recorded in formula metadata.
Homebrew bottle metadata is available for 6 platform targets.
Build metadata lists 1 build dependencies.

建议审查

在无人值守的代理使用前，请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。

可执行文件

已安装的可执行文件

命令	类型	暴露范围	备注
`grype`	cli	global executable

新鲜度

版本和新鲜度

这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时，才会提示版本落后。

页面生成时间2026-06-10

管理器版本0.114.0

管理器更新时间2026-06-05

本地数据ok

上游current

检测到的最新版本v0.114.0

https://github.com/anchore/grype

okNo freshness warnings were generated.

安装元数据

软件包元数据

Package key	brew:grype
Version	0.114.0
Package manager	Homebrew
Package manager page	https://formulae.brew.sh/formula/grype
Homepage	https://github.com/anchore/grype
Repository	https://github.com/anchore/grype
Upstream docs	https://github.com/anchore/grype#readme
License	Apache-2.0
Source archive	https://github.com/anchore/grype/archive/refs/tags/v0.114.0.tar.gz
Last updated	2026-06-05T18:22:18Z
Pulse	updated
Build dependencies	go
Bottle	available (arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-install	not defined
Service	none declared

registry facts

Source database details

Source Database	Homebrew formula API
Tap	homebrew/core
Full Name	grype
Version Scheme	0
Revision	0
Head Version	HEAD
Bottle Stable Root URL	https://ghcr.io/v2/homebrew/core
Deprecated	no
Disabled	no
Keg Only	no
URL Keys	head stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

grype

nix profile install nixpkgs#grype

normalized package name match
Matched by: Grype

nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/gr/grype/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

apk95%

grype 0.111.0-r1

Vulnerability scanner for container images, filesystems, and SBOMs

https://github.com/anchore/grype

sudo apk add grype

License: Apache-2.0
Architecture: x86_64
Source Package: grype
1 dependencies
1 provides
normalized package name match
Matched by: Grype

Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: grype from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

apk95%

grype-bash-completion 0.111.0-r1

Bash completions for grype

https://github.com/anchore/grype

sudo apk add grype-bash-completion

License: Apache-2.0
Architecture: x86_64
Source Package: grype
normalized package name match
Matched by: Grype

Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: grype-bash-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

apk95%

grype-fish-completion 0.111.0-r1

Fish completions for grype

https://github.com/anchore/grype

sudo apk add grype-fish-completion

License: Apache-2.0
Architecture: x86_64
Source Package: grype
normalized package name match
Matched by: Grype

Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: grype-fish-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

apk95%

grype-zsh-completion 0.111.0-r1

Zsh completions for grype

https://github.com/anchore/grype

sudo apk add grype-zsh-completion

License: Apache-2.0
Architecture: x86_64
Source Package: grype
normalized package name match
Matched by: Grype

Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: grype-zsh-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

zypper95%

grype 0.112.0-1.1

A vulnerability scanner for container images and filesystems

https://github.com/anchore/grype

sudo zypper install grype

License: Apache-2.0
Category: Unspecified
Architecture: x86_64
Source Package: grype
1 dependencies
1 provides
normalized package name match
Matched by: Grype

openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: grype from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst

zypper95%

grype-bash-completion 0.112.0-1.1

Bash Completion for grype

https://github.com/anchore/grype

sudo zypper install grype-bash-completion

License: Apache-2.0
Category: System/Shells
Architecture: noarch
Source Package: grype
2 dependencies
1 provides
normalized package name match
Matched by: Grype

openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: grype-bash-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst

zypper95%

grype-fish-completion 0.112.0-1.1

Fish Completion for grype

https://github.com/anchore/grype

sudo zypper install grype-fish-completion

License: Apache-2.0
Category: System/Shells
Architecture: noarch
Source Package: grype
1 dependencies
1 provides
normalized package name match
Matched by: Grype

openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: grype-fish-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst

zypper95%

grype-zsh-completion 0.112.0-1.1

Zsh Completion for grype

https://github.com/anchore/grype

sudo zypper install grype-zsh-completion

License: Apache-2.0
Category: System/Shells
Architecture: noarch
Source Package: grype
1 dependencies
1 provides
normalized package name match
Matched by: Grype

openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: grype-zsh-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst

MacPorts95%

grype

sudo port install grype

normalized package name match
Matched by: Grype

MacPorts ports tree · api.github.com · MacPorts ports tree: security/grype/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

Chocolatey95%

grype

choco install grype

normalized package name match
Matched by: Grype

Chocolatey community package catalog · community.chocolatey.org · Chocolatey community package catalog: grype from http://community.chocolatey.org/api/v2/Packages?$filter=IsLatestVersion&$select=Id&$top=1000&$skiptoken='11','gpg4win-vanilla'

Scoop95%

main/grype

scoop install main/grype

normalized package name match
Matched by: Grype

Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/grype.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1

winget95%

Anchore.Grype

winget install --id Anchore.Grype -e

normalized package name match
Matched by: Grype

Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: Anchore.Grype from https://cdn.winget.microsoft.com/cache/source.msix

软件包图谱

链接来自本地软件包关系图、补充数据、依赖边、生态匹配和软件包 hub 归属。

来源线索

由仓库数据生成

此页面由 av-web 从 scripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。

使用的来源

Geiger risk classifier
Nucleus package database
av.db category and tag curation
cross-ecosystem install command graph
external package-manager database matches
package relationship graph
package version freshness
package-page enrichment

安装 grype

使用 Automic Vault 安装

macOS

Linux

Windows

软件包管理器来源

平台说明

软件包摘要

主页

命令和别名

风险级别：red

Risk classifier

Why

Signals

Install behavior

建议审查

已安装的可执行文件

版本和新鲜度

软件包元数据

Source database details

Other package-manager records

内部软件包链接

主题 hub

相关工具

相同工作流

Agent security guides

由仓库数据生成

使用的来源