Skip to content

Pin the base image to a digest#99

Open
LotemKahana wants to merge 1 commit into
codespell-project:masterfrom
LotemKahana:pin-base-image-digest
Open

Pin the base image to a digest#99
LotemKahana wants to merge 1 commit into
codespell-project:masterfrom
LotemKahana:pin-base-image-digest

Conversation

@LotemKahana

Copy link
Copy Markdown
Contributor

python:3.13-alpine is a mutable tag that gets updated whenever upstream ships Alpine/Python patches, so a build today could pull different content than a build tomorrow with no change to this file. Pin to the digest instead.

python:3.13-alpine is a mutable tag that gets updated whenever
upstream ships Alpine/Python patches, so a build today could pull
different content than a build tomorrow with no change to this file.
Pin to the digest instead.
@larsoner

larsoner commented Jul 1, 2026

Copy link
Copy Markdown
Member

This one I'm not sure about... what's the advantage here? I think the risk of using their incrementally updated version is sufficiently low it's not worth the maintenance overhead of us having to update this periodically

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants