Overview
RegiS CLI includes several built-in analyzers that extract specific data from container images.
dockle
The dockle analyzer is a container image linter that checks for security issues and best practices using Dockle.
endoflife
The endoflife analyzer checks the support status of the software in the image using the endoflife.date API.
freshness
The freshness analyzer tracks the age of a container image and compares it to the latest version.
hadolint
The hadolint analyzer lints a "pseudo-Dockerfile" reverse-engineered from the image history using Hadolint.
popularity
The popularity analyzer provides community adoption metrics from public registries.
provenance
The provenance analyzer checks for SLSA (Supply-chain Levels for Software Artifacts) provenance and build attestations.
sbom
The sbom analyzer generates a Software Bill of Materials (SBOM) for container images using Trivy.
scorecarddev
The scorecarddev analyzer fetches OpenSSF Scorecard security assessments for the image source repository.
size
The size analyzer provides a detailed breakdown of an image's compressed size.
skopeo
The skopeo analyzer fetches image metadata and platform details using the Skopeo CLI.
trivy
The trivy analyzer scans container images for vulnerabilities and secrets using the Trivy CLI.
versioning
The versioning analyzer detects and classifies the tag naming patterns used by a repository.