Issues and Discussions
When to use GitHub Issues versus Discourse Discussions
Contributing
Guidelines for developing & contributing to Anchore Open Source projects
Welcome! We appreciate all contributions to Anchore’s open source projects. Whether you’re fixing a bug, adding a feature, or improving documentation, your help makes these tools better for everyone.
Getting Help
The Anchore open source community is here to help. Use Discourse for questions, discussions, and troubleshooting. Use GitHub for reporting bugs, requesting features, and submitting code contributions. See Issues vs Discussions for guidance on which channel to use.
For security vulnerabilities, email security@anchore.com - do not create public issues. See our Security Policy for details.
Syft
Developer guidelines when contributing to Syft
Grype
Developer guidelines when contributing to Grype
Pull Requests
Guidelines for submitting pull requests and working with reviewers
Grype DB
Developer guidelines when contributing to Grype DB
Vunnel
Developer guidelines when contributing to Vunnel
Grant
Developer guidelines when contributing to Grant
Sign-off Commits
How to sign-off commits with the Developer’s Certificate of Origin
SBOM Action
Developer guidelines when contributing to sbom-action
Security Policy
How to report security vulnerabilities in Anchore OSS projects
Code of Conduct
Community standards and guidelines for respectful collaboration
Scan Action
Developer guidelines when contributing to scan-action
Docs (this site!)
Style guide for writing Anchore OSS documentation