|
|
|
|
|
|
by rgovostes
332 days ago
|
|
|
> Docker `:latest` tag guarantees you always get current docs without manual updates. The docs should probably be pinned to the version of the tool you have installed. Aside from that, pinning to a specific container hash (not tag) allows you to audit it and trust that malicious instructions haven’t been introduced into the docs. |
|
|
```shell # Pin to commit hash for production security # Get current hash from: https://hub.docker.com/r/keminghe/py-dep-man-companion/tags docker pull keminghe/py-dep-man-companion@sha256:2c896dc617e8cd3b1a1956580322b0f0c80d5b6dfd09743d90859d2ef2b71ec6 # 2025-07-22 release example
# Or use latest for development docker pull keminghe/py-dep-man-companion:latest ```