-
We were looking for `openjdk-17-jre-headless` but noticed that `openjdk-11-jre-headless` is version `17.0.5.8-r4`, however, given,
```
contents:
keyring:
- https://packages.wolfi.dev/os/wo…
-
I'm looking into this CVE in the `cgr.dev/chainguard/jenkins:latest` image :)
-
### 2023 H2 SSC Election
This is the official tracking issue for the 2023H2 SSC election. The timeline for this election is as follows:
* AUGUST 23, 2023: Nominations open
* SEPTEMBER 6, 2023: Nomi…
-
**What topic are you requesting a resource about?**
* **Chainguard product**
* Open source related
* Conceptual security related
* Other (please describe)
**Proposed title:**
TBD (potentiall…
-
{
"hub-mirror": [
"gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0.50.0",
"cgr.dev/chainguard/busybox",
"gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0…
-
{
"hub-mirror": [
"gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0.50.0",
"cgr.dev/chainguard/busybox",
"gcr.io/tekton-releases/github.com/tektonc…
-
I did have an initial attempt of getting melange bump to reuse pipeline mutation functions but that caused circular dependencies. i.e. functions in the `build` package use function in `renovate` so `…
-
alpine's `apk` (and associated c libs) offer few methods for dealing with private repos, in fact it appears http-basic-auth is the only available option. However `apko` does not support http basic aut…
-
when running, keycloak needs write permission in `/usr/share/java/keycloak-/...`
https://github.com/wolfi-dev/os/blob/main/keycloak.yaml#L43
I'm not sure if it's good practice to make `nonroot` …
-
Hey there [Chainguard](https://github.com/chainguard-dev) here.
We noticed that you are using [Chainguard Images](https://github.com/chainguard-images/images), thank you! We wanted to make you aware …