Comment on Docker Hub's trust signals are a lie — and Huntarr is just the latest proof

<- View Parent
androidul@lemmy.world ⁨2⁩ ⁨weeks⁩ ago

sure, but Renovate can be used in such scenarios. MR is open, scan is triggered in the CI/CD pipeline and that’s how you verify

source
Sort:hotnewtop