Comment on Docker Hub's trust signals are a lie — and Huntarr is just the latest proof
bdonvr@thelemmy.club 5 days ago
Pinning your versions just means updating will be a pain, and you’ll probably start running outdated containers that are security risks.
It’s not like you’re doing code audits every updates anyway. Just use containers that are established and seem trustworthy
androidul@lemmy.world 5 days ago
sure, but Renovate can be used in such scenarios. MR is open, scan is triggered in the CI/CD pipeline and that’s how you verify