GitHub - snyk/snyk-docker-plugin: This plugin provides dependency metadata for Docker images

Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.

ℹ️ This repository is only a plugin to be used with the Snyk CLI tool. To use this plugin to test and fix vulnerabilities in your project, install the Snyk CLI tool first. Head over to snyk.io to get started.

Snyk Docker CLI Plugin

This plugin provides dependency metadata for Docker images.

Supported functionality

Package managers:

rpm, apk, deb

Operating systems:

Debian, Red Hat, Alpine, Oracle, CentOS, SLES, OpenSUSE, Amazon Linux, vanilla Linux
Distroless and scratch images

Platforms:

Linux: ARM, AMD, PPC, MIPS, s390x

Image protocols:

Docker archive, OCI archive
pulling images from a Docker socket
pulling from container registries (with support for username and password authentication)

Applications:

Node (npm, yarn)
Java (jar files)
detecting package manager manifests (Python, Ruby)

Others:

Dockerfile analysis
identifying Node and Java binaries installed outside the package manager
running on Windows (not the same as scanning Windows containers)
collecting the rootFs hashes for base image detection and recommendation

Tests

Refer to test/README.md for running and writing tests.

Name	Name	Last commit message	Last commit date
Latest commit wayne-grant Merge pull request #647 from snyk/chore/reclassify Feb 21, 2025 600995b · Feb 21, 2025 History 1,241 Commits
.circleci	.circleci	fix: store test logs to artifact in pipeline	Nov 21, 2024
.github	.github	chore: handover service to unify [TRACKER-81]	Mar 13, 2024
components	components	feat: produce oci distribution metadata fact	Feb 5, 2024
lib	lib	feat: add kaniko archive scan support (#642 )	Feb 10, 2025
scripts	scripts	chore: script to run app-vuln scans to check performance	Aug 23, 2021
test	test	feat: add kaniko archive scan support (#642 )	Feb 10, 2025
.commitlintrc.json	.commitlintrc.json	chore: commit lint	Jun 22, 2022
.gitignore	.gitignore	fix: correctly handle image target that has both digest and tag	Aug 31, 2023
.gitleaksignore	.gitleaksignore	chore: ignore test files in gitleaks	Dec 23, 2024
.npmignore	.npmignore	chore: Remove unused lint configs	May 23, 2019
.nvmrc	.nvmrc	feat: Update node runtime to 14	Sep 20, 2021
.pre-commit-config.yaml	.pre-commit-config.yaml	chore: secrets scanning	Jun 26, 2023
.prettierrc	.prettierrc	chore: update linting	May 23, 2019
.snyk	.snyk	chore: vuln fixes for crosspawen and micromatch	Nov 20, 2024
Contributor-Agreement.md	Contributor-Agreement.md	chore: contribution agreement	Aug 5, 2018
LICENSE	LICENSE	feat: Intial commit	Mar 1, 2018
README.md	README.md	docs: fix type in README	Oct 18, 2021
appveyor.yml	appveyor.yml	feat: support Node version >= 8	Jul 9, 2020
catalog-info.yaml	catalog-info.yaml	chore: re-classify as snyk-cli-plugin	Feb 21, 2025
jest.config.js	jest.config.js	chore: bump jest to latest [LUM-739]	Oct 22, 2023
package-lock.json	package-lock.json	chore: simplify npm package overrides	Dec 10, 2024
package.json	package.json	chore: simplify npm package overrides	Dec 10, 2024
tsconfig.json	tsconfig.json	fix: upgrade Typescript target	Nov 13, 2024
tslint.json	tslint.json	fix: uses options.platform to select correct manifest from OCI layout	Feb 26, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Snyk Docker CLI Plugin

Supported functionality

Tests

About

Releases 365

Packages

Contributors 61

Languages

License

snyk/snyk-docker-plugin

Folders and files

Latest commit

History

Repository files navigation

Snyk Docker CLI Plugin

Supported functionality

Tests

About

Resources

License

Stars

Watchers

Forks

Releases 365

Packages 0

Contributors 61

Languages

Packages