Dan Luhring's repositories
anchore-vulnerability-match-labels
Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
chainguard-github
Default files to be used for any public repository under the chainguard-dev organization.
chainguard-image-rumble
Data collection for base image CVEs etc.
chainguard-images
Public Chainguard Images
dive
A tool for exploring each layer in a docker image
gobump
Go tool to declaratively bump dependencies.
golang-vuln
[mirror] the database client and tools for the Go vulnerability database
openvex-community
OpenVEX project community documentation
osvdb
Consume OSV data, build a vulnerability database, query the database
sbom-action
GitHub Action for creating software bill of materials using Syft.
vunnel
Tool for collecting vulnerability data from various sources (used to build the grype database)
wolfi-advisories
Security advisory data for Wolfi
wolfi-secdb
Tool for generating Wolfi security databases
wolfictl
A CLI used to work with the Wolfi OSS project
yam
A sweet little formatter for YAML