In the risk reduction tab, it should compare the vulnerability count against the node-slim image. In my eyes, it takes away from the offering when they try to prop up the vuln count for the official images, and nobody deploys `node:latest`.
In the risk reduction tab, it should compare the vulnerability count against the node-slim image. In my eyes, it takes away from the offering when they try to prop up the vuln count for the official images, and nobody deploys `node:latest`.
> nobody deploys `node:latest`
Oh how I wish that were true.
Even the :latest is something of a wish :)
You may / may not be surprised how many enterprises still run long ago EOL'd versions of various stacks, frequently on full blown OS base layers of similar vintage