[justincormack]

Well 48MB is a lot. Also Musl Libc has advantages, eg it has an emphasis on correctness, it is easy to understand (read the code, it is great, Glibc is very hard to understand). Plus if you want to make statically linked binaries you pretty much need to use Musl, as Glibc has many cases that do not work.

Which security updates? Generally these are pretty quick, and the processes are improving.

[jzelinskie]

I hope the processes keep improving. They recently introduced Alpine SecDB[0], which is their database (YAML files) of CVEs. I've been told from one of their developers that it may not be actively maintained. I hope they stick with it since now we can use that in Clair[1] to improve the transparency of containers.

[0]: http://git.alpinelinux.org/cgit/alpine-secdb/

[1]: https://github.com/coreos/clair