alt Hacker News1. These are all >1200 of our images, including FIPS, and all versions… others gate many of their images
2. These are all built continuously from upstream source on a distroless base… this makes a significant difference in attack surface and CVE count re DHI images and you can easily check our word with a few scans
3. These are truly free… no auth wall, no signup, no trial, no limit on numbers of images or pulls or anything like that
4. We have really invested in making these agent ready… we have a CLI (minicli) designed for both humans and agents to easily discover, understand, migrate to, and build on them… for example, check out the AI migration prompts we provide for each image, we’ve refined these across many customer deployments such that you can copy paste into your agent of choice, point it at a Dockerfile and have it do all / nearly all the work to move to these images
Replies
how can one be sure you don't do rugpull in the future?
The question was "why over DHI?"
1 and 2 are not a reason
3. no X, no Y, also not a reason
4. `rg agents`. Right
>are all built continuously from upstream source
2. Isn't there a slight risk of upstream attacks being amplified by this? With the recent number of software compromises providing a way for people to use images X days old may be useful.
3. This ties into 2, if someone downloads and uses an image that is later found to be compromised they mostly have no way of being notified that happened. Not a huge issue, but is something that should be risk assessed.