Alpine Package Analysis

NEW IN RELEASE 90

The Alpine coordinate based matching feature provides the ability to scan and evaluate Alpine package dependencies found in an alpine.txt file.

What is supported

Files named alpine.txt will be analyzed.

Integrations with Alpine scanning support

  • CLI from version 90
  • Jenkins from version TBA
  • Bamboo from version TBA

Steps to analyze using the CLI

Create alpine.txt file

To list the installed packages, and save the data to the required file, run the following command:

apk -v info > alpine.txt


Invoke a CLI scan of a directory or subdirectories containing an alpine.txt file.  Instructions on how to do this can be found here: Nexus IQ CLI.

Example alpine.txt file 

openssl-0.9.4
nss-3.12.4
expat-2.0.0

Output from cli

Dashboard results

Report results