1. Distroless base. Imagine an effectively empty filesystem that only includes the components needed to run the app. The package manager we use is apk from Alpine and we make our full package universe of >10,000 packages available freely to Community Edition users. If you want a more 'normal' experience with a shell and apk, use the -dev versions of images that are still minimalistic but include a little more tooling like this.
2. For creator, you're basically taking any image from our public gallery and able to add whatever other packages from our universe to it, set env vars, upload files (customers typically use this for adding conf files and certificates). Then we maintain that image 'recipe' for you continuously, under the same SLAs we do all the public images. More details at https://docs.minimus.io/enterprise-edition/image-creator#ima...
3. Nope :) We are building every package across our universe continuously. Whenever there's a new version of any of them, we pull source, build package, compute what images (including creator ones) use that package, rebuild those images, test, sign.
Just a little bit of feedback: some items on the main page are duplicated, which could be confusing. For example, "nginx-advanced" appears as updated both 3 days ago and 2 hours ago.
One of those is the image, one is a Helm chart using that image. The chart has an label and icon for chart but obviously we need to make this clearer :)
Curious how this plays into customizing images with creator, are you guys responsible for all the packaging?
Would my keester be on the line if say an upstream package got hit with an attack but I use it through creator?