DEV Community

Cover image for ๐Ÿช„ Grype jq tricks : csv for spreadsheets ๐Ÿ“Š
adriens for opt-nc

Posted on

4

๐Ÿช„ Grype jq tricks : csv for spreadsheets ๐Ÿ“Š

โ” About

Often, when you talk about an image vulnerabilities, you need to get that kind of charts in a spreadsheet:

Image description

Therefore we created the following issue :

๐Ÿช„ Implement jq trick to group and count by severity #8

Provide the jq query that takes in input a grype -o json command and returns

"Negligible",0
"Low",4
"High",10

see Group vulnerabilities by severity

๐Ÿฆ Tweet : image

๐Ÿช„ The jq trick

Just follow (and bookmark) the following guidelines to enjoy the trick :

Image description

๐Ÿฟ Showtime

Enough talk, let's see the trick in action :

๐Ÿ”– Resources

GitHub logo opt-nc / grype-contribs

A set of resources around Anchore's grype tool

โ” About

The aim of this repo is to summarize some resources around Grype to take the best ouf this great tool.

๐Ÿ”– Discover grype-contribs

To learn more about this project, take a glance at :

asciicast

๐Ÿงฐ Prerequisites

For an optimal usage of these resources, you'll need :

  • git
  • brew installed
  • python3 and pip

Install tools

brew tap anchore/grype
brew install grype

We'll use termgraph, "A command-line tool that draws basic graphs in the terminal," :

python3 -m pip install termgraph

Finally clone this repo :

gh repo clone opt-nc/grype-contribs
cd grype-contribs

๐Ÿ‘‰ You are ready.

๐Ÿ“œ Templating

Since v0.42.0, and its issue #724 it is possible to transform analysis report with templates.

This feature makes it possible to build nicely useable and highly customizable reports.

๐Ÿ“Š Aggregated report in the terminal (termgraph)

โ€ฆ
Enter fullscreen mode Exit fullscreen mode

Top comments (4)

Collapse
 
murtazahashwani profile image
Murtaza Hashwani โ€ข

Thanks for sharing this tip @adriens

Collapse
 
adriens profile image
adriens โ€ข

Thanks for the feedback ;-p

Collapse
 
adriens profile image
adriens โ€ข

Great contrib @mbarre ๐Ÿ™Œ

Collapse
 
adriens profile image
adriens โ€ข

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

๐Ÿ‘‹ Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Communityโ€”every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple โ€œthank youโ€ goes a long wayโ€”express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay