Skip to content

docs: update README #1548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

docs: update README #1548

wants to merge 2 commits into from

Conversation

BradLugo
Copy link
Contributor

@BradLugo BradLugo commented May 24, 2025
edited
Loading

Description

Updates the README:

  • Adds the GoDoc badge
  • Adds the codecov badge
  • Moves the badges under the repo title
  • Adds a quick start section
  • Changes some general info about the library

You can view the GitHub rendered view here: https://github.com/BradLugo/claircore/blob/blugo/update-readme/README.md

@BradLugo
docs: update README
375fa33 
Adds the GoDoc badge, the codecov badge, a quick start section, and more
general info about the library.

Signed-off-by: Brad Lugo <[email protected]>
@BradLugo BradLugo requested review from hdonnay and crozzy May 24, 2025 06:01
@BradLugo BradLugo requested a review from a team as a code owner May 24, 2025 06:01
crozzy
crozzy reviewed May 29, 2025
View reviewed changes
README.md Outdated

Claircore provides a set of go modules which handle scanning container layers for installed packages and reporting any discovered vulnerabilities.
Claircore is designed to be embedded into a service wrapper.
A container security library from Red Hat's Clair and Advanced Cluster Security teams.q
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd say this doesn't need to be said, it doesn't mean anything unless you work at Red Hat.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree, I don't think this change adds anything.

Copy link
Contributor Author

@BradLugo BradLugo May 29, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about something like:

Suggested change
A container security library from Red Hat's Clair and Advanced Cluster Security teams.q
Claircore provides a set of go modules which handle scanning container layers for installed packages and reporting any
discovered vulnerabilities. The engine behind Clair and Advanced Cluster Security.

I'd like to get across that this is The shared Red Hat library for container scanning.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess I don't really know the intention behind adding the line, I could see that stackrox/ACS scanner readme mentioning that it uses claircore.

hdonnay
hdonnay requested changes May 29, 2025
View reviewed changes
Copy link
Member

@hdonnay hdonnay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No new instances of "scan" or "scanning", it's imprecise and leads people to believe the software is examining bytes on every API call. Better words to use (depending on the context) are "index", "analyze", "report", and "match".

README.md Outdated

Claircore provides a set of go modules which handle scanning container layers for installed packages and reporting any discovered vulnerabilities.
Claircore is designed to be embedded into a service wrapper.
A container security library from Red Hat's Clair and Advanced Cluster Security teams.q
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree, I don't think this change adds anything.

BradLugo
BradLugo commented May 29, 2025
View reviewed changes
README.md Outdated
Comment on lines 23 to 25
Claircore's main entire points are:
- `libindex`: The module that indexes packages and reports all packages for each layer.
- `libvuln`: The module that matches vulnerabilities using an index report.
Copy link
Contributor Author

@BradLugo BradLugo May 29, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I started writing out examples and usages for these, but decided to submit a full example: #1549

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crozzy crozzy crozzy left review comments

@hdonnay hdonnay hdonnay requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@BradLugo @hdonnay @crozzy