{productname} is built for real enterprise use cases where content governance and security are two major focus areas. {productname} content governance and security includes a built-in vulnerability scanning via Clair.
Clair is an open source tool developed by CoreOS for Quay that generates analyses of vulnerabilities in application containers, which currently includes Open Container Initiative (OCI) and Docker images. Clients that use the Clair API to index their container images can then match their images against known vulnerabilities.
Clair supports the extraction of contents and assignment of vulnerabilities from the following official base containers:
-
Ubuntu Linux
-
Debian Linux
-
Red Hat Enterprise Linux
-
SUSE
-
Oracle Linux
-
Alpine Linux
-
Amazon Linux
-
VMware Photon
-
Python