Premium Security Upgrade: Hardened Container + SBOM + Provenance #378
immauss
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Historically, this container has been built on general-purpose base images from Docker Hub. They work, but they’re not always optimized for security hardening.
Coming soon (paid subscribers only): a hardened build of the same single-container image.
Target: Docker Scout grade A (minimum B maintained), plus SBOM and supply-chain attestation to help you prove what’s inside and where it came from.
What you’ll get:
Hardened base + tighter defaults
SBOM included
Supply-chain attestation (provenance)
Ongoing focus on keeping the security posture high as dependencies evolve
What’s left before we can consistently claim “A” across the board: the image still defaults to root today — and we’re actively working on a non-root default without breaking workflows.
Want early access / priority? Comment here and tell us your environment (K8s, Docker Compose, rootless, volume mounts, UID/GID requirements). The more signal we get, the faster we can ship this safely.c
Beta Was this translation helpful? Give feedback.
All reactions