(1) and (2) aren't really broken, IMHO. For most cases always using the most up ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		treis on May 28, 2019 \| parent \| context \| favorite \| on: Simple Dockerfile examples are often broken by def... (1) and (2) aren't really broken, IMHO. For most cases always using the most up to date version is better than having 100% reproducible builds. After all, you have the docker image that you can distribute if you really need to. Better to pick up security and performance patches as they become available. If those updates break something then you can make the decision to fix on a known good version.

erik_seaberg on May 28, 2019 [–]

If you always pin, you have history to tell you which versions were good. If you mostly don't, you have to start disassembling a bunch of old images just to figure out what they were built from.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact