MCPcopy Index your code
hub / github.com/quay/clair

github.com/quay/clair @v4.9.0

repository ↗ · DeepWiki ↗ · release v4.9.0 ↗ · + Follow
685 symbols 2,778 edges 160 files 378 documented · 55% updated 4d agov4.9.0 · 2025-12-10★ 11,01718 open issues
README

Clair

Docker Repository on Quay PkgGoDev IRC Channel

Note: The main branch may be in an unstable or even broken state during development. Please use releases instead of the main branch in order to get stable binaries.

Clair Logo

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker).

Clients use the Clair API to index their container images and can then match it against known vulnerabilities.

Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent.

The book contains all the documentation on Clair's architecture and operation.

Community

Contributing

See CONTRIBUTING for details on submitting patches and the contribution workflow.

License

Clair is under the Apache 2.0 license. See the LICENSE file for details.

Extension points exported contracts — how you extend this code

DirectDeliverer (Interface)
DirectDeliverer implementations are used in coordination with the Deliverer interface. DirectDeliverer(s) expect this m [7 …
notifier/deliverer.go
Reporter (Interface)
Reporter is an interface for retreiving an IndexReport given a manifest digest. [3 implementers]
indexer/service.go
Formatter (Interface)
Formatter is the common interface for presenting results. [3 implementers]
cmd/clairctl/report.go
Notificationer (Interface)
Notificationer implements persistence methods for Notification models [3 implementers]
notifier/store.go
Service (Interface)
Service is an aggregate interface wrapping claircore.Libvuln functionality. Implementation may use a local instance of [2 …
matcher/service.go
Checker (Interface)
Checker is an interface that reports whether the passed request should be allowed to continue. [2 implementers]
middleware/auth/handler.go
Service (Interface)
Service is an interface wrapping ClairV4's notifier functionality. This remains an interface so remote clients may impl [2 …
notifier/service.go
Option (FuncType)
Option sets an option on an HTTP.
httptransport/client/httpclient.go

Core symbols most depended-on inside this repo

Close
called by 105
notifier/locker.go
String
called by 103
config/enums_string.go
Error
called by 97
config/lint.go
Err
called by 66
notifier/postgres/notifications.go
apiError
called by 59
httptransport/error.go
Add
called by 41
internal/httputil/signer.go
NewRequestWithContext
called by 40
internal/httputil/client.go
Set
called by 36
httptransport/client/httpclient.go

Shape

Method 303
Function 217
Struct 128
Interface 24
TypeAlias 8
FuncType 5

Languages

Go100%

Modules by API surface

clair-error/errors.go29 symbols
clair-error/notifications.go25 symbols
notifier/store.go16 symbols
config/otlp.go16 symbols
contrib/cmd/quaybackstop/main.go15 symbols
config/notifier.go15 symbols
notifier/postgres/e2e_test.go13 symbols
notifier/mockstore.go13 symbols
httptransport/client/httpclient.go13 symbols
cmd/clairctl/admin.go13 symbols
notifier/stomp/integration_test.go12 symbols
indexer/service.go12 symbols

Dependencies from manifests, versioned

github.com/Masterminds/semverv1.5.0 · 1×
github.com/beorn7/perksv1.0.1 · 1×
github.com/cespare/xxhash/v2v2.3.0 · 1×
github.com/containerd/stargz-snapshotter/estargzv0.18.1 · 1×
github.com/cpuguy83/go-md2man/v2v2.0.7 · 1×
github.com/docker/cliv29.0.3+incompatible · 1×
github.com/docker/distributionv2.8.3+incompatible · 1×
github.com/docker/docker-credential-helpersv0.9.3 · 1×
github.com/evanphx/json-patch/v5v5.9.11 · 1×

Datastores touched

pqgotestDatabase · 1 repos
postgresDatabase · 1 repos
quayDatabase · 1 repos

For agents

$ claude mcp add clair \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact