Get the latest tech news
Creating an up-to-date Distroless Python Image (2022)
My blog about interesting technology - and in particular Cloud Platforms & Services, and my experiences with them
Whilst common languages like Java and Node have well-established Distroless variants that are updated frequently, the Python one continues to be marked as experimental and appears to change more rarely. In my opinion, the Debian team do a good job in general justifying why they are or aren’t patching certain CVEs - but regardless of your view on that, simply having to act at all - either to suppress in your vulnerability management tool (after reviewing it carefully) or address the issue - across many images on a regular basis is extremely toilsome work. If you encounter anything similar to this, I’ve found the easiest way to deal with it is to spin up the builder image locally and just find the mentioned library on the filesystem to figure out what needs copying over.
Or read this on Hacker News/cdn.vox-cdn.com/uploads/chorus_asset/file/24483624/236554_Garmin_Forerunner_265S_AKrales_0156.jpg)
