It seems like their whole platform depends on it though… to my read they’re providing their users with cloud devcontainers to connect to from their local VS Code, then deploying to production by snapshotting the container with docker commit. Those containers have SSH enabled to the internet, which is where all of the auth logs came from that wound up baked into the images.