-
## Summary
Given one or more SBOM documents, create a third SBOM document containing external references to those documents.
Something like:
```
bomctl link sbom1.json sbom2.json ... -o linked_sbo…
-
Today, we produce distroless variants for all image types except SDK. In thinking more about it, it isn't obvious why that is. The benefits of distroless and the reasons why you might not be able to u…
-
Given that the documentation suggests that you [_can_ use the docker container as a command-line tool](https://docs.astral.sh/uv/guides/integration/docker/#running-uv-in-a-container) I found it very s…
-
We should migrate Mimir to a distroless Docker image, to reduce the attack surface.
The main pushback towards this move was because it's then very difficult to debug a live container (e.g. look at …
-
I'm trying to run my Node.js application using the` gcr.io/distroless/nodejs20-debian12:debug` image. However, when I execute my application, I get the following error:
I am using the npx command i…
-
This is related to https://github.com/dotnet/dotnet-docker/issues/4300 and specifically the comment to [provide documentation for HEALTHCHECK scenarios in distroless](https://github.com/dotnet/dotnet-…
-
Hello! I am trying to create container with enroot tool. However, i have faced with problem of /bin/sh. Firstly, i run
`enroot import docker://hello-world`
for docker image importing, and the comma…
-
It's good practice for the container ecosystem to have minimal (distroless) images with a reduced attack surface and smaller storage and transfer footprint.
Considering the security aspect of bug-b…
-
https://github.com/distroless
-
I've done so in my PR (#20) but bringing it up separately so that it might be integrated into the Dockerfile - there is nothing that requires root privileges inside the container, right?
If so, mig…