README: minor grammar/spelling tweaks #24
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -3,27 +3,27 @@ Clair | |||
|
|
|||
| [](https://quay.io/repository/coreos/clair) | |||
|
|
|||
| Clair is a container vulnerability analysis service. It provides the list of vulnerabilities that threaten each container and can sends notifications whenever new vulnerabilities that affect existing containers are released. | |||
| Clair is a container vulnerability analysis service. It provides the list of vulnerabilities that threaten each container and can send notifications whenever new vulnerabilities that affect existing containers are released. | |||
There was a problem hiding this comment.
Soft suggest:
Clair is a container vulnerability analysis service. It provides a list of vulnerabilities that threaten a container, and can notify users when new vulnerabilities that affect existing containers become known.
jonboulle
force-pushed
the
jonboulle-patch-1
branch
from
3ce6003
to
c663e27
Compare
|
|
||
| To detect vulnerabilities Clair decided to take advantage of package managers, which quickly and comprehensively provide lists of installed binary and source packages. Package lists are extracted for each layer that composes of your container image, the difference between the layer’s package list, and its parent one is stored. Not only is this method storage-efficient, but it also enables us to scan a layer that may be used in many images only once. Coupled with vulnerability databases such as the Debian’s Security Bug Tracker, Clair is able to tell which vulnerabilities threaten a container, and which layer and package introduced them. | ||
| To detect vulnerabilities, Clair instead takes advantage of common package managers, which quickly and comprehensively provide lists of installed binary and source packages. Package lists are extracted for each layer that composes your container image: the difference between the layer’s package list and its parent one is stored. Not only is this method storage-efficient, but it also enables us to scan a layer that may be used in many images only once. Coupled with vulnerability databases such as the Debian’s Security Bug Tracker, Clair is able to tell which vulnerabilities threaten a container, and which layer and package introduced them. |
There was a problem hiding this comment.
replace:
"Not only is this method..."
with:
This method is efficient in its use of storage, and allows Clair to scan each layer only once, though that layer may be used in many container images.
jonboulle
force-pushed
the
jonboulle-patch-1
branch
from
c663e27
to
eae6cf1
Compare
|
|
||
| ### Graph | ||
|
|
||
| Clair internally uses a graph, which has its model described in the [associated doc](docs/Model.md) to store and query data. Below is a non-exhaustive example graph that correspond to the following *Dockerfile*. | ||
| Clair internally uses a graph, which has its model described in the [associated doc](docs/Model.md) to store and query data. Below is a non-exhaustive example graph that corresponds to the following *Dockerfile*. |
There was a problem hiding this comment.
Internally, Clair implements a graph structure to store and query layer data. The non-exhaustive example graph below corresponds to the following Dockerfile.
|
LGTM after the smoothing attempts in comments above. |
jonboulle
force-pushed
the
jonboulle-patch-1
branch
from
eae6cf1
to
ef7ccd3
Compare
jonboulle
added a commit
that referenced
this pull request
Nov 20, 2015
README: minor grammar/spelling tweaks
This was referenced Jul 28, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.