The question was "why over DHI?"

1 and 2 are not a reason

3. no X, no Y, also not a reason

4. `rg agents`. Right

morellonet 6 hours ago | parent | next [-]

Not sure what you mean… we have more images than DHI, we have FIPS images available freely, and all our images are built from source on a distroless base. These are just objective facts.

The build from source on distroless approach provides a meaningful advantage re attack surface and CVEs versus DHI images. You don’t have to take our word for it, just pull some images and scan with Trivy or Grype or whatever you prefer.

▲

yjftsjthsd-h 5 hours ago | parent | prev [-]

3 is exactly the reason I've never bothered to try docker's offering; that definitely is a reason

	▲	morellonet 5 hours ago \| parent [-]
		Re 3, one of the features in Enterprise Edition is integrations with Slack, GitHub, webhooks, etc. a key use case is getting a push notification (or even triggering automation) when an image you’re using gets an update. It’s simple but pretty granular too… ‘if this python image gets a fix for a critical CVE that’s actively exploited, trigger a GitHub action to rebuild the app with the updated image