clair

We have hosted the application clair in order to run this application in our online workstations with Wine or directly.

Quick description about clair:

Clair is an application for parsing image contents and reporting vulnerabilities affecting the contents. This is done via static analysis and not at runtime. Clair v4 utilizes the ClairCore library as its engine for examining contents and reporting vulnerabilities. At a high level you can consider Clair a service wrapper to the functionality provided in the ClairCore library. The main branch may be in an unstable or even broken state during development. Please use releases instead of the main branch in order to get stable binaries. Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent.

Features:

• Clair is under the Apache 2.0 license
• Clair v4 utilizes the ClairCore library as its engine for examining contents and reporting vulnerabilities
• You can consider Clair a service wrapper to the functionality provided in the ClairCore library
• Indexing starts with submitting a Manifest to Clair
• Manifests are Clair's representation of a container image
• Once a Manifest is indexed, the IndexReport is persisted for later retrieval

Programming Language: Go.
Categories: