0

Clair

容器的漏洞静态分析。(Vulnerability Static Analysis for Containers)

官方網站
Github 資源庫
主要指標

Github星跟蹤圖

Clair

注意:主分支可能处于不稳定甚至中断状态。请使用 releases 而不是 master 分支来获得稳定的二进制文件。

Clair 是一个开源项目,用于静态分析应用程序容器(目前包括 appc 和 docker)中的漏洞。

  1. Clair 会定期从一组已配置的源中提取漏洞元数据,并将其存储在数据库中。
  2. 客户端使用 Clair API 来索引其容器映像;这将创建映像中存在的功能列表,并将它们存储在数据库中。
  3. 客户端使用 Clair API 在数据库中查询特定映像的漏洞;为每个请求关联漏洞和功能,避免重新扫描映像。
  4. 发生漏洞元数据更新时,可以向警报系统发送通知,告知发生了更改。

我们的目标是使基于容器的基础设施的安全性具有更透明的视图。因此,该项目以法语术语 Clair 命名,意思是清晰、明亮、透明。

入门

社区

贡献

有关提交修补程序和贡献工作流程的详细信息,请参阅“贡献”

许可

Clair 属于 Apache 2.0 许可证。有关详细信息,请参阅 LICENSE 文件。

(First edition: vz edited at 2019.08.24)

主要指標

概覽
名稱與所有者quay/clair
主編程語言Go
編程語言Go (語言數: 5)
平台Docker, Kubernetes, Linux
許可證Apache License 2.0
所有者活动
創建於2015-11-13 18:46:16
推送於2025-06-03 21:57:58
最后一次提交
發布數135
最新版本名稱config/v1.4.2 (發布於 2025-04-29 14:36:11)
第一版名稱v0.0.1 (發布於 )
用户参与
星數10.7k
關注者數228
派生數1.2k
提交數2.1k
已啟用問題?
問題數672
打開的問題數10
拉請求數1203
打開的拉請求數21
關閉的拉請求數270
项目设置
已啟用Wiki?
已存檔?
是復刻?
已鎖定?
是鏡像?
是私有?

Clair

Build Status
Docker Repository on Quay
Go Report Card
GoDoc
IRC Channel

Note: The master branch may be in an unstable or even broken state during development.
Please use releases instead of the master branch in order to get stable binaries.

Clair Logo

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).

  1. In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.
  2. Clients use the Clair API to index their container images; this creates a list of features present in the image and stores them in the database.
  3. Clients use the Clair API to query the database for vulnerabilities of a particular image; correlating vulnerabilities and features is done for each request, avoiding the need to rescan images.
  4. When updates to vulnerability metadata occur, a notification can be sent to alert systems that a change has occurred.

Our goal is to enable a more transparent view of the security of container-based infrastructure.
Thus, the project was named Clair after the French term which translates to clear, bright, transparent.

Getting Started

Community

Contributing

See CONTRIBUTING for details on submitting patches and the contribution workflow.

License

Clair is under the Apache 2.0 license. See the LICENSE file for details.