Docker Hub Image Intelligence API | Tags, Pulls & Search

Monitor public Docker Hub repositories to proactively secure your infrastructure and automate your container supply chain. This Docker Image Update Monitor provides deep image tracking by directly querying the stable Docker Hub v2 API, completely eliminating the sluggishness of headless browser scraping. Security teams and system administrators depend on this fast, reliable monitor to schedule daily or weekly recurring checks on essential base images like nginx or redis. By maintaining a watchlist of critical URLs or search queries, you ensure your team is instantly aware of tag drift, new container versions, or potential vulnerability windows. You no longer have to manually check web pages to see if an important base image has been patched. The monitor automatically extracts and logs crucial data fields such as exact tag timestamps, storage sizes, full repository descriptions, pull signals, and star counts. Running this extraction on a strict schedule allows infrastructure and DevSecOps teams to pipe container update alerts straight into Slack, Jira, or native CI/CD pipelines. Track exactly what changes across your targeted repositories over time, keep your base layers secure, and streamline your entire dependency management workflow with precision.

Store Quickstart

• Start with 2–5 repositories such as library/nginx or redis.
• Keep maxTagsPerRepo around 20–50 on the first run so tag enrichment stays cheap and fast.
• Use searchTerms only when you want discovery; skip them when you already know the repositories you care about.
• After the first useful run, move to the recurring watchlist template for repeat base-image checks, then use the webhook handoff template for tag-drift alerts.

V1 behavior

• Direct repository inputs such as library/nginx or bare names such as nginx (normalized to library/nginx)
• Optional searchTerms via the public Docker Hub search endpoint
• Live repository metadata: description, full_description, pulls, stars, repository type, visibility, timestamps, categories when Docker Hub exposes them, and repository-level storage size when Docker Hub exposes it
• Live tag pagination capped by maxTagsPerRepo, with up to 100 tags fetched per API page
• Per-tag OS / architecture platform normalization
• Honest repository and search statuses: ok, not_found, rate_limited, error

Out of scope

• Docker Scout
• CVEs / vulnerability scanning
• Private repository intelligence beyond explicit public-access warnings

Use Cases

Who	Why
DevOps teams	Review base image freshness, pull signals, and tag sprawl before standardizing images
Platform engineers	Compare competing public repositories with one normalized schema
Security teams	Inventory public repos and tags before deeper image scanning
Analysts	Track vendor or ecosystem container footprints from public metadata

Input

Provide at least one of:

• repositories: exact repository slugs to fetch
• searchTerms: public Docker Hub search queries

Key options:

• includeTags (default true)
• maxTagsPerRepo (default 100, max 500)
• maxSearchResults (default 25, max 250)
• delivery: dataset or webhook
• dryRun

Input Examples

Example: Single-target audit

{
  "targets": [
    "example-target-1"
  ],
  "maxResultsPerTarget": 30
}

Example: Bulk portfolio

{
  "targets": [
    "target-1",
    "target-2",
    "target-3"
  ],
  "maxResultsPerTarget": 50,
  "snapshotKey": "dockerhub-image-intelligence-state"
}

Example: Recurring delta watch

{
  "targets": [
    "target-1"
  ],
  "snapshotKey": "dockerhub-image-intelligence-state",
  "emitChangedOnly": true
}

Output

• meta: run summary, scope note, and explicit warnings
• searches: normalized search responses and status per query
• repositories: normalized repository records with tags and tagSummary

When Docker Hub omits fields such as categories or repository storage size, the actor returns null / [] and records an explicit warning instead of silently inventing values.

Output Example

{
  "repository": "library/nginx",
  "status": "ok",
  "description": "Official build of Nginx.",
  "pullCount": 456,
  "starCount": 123,
  "tagSummary": { "total": 2, "truncated": true },
  "tags": [
    {
      "name": "1.27",
      "lastPulledAt": "2025-01-04T00:00:00.000Z",
      "platforms": [{ "os": "linux", "architecture": "amd64" }]
    }
  ],
  "warnings": []
}

Local run

npm test
npm start

npm start reads input.json locally and writes output/result.json.

Related Actors

Pair this actor with other flagship intelligence APIs in the same portfolio:

• NPM Package Intelligence API — audit JavaScript packages that feed the applications inside your images.
• PyPI Package Intelligence API — profile Python dependencies alongside public container repositories.
• Shopify Store Intelligence API — combine storefront research with infrastructure-facing image intelligence.

Pricing & Cost Control

Apify Store pricing is usage-based, so cost mainly follows how many repositories and tags you inspect. Check the Store pricing card for the current per-event rates.

• Keep maxTagsPerRepo and maxSearchResults low for exploratory runs.
• Set includeTags to false when repository-level metadata is enough.
• Use dryRun: true before larger repo watchlists or webhook delivery.
• Prefer dataset delivery while you validate which tag fields matter downstream.

⭐ Was this helpful?

If this actor saved you time, please leave a ★ rating on Apify Store. It takes 10 seconds, helps other developers discover it, and keeps updates free.

Bug report or feature request? Open an issue on the Issues tab of this actor.