Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/quay/clair
Vulnerability Static Analysis for Containers
https://github.com/quay/clair
clair containers docker go kubernetes oci oci-image static-analysis vulnerabilities
Last synced: 3 days ago
JSON representation
Vulnerability Static Analysis for Containers
- Host: GitHub
- URL: https://github.com/quay/clair
- Owner: quay
- License: apache-2.0
- Created: 2015-11-13T18:46:16.000Z (about 9 years ago)
- Default Branch: main
- Last Pushed: 2024-04-26T21:17:05.000Z (8 months ago)
- Last Synced: 2024-04-27T05:00:23.118Z (8 months ago)
- Topics: clair, containers, docker, go, kubernetes, oci, oci-image, static-analysis, vulnerabilities
- Language: Go
- Homepage: https://quay.github.io/clair/
- Size: 33.2 MB
- Stars: 10,041
- Watchers: 228
- Forks: 1,151
- Open Issues: 30
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: .github/CONTRIBUTING.md
- License: LICENSE
- Code of conduct: code-of-conduct.md
- Codeowners: CODEOWNERS
- Roadmap: ROADMAP.md
Awesome Lists containing this project
- awesome-DevOpsSec - Clair - Vulnerability Static Analysis for Containers (Tools / Kubernetes)
- awesome-containerized-security - clair
- Self-Hosting-Guide - Clair - spec/blob/master/spec.md) and [Docker](https://github.com/docker/docker/blob/master/image/spec/v1.2.md)). (Tools for Self-Hosting / Containers)
- awesome-devsecops - Clair - _Red Hat_ - Scan App Container and Docker containers for publicly disclosed vulnerabilities. (Tools / Infrastructure as Code Analysis)
- DevSecOps - https://github.com/quay/clair - the-badge) | (Containers)
- awesome-repositories - quay/clair - Vulnerability Static Analysis for Containers (Go)
- awesome-cloud-security - Quay - Clair
- awesome-software-supply-chain-security - quay/clair: Vulnerability Static Analysis for Containers
- awesome-docker - Clair - Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. By [@coreos][coreos] (Container Operations / Security)
- awesome-golang-repositories - clair
- awesome-docker-security - Clair - Vulnerability Static Analysis to discovering Common Vulnerability Exposure (CVE) on containers and can integrate with CI like Gitlab CI which included on their [template](https://docs.gitlab.com/ee/user/application_security/container_scanning/). (Tools / Container Scanning)
- awesome-cloud-security - 地址
- awesome-devsecops-russia - Clair
- awesome-hacking-lists - quay/clair - Vulnerability Static Analysis for Containers (Go)
- awesome-docker - Clair - Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. By [@coreos][coreos] (Container Operations / Security)
- awesome-software-supply-chain-security - Clair - ![GitHub stars](https://img.shields.io/github/stars/quay/clair?style=flat-square) - Vulnerability Static Analysis for Containers (Container Security Scanners)
- awesome-docker-security - Clair - 静态漏洞分析工具,发现容器中的 CVE,可集成到 CI,如 Gitlab CI。 (工具 / 容器扫描)
- awesome-devsecops - Clair - _Red Hat_ - Scan App Container and Docker containers for publicly disclosed vulnerabilities. (Tools / Infrastructure as Code Analysis)
- awesome-starred - quay/clair - Vulnerability Static Analysis for Containers (kubernetes)
- awesome-docker-security - Clair - 静态漏洞分析工具,发现容器中的 CVE,可集成到 CI,如 Gitlab CI。 (工具 / 容器扫描)
README
# Clair
[![Docker Repository on Quay](https://quay.io/repository/projectquay/clair/status "Docker Repository on Quay")](https://quay.io/repository/projectquay/clair)
[![PkgGoDev](https://pkg.go.dev/badge/github.com/quay/clair/v4 "Go Documentation")](https://pkg.go.dev/github.com/quay/clair/v4)
[![IRC Channel](https://img.shields.io/badge/freenode-%23clair-blue.svg "IRC Channel")](http://webchat.freenode.net/?channels=clair)**Note**: The `main` branch may be in an *unstable or even broken state* during development.
Please use [releases] instead of the `main` branch in order to get stable binaries.![Clair Logo](https://cloud.githubusercontent.com/assets/343539/21630811/c5081e5c-d202-11e6-92eb-919d5999c77a.png)
Clair is an open source project for the [static analysis] of vulnerabilities in
application containers (currently including [OCI] and [docker]).Clients use the Clair API to index their container images and can then match it against known vulnerabilities.
Our goal is to enable a more transparent view of the security of container-based infrastructure.
Thus, the project was named `Clair` after the French term which translates to *clear*, *bright*, *transparent*.[The book] contains all the documentation on Clair's architecture and operation.
[OCI]: https://github.com/opencontainers/image-spec/blob/master/spec.md
[docker]: https://github.com/docker/docker/blob/master/image/spec/v1.2.md
[releases]: https://github.com/quay/clair/releases
[static analysis]: https://en.wikipedia.org/wiki/Static_program_analysis
[The book]: https://quay.github.io/clair/## Community
- Mailing List: [[email protected]](https://groups.google.com/forum/#!forum/clair-dev)
- IRC: #[clair](irc://irc.freenode.org:6667/#clair) on freenode.org
- Bugs: [issues](https://github.com/quay/clair/issues)## Contributing
See [CONTRIBUTING](.github/CONTRIBUTING.md) for details on submitting patches and the contribution workflow.
## License
Clair is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.