I saw a thread the other day on docker command pull alpine:latest is not good. Im pretty sure like every enterprise docker container is running this command. Anyone see anyone change this or bring this up at work?
They’re probably referring to the “latest” tag. The “latest” tag is a terrible idea to be anywhere near anything that matters but I’d be very surprised if any enterprise is depending on a latest tag.
Digest pinning is what should be used in any system that matters.
