Skip to content

/ clair

Vulnerability Static Analysis for Containers
containers static-analysis go kubernetes docker oci oci-image vulnerabilities clair
Go TSQL Smarty Shell Makefile Dockerfile Jsonnet
  1. Go 97.6%
  2. TSQL 0.9%
  3. Smarty 0.5%
  4. Shell 0.3%
  5. Makefile 0.3%
  6. Dockerfile 0.2%
  7. Jsonnet 0.2%
Branch: master
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Open in Desktop Download ZIP

Latest commit

@aminvakil
aminvakil Bump compose file version from 3.7 to 3.8 and Allow postgres access t… 
…o clarinet container without password (#1004)

* Bump compose file version from 3.7 to 3.8

Signed-off-by: Amin Vakil <info@aminvakil.com>

* Allow postgres access to clarinet container without password

Signed-off-by: Amin Vakil <info@aminvakil.com>
Latest commit dc8de7d May 30, 2020

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Fix last broken link in CONTRIBUTING.md Oct 21, 2019
Documentation Improve the documentation on running Clair (#912) May 27, 2020
api Use Handler from promhttp Jan 31, 2020
cmd/clair Notification: Add new stomp notifier (#694) May 28, 2020
database Add ability to configure read-only pgsql database (#884) May 28, 2020
ext [v3] Translate embedded repositories into CPEs (#1002) May 29, 2020
local-dev Fixed Clair-pg dependencies to work with Kubernetes 1.16+ + Improved … May 27, 2020
pkg [v3] Translate embedded repositories into CPEs (#1002) May 29, 2020
testdata/DistUpgrade clair: move worker to top level package Jan 26, 2017
.clang-format add .clang-format, lint proto Jul 12, 2019
.dockerignore Adding httputil and version packages Sep 5, 2018
.drone.jsonnet clair: create module Nov 12, 2019
.drone.yml Added Mitre as CVE metadata source (#692) May 27, 2020
CODEOWNERS add hdonnay Oct 31, 2019
DCO Initial commit Nov 13, 2015
Dockerfile Update alpine base image to 3.11 Feb 18, 2020
LICENSE Initial commit Nov 13, 2015
Makefile Fixed Clair-pg dependencies to work with Kubernetes 1.16+ + Improved … May 27, 2020
NOTICE Initial commit Nov 13, 2015
README.md Remove "Up and running" link duplication in README Jan 16, 2020
ROADMAP.md *: update roadmap Oct 8, 2018
analyzer.go Store layer info outside parallel go routines Dec 6, 2019
ancestry.go Filter our duplicated RPMs in higher layers. Jan 14, 2020
ancestry_test.go clair: rewrite imports Nov 12, 2019
bill-of-materials.json clair: rewrite imports Nov 12, 2019
blob.go clair: rewrite imports Nov 12, 2019
code-of-conduct.md update CoC Jan 4, 2018
config.yaml.sample Notification: Add new stomp notifier (#694) May 28, 2020
docker-compose.yaml.sample Bump compose file version from 3.7 to 3.8 and Allow postgres access t… May 30, 2020
go.mod [v3] Translate embedded repositories into CPEs (#1002) May 29, 2020
go.sum [v3] Translate embedded repositories into CPEs (#1002) May 29, 2020
license_header_test.go Add license header check test Mar 5, 2019
notifier.go clair: rewrite imports Nov 12, 2019
updater.go clair: rewrite imports Nov 12, 2019
updater_test.go clair: rewrite imports Nov 12, 2019

README.md

Clair

Build Status Docker Repository on Quay Go Report Card GoDoc IRC Channel

Note: The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable binaries.

Clair Logo

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).

  1. In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.
  2. Clients use the Clair API to index their container images; this creates a list of features present in the image and stores them in the database.
  3. Clients use the Clair API to query the database for vulnerabilities of a particular image; correlating vulnerabilities and features is done for each request, avoiding the need to rescan images.
  4. When updates to vulnerability metadata occur, a notification can be sent to alert systems that a change has occurred.

Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent.

Getting Started

Community

Contributing

See CONTRIBUTING for details on submitting patches and the contribution workflow.

License

Clair is under the Apache 2.0 license. See the LICENSE file for details.

You can’t perform that action at this time.