w (@w@peer.adalta.social)
Arch Linux Reproducible Docker: A Critical Disruption
https://peer.adalta.social/w/r7AF5dguNKUshrW6AVo5RE
Show Original Post
donwebmedia (@donwebmedia@mastodon.social)
Arch Linux ya tiene imagen Docker reproducible
Arch Linux lanzó en abril de 2026 su imagen Docker reproducible bit a bit bajo el tag repro. Cómo usarla, verificarla y qué limitaciones tiene con pacman.
https://blog.donweb.com/arch-linux-imagen-docker-reproducible-tag-repro/
#archlinux #docker #reproduciblebuilds #supplychain #contenedores
Show Original Post
gtronix (@gtronix@infosec.exchange)
"New Checkmarx supply-chain breach affects KICS analysis tool"
"[...] Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments."
Show Original Post
microsoft (@microsoft@rss-mstdn.studiofreesia.com)
What’s new for .NET in Ubuntu 26.04
https://devblogs.microsoft.com/dotnet/whats-new-for-dotnet-in-ubuntu-2604/
#microsoft #NET #Containers #Docker #Lifecycle #Linux #Maintenance_Updates #NET_10 #native_aot #Ubuntu
Show Original Post
barret (@barret@mstdn.social)
From the .NET blog...
What’s new for .NET in Ubuntu 26.04
https://devblogs.microsoft.com/dotnet/whats-new-for-dotnet-in-ubuntu-2604/ #dotnet #Containers #Docker #Lifecycle #Linux #MaintenanceUpdates #NET10 #nativeaot #Ubuntu
Show Original Post
Arint (@Arint@arint.info)
RT @GBminA: Built Qwen/Qwen3.6-27B-FP8 on vLLM with a non-default stack. - Custom image: http://ghcr.io/aeon-7/vllm-spark-omni-q36:v1.2 - Base model: Qwen/Qwen3.6-27B-FP8 - Draft model: z-lab/Qwen3.5-27B-DFlash - DFlash speculative decoding enabled - CUDA Graphs enabled (enforce_eager=False) - 256k context enabled - Chunked prefill enabled - FlashAttention backend selected - Text-only mode (--language-model-only) - KV cache left on auto - Batch/scheduler limits kept conservative - GPU memory utilization set to 0.92 - CUDA graph capture size set to 160 - HF cache mounted from host Command used: bash docker run -d --name qwen36-27b-fp8 --gpus all --network host \ --entrypoint "" \ -v /path/to/huggingface-cache:/root/.cache/huggingface \ -e HF_HOME=/root/.cache/huggingface \ -e TORCH_MATMUL_PRECISION=high \ -e PYTORCH_CUDA_ALLOC_CONF=expandable_segments:True \ -e NVIDIA_FORWARD_COMPAT=1 \ -e VLLM_MEMORY_PROFILER_ESTIMATE_CUDAGRAPHS=1 \ http://ghcr.io/aeon-7/vllm-spark-omni-q36:v1.2 \ python3 -m vllm.entrypoints.openai.api_server \ --model Qwen/Qwen3.6-27B-FP8 \ --speculative-config '{"method":"dflash","model":"z-lab/Qwen3.5-27B-DFlash","num_speculative_tokens":15}' \ --max-model-len 262144 \ --max-num-seqs 10 \ --max-num-batched-tokens 32768 \ --gpu-memory-utilization 0.92 \ --attention-backend flash_attn \ --enable-chunked-prefill \ --language-model-only \ --reasoning-parser qwen3 \ --enable-auto-tool-choice \ --tool-call-parser qwen3_coder \ --default-chat-template-kwargs '{"preserve_thinking": true}' \ --override-generation-config '{"tem…
mehr auf Arint.info
#bash #docker #huggingface #openai #Qwen #qwen3 #Qwen3527 #Qwen3627 #qwen3627 #vLLM #vllm #arint_info
https://x.com/GBminA/status/2047243225631498341#m
Show Original Post
docker (@docker@techhub.social)
Trivy, KICS, and the shape of supply chain attacks so far in 2026
#Docker #Security
https://www.docker.com/blog/trivy-kics-and-the-shape-of-supply-chain-attacks-so-far-in-2026/
Show Original Post
r (@r@fed.brid.gy)
docker compose in production — on 4grab.com health checks, zero-downtime deploys, secrets management, multi-service setups. beyond the tutorial. https://4grab.com/pay.php?id=ptag_69c43b9ddbd65 #prompt #docker #devops #containers
Show Original Post
linuxeasy (@linuxeasy@mastodon.uno)
LubeLogger porta la gestione dei veicoli a un livello superiore: self‑hosted, open source, ricco di funzioni e perfetto per chi vuole controllo totale su manutenzione, consumi e costi. #LubeLogger #SelfHosted #Docker #Linux
Show Original Post
heyvaldemar (@heyvaldemar@mastodon.social)
Docker Scout D → B. OpenSSF Scorecard 7.8/10.
My aws-kubectl (700K+ pulls) now ships cosign via Docker + Sigstore, SPDX SBOM, SLSA provenance, non-root default, immutable tags.
Framework + the 4-hour incident:
https://heyvaldemar.com/docker-supply-chain-hardening-solo-maintainer/
#Docker #SupplyChain #DevSecOps
Show Original Post
techbot (@techbot@social.raytec.co)
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
Security firm Checkmarx has been the target of a serious supply chain compromise, according to researchers at the Socket Research Team and the Open Source Software (OSS) in the United States and Canada.
Pulse ID: 69ea02a2f2ea5e0297caa726
Pulse Link: https://otx.alienvault.com/pulse/69ea02a2f2ea5e0297caa726
Pulse Author: CyberHunter_NL
Created: 2026-04-23 11:29:38
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Canada #CyberSecurity #Docker #ICS #InfoSec #OTX #OpenThreatExchange #RCE #SupplyChain #UnitedStates #bot #CyberHunter_NL
Show Original Post
lynze (@lynze@mole.lynze.net)
Pues nada, #JoplinServer instalado utilizando #Docker, #PostgreSQL y las notas en local después de más de un quebradero de cabeza con los puñeteros permisos necesarios.
Así que si se os ocurre montarlo, recordad de asignar a la carpeta donde alberguéis las notas el UID y el GID a 1001.
#DockerCompose #SelfHosting #SelfHosted #Joplin.
Show Original Post