clair/README.md

# Clair

[![Build Status](https://api.travis-ci.org/coreos/clair.svg?branch=master "Build Status")](https://travis-ci.org/coreos/clair)
[![Docker Repository on Quay](https://quay.io/repository/coreos/clair/status "Docker Repository on Quay")](https://quay.io/repository/coreos/clair)
[![Go Report Card](https://goreportcard.com/badge/coreos/clair "Go Report Card")](https://goreportcard.com/report/coreos/clair)
[![GoDoc](https://godoc.org/github.com/coreos/clair?status.svg "GoDoc")](https://godoc.org/github.com/coreos/clair)
[![IRC Channel](https://img.shields.io/badge/freenode-%23clair-blue.svg "IRC Channel")](http://webchat.freenode.net/?channels=clair)

**Note**: The `master` branch may be in an *unstable or even broken state* during development.
Please use [releases] instead of the `master` branch in order to get stable binaries.

![Clair Logo](https://cloud.githubusercontent.com/assets/343539/21630811/c5081e5c-d202-11e6-92eb-919d5999c77a.png)

Clair is an open source project for the [static analysis] of vulnerabilities in application containers (currently including [appc] and [docker]).

1. In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.
2. Clients use the Clair API to index their container images; this creates a list of _features_ present in the image and stores them in the database.
3. Clients use the Clair API to query the database for vulnerabilities of a particular image; correlating vulnerabilities and features is done for each request, avoiding the need to rescan images.
4. When updates to vulnerability metadata occur, a notification can be sent to alert systems that a change has occured.

Our goal is to enable a more transparent view of the security of container-based infrastructure.
Thus, the project was named `Clair` after the French term which translates to *clear*, *bright*, *transparent*.

[appc]: https://github.com/appc/spec
[docker]: https://github.com/docker/docker/blob/master/image/spec/v1.2.md
[releases]: https://github.com/coreos/clair/releases
[static analysis]: https://en.wikipedia.org/wiki/Static_program_analysis

## Getting Started

* Learn [the terminology] and about the [drivers and data sources] that power Clair
* Watch [presentations] on the high-level goals and design of Clair
* Follow instructions to get Clair [up and running]
* Explore [the API] on SwaggerHub
* Discover third party [integrations] that help integrate Clair with your infrastructure
* Read the rest of the documentation on the [CoreOS website] or in the [Documentation directory]

[the terminology]: /Documentation/terminology.md
[drivers and data sources]: /Documentation/drivers-and-data-sources.md
[presentations]: /Documentation/presentations.md
[up and running]: /Documentation/running-clair.md
[the API]: https://app.swaggerhub.com/apis/coreos/clair/3.0
[integrations]: /Documentation/integrations.md
[CoreOS website]: https://coreos.com/clair/docs/latest/
[Documentation directory]: /Documentation

## Contact

- IRC: #[clair](irc://irc.freenode.org:6667/#clair) on freenode.org
- Bugs: [issues](https://github.com/coreos/clair/issues)

## Contributing

See [CONTRIBUTING](.github/CONTRIBUTING.md) for details on submitting patches and the contribution workflow.

## License

Clair is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.
reboot README 2016-02-18 21:49:10 +00:00			`# Clair`
Initial commit 2015-11-13 19:11:28 +00:00
reboot README 2016-02-18 21:49:10 +00:00			`[![Build Status](https://api.travis-ci.org/coreos/clair.svg?branch=master "Build Status")](https://travis-ci.org/coreos/clair)`
README: add container badge [ci skip] 2015-11-13 19:29:01 +00:00			`[![Docker Repository on Quay](https://quay.io/repository/coreos/clair/status "Docker Repository on Quay")](https://quay.io/repository/coreos/clair)`
README: add go report card 2016-02-20 21:48:48 +00:00			`[![Go Report Card](https://goreportcard.com/badge/coreos/clair "Go Report Card")](https://goreportcard.com/report/coreos/clair)`
README: fix godoc badge copypasta 2016-02-24 23:08:16 +00:00			`[![GoDoc](https://godoc.org/github.com/coreos/clair?status.svg "GoDoc")](https://godoc.org/github.com/coreos/clair)`
reboot README 2016-02-18 21:49:10 +00:00			`[![IRC Channel](https://img.shields.io/badge/freenode-%23clair-blue.svg "IRC Channel")](http://webchat.freenode.net/?channels=clair)`
README: add container badge [ci skip] 2015-11-13 19:29:01 +00:00
README: add master branch warning 2016-04-20 17:17:44 +00:00			Note: The `master` branch may be in an unstable or even broken state during development.
			Please use [releases] instead of the `master` branch in order to get stable binaries.

README: rm images from repo 2017-01-04 03:22:41 +00:00			`![Clair Logo](https://cloud.githubusercontent.com/assets/343539/21630811/c5081e5c-d202-11e6-92eb-919d5999c77a.png)`
README: Add logo 2016-03-18 15:48:55 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`Clair is an open source project for the [static analysis] of vulnerabilities in application containers (currently including [appc] and [docker]).`
Initial commit 2015-11-13 19:11:28 +00:00
README: improve readability This change takes into consideration the points from @kevinburke's talk on readability. 2017-04-10 20:30:25 +00:00			`1. In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.`
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`2. Clients use the Clair API to index their container images; this creates a list of _features_ present in the image and stores them in the database.`
			`3. Clients use the Clair API to query the database for vulnerabilities of a particular image; correlating vulnerabilities and features is done for each request, avoiding the need to rescan images.`
			`4. When updates to vulnerability metadata occur, a notification can be sent to alert systems that a change has occured.`
Initial commit 2015-11-13 19:11:28 +00:00
readme: continue to nitpick 2016-02-24 00:52:10 +00:00			`Our goal is to enable a more transparent view of the security of container-based infrastructure.`
reboot README 2016-02-18 21:49:10 +00:00			Thus, the project was named `Clair` after the French term which translates to clear, bright, transparent.
Initial commit 2015-11-13 19:11:28 +00:00
readme: continue to nitpick 2016-02-24 00:52:10 +00:00			`[appc]: https://github.com/appc/spec`
update docker image spec url 2017-03-16 02:18:18 +00:00			`[docker]: https://github.com/docker/docker/blob/master/image/spec/v1.2.md`
README: add master branch warning 2016-04-20 17:17:44 +00:00			`[releases]: https://github.com/coreos/clair/releases`
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`[static analysis]: https://en.wikipedia.org/wiki/Static_program_analysis`
readme: continue to nitpick 2016-02-24 00:52:10 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`## Getting Started`
Initial commit 2015-11-13 19:11:28 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`* Learn [the terminology] and about the [drivers and data sources] that power Clair`
			`* Watch [presentations] on the high-level goals and design of Clair`
			`* Follow instructions to get Clair [up and running]`
			`* Explore [the API] on SwaggerHub`
			`* Discover third party [integrations] that help integrate Clair with your infrastructure`
			`* Read the rest of the documentation on the [CoreOS website] or in the [Documentation directory]`
Initial commit 2015-11-13 19:11:28 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`[the terminology]: /Documentation/terminology.md`
			`[drivers and data sources]: /Documentation/drivers-and-data-sources.md`
			`[presentations]: /Documentation/presentations.md`
			`[up and running]: /Documentation/running-clair.md`
			`[the API]: https://app.swaggerhub.com/apis/coreos/clair/3.0`
			`[integrations]: /Documentation/integrations.md`
			`[CoreOS website]: https://coreos.com/clair/docs/latest/`
			`[Documentation directory]: /Documentation`
README: improve readability This change takes into consideration the points from @kevinburke's talk on readability. 2017-04-10 20:30:25 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`## Contact`
README: improve readability This change takes into consideration the points from @kevinburke's talk on readability. 2017-04-10 20:30:25 +00:00
README: fix IRC copypasta 2017-08-18 17:41:26 +00:00			`- IRC: #[clair](irc://irc.freenode.org:6667/#clair) on freenode.org`
README: fixed issues address 2018-03-20 04:21:38 +00:00			`- Bugs: [issues](https://github.com/coreos/clair/issues)`
README: improve readability This change takes into consideration the points from @kevinburke's talk on readability. 2017-04-10 20:30:25 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`## Contributing`
README: improve readability This change takes into consideration the points from @kevinburke's talk on readability. 2017-04-10 20:30:25 +00:00
Update CONTRIBUTING.MD link Looks like this was moved in https://github.com/coreos/clair/commit/24ca12bdecfcbc2d7797a01dcde87fea44dad7c8 2017-12-17 17:04:45 +00:00			`See [CONTRIBUTING](.github/CONTRIBUTING.md) for details on submitting patches and the contribution workflow.`
docs: provide information to run Clair in README The top level readme for Clair has no instructions on how-to run Clair. Add a link pointing to the appropriate place. 2016-02-15 05:00:22 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`## License`
readme: continue to nitpick 2016-02-24 00:52:10 +00:00
docs: turn README into full articles 2017-08-17 19:49:51 +00:00			`Clair is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.`