I love how #Chainguard Images continues to patch security issues before there is even a #CVE issued.

- #CVE-2023-38403 (#iperf3): Patched same day as announcement (8 days before CVE)
- #CVE-2023-3446 (#openssl): Patched same day as announcement
- #CVE-2023-38408 (#openssh): Patched same day as announcement

That's the beauty of automation and testing.

Anyways, the last part of today's research dive was more #Docker.

The most interesting discovery was #distroless images. I was familiar with #Alpine #Linux, but I hadn't really stumbled across distroless yet. Specifically I noticed that #Envoy shipped a distroless image, but neglected to really explain it short of "it's faster and better".

Google's distroless project is limited to standalone application runners (Node, Java), but #ChainGuard has their #Wolfi images that cover more bases. 👍

It absolutely blows me away how much smaller the #CVE surface area is for #Chainguard #Images versus the mainstream container images for popular opensource projects:

python: 647 vulns
cgr.dev/chainguard/python: 0

nginx: 78 vulns
cgr.dev/chainguard/nginx: 0

Now, granted many of these CVEs are worthless, but who wants to track and manage that kind of noise? Not me!

I'd also complain about the lack of #SBOMs in the upstream opensource projects, but the tooling still sucks there.

New #Chainguard Academy tutorial up! Learn how to get started with the #Node @wolfi image in this step-by-step guide:

https://edu.chainguard.dev/chainguard/chainguard-images/reference/node/getting-started-node/

An event organized by @chainguard_dev at #CrowdCast about getting started to @wolfi and the tech stack #apko + #melange behind it is now available on #chainguard's YouTube channel 💖 Do not forget to watch it if you missed the event 💫
https://www.youtube.com/watch?v=2pqhLXA6NaI

If you missed the Twitter space organized by @chainguard_dev about the #SoftwareSupplyChainSecurity Recap of 2022 and Predictions for 2023, don't worry, there is always been a recording 🥳

Don't forget to check #chainguard academy: https://edu.chainguard.dev
≫ https://twitter.com/i/spaces/1ynJOamPQnVKR?s=20

Bike of the day.
At a train station in front of this overflowing bike rack in Joensuu, Finland stands an old, worn black bicycle with a shiny, silver, chain guard intricately styled.

#BikeOfTheDay #Finland #ChainGuard #MyPhto #Photography #Bicycles #Bike

Does anyone know if you can get chain guards for Kalkhoff bikes? #Kalkhoff #Chainguard #Help

I realized I didn't introduce myself here, so here goes my #introduction post 😊

I'm a software engineer (#PHP, some Ruby, shell) especially interested in #Linux, #devOps, and #technicalWriting . Currently working as Developer Experience Engineer at #Chainguard, previously DigitalOcean. Most of all, I am passionate about open source and about explaining complex things in a simple way.

On my free time I like to tinker with #3DPrinting, play games (#SteamDeck 💕) and spend time with my family.

Legendary swag 😎 we're coming for your containers! #Chainguard #wolfi

I am in a Zwickmühle.
My static #Chainguard distroless #Docker image contains my #Golang app.
But my linters tell me to please use a non-root user in the Dockerfile.

What to do :D ?

The #Chainguard team is so great to work with

@kelbot @robert588 @apiziali @darkstar@mastodon.nl @gemlog @pizza_pal@mastodon.social Near final repair done!! Added the #chainguard #bike #decal. Just need a #reflector.