Updates and recent posts about Grype..

Posts
Description

Activity

@codechaintech started using tool Atlassian Bitbucket , 2 weeks, 4 days ago.

Link

@simme shared a link, 2 weeks, 5 days ago

Senior Engineering Manager, @canonical

Boring code is an organizational tell

Boring code is an organizational symptom, not an aesthetic failure. Co-change patterns in version control reveal team boundaries before any retrospective does; ownership concentration predicts defects better than code complexity metrics. With agents removing the friction that contained clever code accumulation, the incentive structures that produce boring code have never mattered more.

Activity

@simme started using tool Ubuntu , 2 weeks, 5 days ago.

Activity

@simme started using tool TypeScript , 2 weeks, 5 days ago.

Activity

@simme started using tool Python , 2 weeks, 5 days ago.

Activity

@simme started using tool PostgreSQL , 2 weeks, 5 days ago.

Activity

@simme started using tool lxd , 2 weeks, 5 days ago.

Activity

@simme started using tool Kubernetes , 2 weeks, 5 days ago.

Activity

@simme started using tool K6 , 2 weeks, 5 days ago.

Activity

@simme started using tool Juju , 2 weeks, 5 days ago.

Grype, developed by Anchore, is an open source vulnerability scanner that inspects container images, SBOMs, and filesystems for known CVEs. It supports multiple ecosystems, including Debian, Alpine, Red Hat, Python, Ruby, Go, and Java. Grype integrates with Syft for SBOM generation and provides precise, reproducible results with minimal configuration. Developers use it in CI pipelines, GitOps workflows, and security audits to enforce secure build practices and maintain supply chain visibility. Its speed, accuracy, and integration-first design make it a popular choice in DevSecOps environments.