vexctl
« Back to VersTracker
Description:
Tool to create, transform and attest VEX metadata
Type: Formula  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security vex openvex sbom vulnerability-management devsecops
Install: brew install vexctl
About:
vexctl is a command-line interface (CLI) tool designed for working with OpenVEX metadata. It allows users to create, transform, and attest to VEX documents, which are used to communicate the impact of vulnerabilities in software packages. The tool helps developers and security teams integrate VEX workflows into their CI/CD pipelines for better software supply chain security.
Key Features:
  • Create and manipulate OpenVEX documents
  • Transform existing vulnerability data into VEX format
  • Sign and attest VEX documents for integrity
  • Integrate seamlessly into CI/CD pipelines
  • Supports multiple output formats
Use Cases:
  • Generating VEX statements for a software bill of materials (SBOM)
  • Automating vulnerability disclosure and mitigation status
  • Verifying the integrity of VEX metadata in a secure pipeline
Alternatives:
  • grype – Grype is primarily a vulnerability scanner for container images and filesystems, whereas vexctl focuses specifically on generating and managing VEX metadata for those findings.
  • trivy – Trivy is a comprehensive scanner that can also generate VEX documents, but vexctl is a dedicated toolset for advanced VEX transformation and attestation.
Version History
Detected Version Rev Change Commit
Oct 2, 2025 2:45am 0 VERSION_BUMP a6a64018
Sep 11, 2025 9:39pm 0 VERSION_BUMP bcc1125e
Dec 5, 2024 12:27am 0 VERSION_BUMP bceff889
« Back to VersTracker  |  Browse Packages  |  About