Just Say No To `:Latest`

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • hadolint

    Dockerfile linter, validate inline bash, written in Haskell

  • Worth noting that Hadolint[1] raises warnings the issues mentioned in the article. Some examples of warnings:

    - https://github.com/hadolint/hadolint/wiki/DL3007: Using latest is prone to errors if the image will ever update. Pin the version explicitly to a release tag.

  • dockerfile-image-update

    A tool that helps you get security patches for Docker images into production as quickly as possible without breaking things

  • A similar tool to dependabot written by Salesforce: https://github.com/salesforce/dockerfile-image-update

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • semgrep-rules

    Semgrep rules registry

  • Hadolint is great! If you want to customize your lint logic beyond the checks in it, I recently wrote a Semgrep rule to require all our Dockerfiles to pin images with a sha256 hash that could be a good starting point: https://github.com/returntocorp/semgrep-rules/pull/1861/file...

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Ask HN: Popular open source tool originally written in Haskell?

    3 projects | news.ycombinator.com | 10 Feb 2024
  • Are there tools that tell you if you can optimize your dockerfiles?

    5 projects | /r/docker | 8 Jul 2022
  • CONTAINER SECURITY

    3 projects | /r/u_sybrenbolandit | 31 Aug 2021
  • Best Practices for R with Docker

    8 projects | dev.to | 31 May 2021
  • 21 Best Practises in 2021 for Dockerfile

    2 projects | dev.to | 29 May 2021