github.com/quay/claircore@v1.5.28/docs/concepts/vulnerability_matching.md

github.com/quay/claircore@v1.5.28/docs/concepts/vulnerability_matching.md (about)

     1  # Vulnerability Matching
     2  
     3  The following describes a successful scan.
     4  
     5  1. Updaters have ran either in the background on an interval or an offline loader has been ran.  
     6  2. A Manifest is provided to Libindex. Libindex fetches all the layers, runs all scanner types on each layer, persists all artifacts found in each layer, and computes an IndexReport.  
     7  3. A IndexReport is provided to Libvuln.  
     8  4. Libvuln creates a stream of IndexRecord structs from the IndexReport and concurrently streams these structs to each configured Matcher.  
     9  5. Libvuln computes a VulnerabilityReport aggregating all vulnerabilities discovered by all configured Matcher implementations.  
    10  6. Sometime later the security advisory database is updated and a new request to Libvuln will present updated vulnerability data.  
    11