-
Notifications
You must be signed in to change notification settings - Fork 85
docs: update README #1548
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
docs: update README #1548
Conversation
Adds the GoDoc badge, the codecov badge, a quick start section, and more general info about the library. Signed-off-by: Brad Lugo <[email protected]>
README.md
Outdated
|
||
Claircore provides a set of go modules which handle scanning container layers for installed packages and reporting any discovered vulnerabilities. | ||
Claircore is designed to be embedded into a service wrapper. | ||
A container security library from Red Hat's Clair and Advanced Cluster Security teams.q |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd say this doesn't need to be said, it doesn't mean anything unless you work at Red Hat.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree, I don't think this change adds anything.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about something like:
A container security library from Red Hat's Clair and Advanced Cluster Security teams.q | |
Claircore provides a set of go modules which handle scanning container layers for installed packages and reporting any | |
discovered vulnerabilities. The engine behind Clair and Advanced Cluster Security. |
I'd like to get across that this is The shared Red Hat library for container scanning.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess I don't really know the intention behind adding the line, I could see that stackrox/ACS scanner readme mentioning that it uses claircore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No new instances of "scan" or "scanning", it's imprecise and leads people to believe the software is examining bytes on every API call. Better words to use (depending on the context) are "index", "analyze", "report", and "match".
README.md
Outdated
|
||
Claircore provides a set of go modules which handle scanning container layers for installed packages and reporting any discovered vulnerabilities. | ||
Claircore is designed to be embedded into a service wrapper. | ||
A container security library from Red Hat's Clair and Advanced Cluster Security teams.q |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree, I don't think this change adds anything.
README.md
Outdated
Claircore's main entire points are: | ||
- `libindex`: The module that indexes packages and reports all packages for each layer. | ||
- `libvuln`: The module that matches vulnerabilities using an index report. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I started writing out examples and usages for these, but decided to submit a full example: #1549
Description
Updates the README:
You can view the GitHub rendered view here: https://github.com/BradLugo/claircore/blob/blugo/update-readme/README.md