How to install grype in windows 10
Solution 1:
Can be installed via wsl 2 for windows 10 https://en.wikipedia.org/wiki/Windows_Subsystem_for_Linux
(i've found it better personally than the docker version, being about 30-40% quicker but that could just be my local machine)
Instructions:
-
install wsl 2 for windows 10
more info: https://docs.microsoft.com/en-us/windows/wsl/install-win10
-
install grype via script in wsl 2, to a local mounted directory
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /mnt/c/xxx # in my case /mnt/c/dev/bin/grype/ === "C:\dev\bin\grype" curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /mnt/c/dev/bin/grype/more info: https://github.com/anchore/grype#installation
-
add the path you installed grype into, into your PATH (for me that was "C:\dev\bin\grype")
more info: https://www.architectryan.com/2018/03/17/add-to-the-path-on-windows-10/
-
open up grype in wsl 2 linux on windows
Result:
local@DESKTOP-GPVF0RR:~$ grype version
Application: grype
Version: 0.13.0
BuildDate: 2021-06-02T01:57:12Z
GitCommit: 3d21b8397d65770d292184b09a4f676bce6f3ec8
GitTreeState: clean
Platform: linux/amd64
GoVersion: go1.16.4
Compiler: gc
Supported DB Schema: 3
with scan
local@DESKTOP-GPVF0RR:~$ grype python --scope all-layers
✔ Vulnerability DB [updated]
✔ Parsed image
✔ Cataloged packages [1349 packages]
✔ Scanned image [4054 vulnerabilities]
NAME INSTALLED FIXED-IN VULNERABILITY SEVERITY
apt 1.8.2.3 CVE-2011-3374 Negligible
bash 5.0-4 CVE-2019-18276 Negligible
binutils 2.31.1-16 CVE-2018-18483 Negligible
....