Clair

Note: The main branch may be in an unstable or even broken state during development. Please use releases instead of the main branch in order to get stable binaries.

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker).

Clients use the Clair API to index their container images and can then match it against known vulnerabilities.

Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent.

The book contains all the documentation on Clair's architecture and operation.

Community

Mailing List: [email protected]
IRC: #clair on freenode.org
Bugs: issues

Contributing

See CONTRIBUTING for details on submitting patches and the contribution workflow.

License

Clair is under the Apache 2.0 license. See the LICENSE file for details.

Package Rankings

Top 1.28% on Proxy.golang.org

Top 25.62% on Formulae.brew.sh

Badges

Extracted from project README

Related Projects

fiware-security

Security analysis of the FIWARE GEs docker images

05 Feb 2019 1

cli

The Docker CLI

12 Apr 2017 4,667

clair-scanner

Docker containers vulnerability scan

02 Apr 2017 845

dockle

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

23 May 2019 2,653

harbor

An open source trusted cloud native registry project that stores, signs, and scans content.

28 Jan 2016 23,873

reg

Docker registry v2 command line client and repo listing generator with security checks.

21 Sep 2016 1,637

dns

Docker DNS server on steroids to access DNS-over-TLS from Cloudflare, Google, Quad9, Quadrant or ...

09 Apr 2018 217

docker-clamav

Multi-arch dockerized open source antivirus for use with file sharing containers, REST API or TCP.

31 Jan 2015 223

quay

Build, Store, and Distribute your Applications and Containers

08 Nov 2019 2,371

quibble

A container security tool written in Rust focusing on making security easy for compose based conf...

30 Nov 2022 11

containerd

An open and reliable container runtime

13 Nov 2015 16,262

contajners

An idiomatic, data-driven, REPL friendly clojure client for OCI container engines

12 Jul 2021 133

godevcontainer

Golang development container for Visual Studio Code Remote Containers Development

12 Sep 2019 255

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositori...

11 Apr 2019 21,627

docker-clamav

ClamAV docker image with auto database updates

11 May 2019 50