Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the total types of vulnerabilities in Grype output #877

Closed
B3ns44d opened this issue Aug 15, 2022 · 6 comments · Fixed by #946
Closed

Add the total types of vulnerabilities in Grype output #877

B3ns44d opened this issue Aug 15, 2022 · 6 comments · Fixed by #946
Labels
enhancement New feature or request

Comments

@B3ns44d
Copy link

B3ns44d commented Aug 15, 2022

What would you like to be added:

The output would be greatly improved if we could include the total number of vulnerabilities in each category.

Something like this:

 ✔ Vulnerability DB        [updated]
 ✔ Loaded image
 ✔ Parsed image
 ✔ Cataloged packages      [16 packages]
 ✔ Scanned image           [5 vulnerabilities]
 ✔ Total: 5 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 4, CRITICAL: 1) <---- THIS

Why is this needed:

This facilitates identifying the different categories of vulnerabilities.
@B3ns44d B3ns44d added the enhancement New feature or request label Aug 15, 2022
@adriens
Copy link
Contributor

adriens commented Aug 15, 2022
edited
Loading

Hi, this can be achieved this way 👉 opt-nc/grype-contribs#8 (comment)
🤞 hopefully you'll find this helpful 😸

@B3ns44d
Copy link
Author

B3ns44d commented Aug 15, 2022

Thanks for the trick @adriens, nonetheless, it would also be great if it's built-in in Grype cli.

@spiffcs spiffcs added the good-first-issue Good for newcomers label Aug 15, 2022
@zhiburt zhiburt mentioned this issue Oct 4, 2022
Merged
@spiffcs spiffcs self-assigned this Oct 6, 2022
@spiffcs spiffcs added this to OSS Oct 6, 2022
@spiffcs spiffcs moved this to In Progress (Actively Resolving) in OSS Oct 6, 2022
@spiffcs spiffcs removed their assignment Oct 6, 2022
@spiffcs
Copy link
Contributor

spiffcs commented Oct 6, 2022

apologies should have assigned the PR

@gh-greg
Copy link

gh-greg commented Oct 28, 2022
edited
Loading

Regarding Printing Summary:
You ask, what is Twistlock / PrismaCloud 's' default CLI behaviour ?
To print this:

Vulnerabilities found for image MY_IMAGE: total - 114, critical - 1, high - 6, medium - 57, low - 50
[PRISMACLOUD] Found 1 relevant files
[PRISMACLOUD] Found 114 vulnerabilities in 1 images

@spiffcs spiffcs moved this from In Progress (Actively Resolving) to In Review in OSS Nov 29, 2022
@spiffcs spiffcs removed the good-first-issue Good for newcomers label Feb 2, 2023
@github-project-automation github-project-automation bot moved this from In Review to Done in OSS Mar 3, 2023
This was referenced Mar 3, 2023
Closed
Closed
Closed
Closed
Closed
This was referenced Mar 28, 2023
Closed
Closed
@pawelkowalak
Copy link

Hi, this can be achieved this way 👉 opt-nc/grype-contribs#8 (comment) 🤞 hopefully you'll find this helpful 😸

This is not the same, because that way you loose the detailed report. So to get the standard output table AND the summary, you need to scan image twice or save results as json and then parse it to list the CVEs.

@gh-greg
Copy link

gh-greg commented Apr 28, 2023

------

This is not the same, because that way you lose the detailed report.
So to get the standard output table AND the summary, you need to scan image twice
or save results as json and then parse it to list the CVEs.
(1) I agree with @pawelkowalak .
Going further, it would have been nice, to simply print "total types of vunls" , directly from the 1 and only run.
(2) However, is there some "unspoken requirement" by the Grype maintainers , at play in influencing the implementation?
Perhaps they felt (I'm mind-reading):
"It is too late to alter the default and now expected table output , in any way"

@luhring luhring mentioned this issue May 23, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
OSS
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add the total types of vulnerabilities in Grype output zhiburt/grype
5 participants
@pawelkowalak @adriens @spiffcs @B3ns44d @gh-greg