Docker Blog
-
Building a healthy and secure software supply chain
Securing the software supply chain is now an everyday concern for developers. As attackers increasingly target open-source components as a way to compromise the software supply chain, developers hold the keys to making their projects as secure as they can be. That’s why Docker continues to invest heavily in our developer tools like Docker Desktop…
Read now
-
Introduction to heredocs in Dockerfiles
Guest post by Docker Community Member Justin Chadell. This post originally appeared here. As of a couple weeks ago, Docker’s BuildKit tool for building Dockerfiles now supports heredoc syntax! With these new improvements, we can do all sorts of things that were difficult before, like multiline RUNs without needing all those pesky backslashes at the…
Read now
-
Docker Security Roundup: News, Articles, Sessions
With the eyes of the security world converging on Black Hat USA next week, now is a good time to remember that building secure applications is paramount. In the latest chapter in Docker’s security story, Docker CTO Justin Cormack last month provided an important update on software supply chain security. He blogged about the publication…
Read now
-
Engineering Update: BuildKit 0.9 and Docker Buildx 0.6 Releases
On July 16th we released BuildKit 0.9.0, Docker Buildx 0.6.0, Dockerfile 1.3.0 and Dockerfile 1.3.0-labs. These releases come with bug fixes, feature-parity improvements, refactoring and also new features. Dockerfile new features Installation There is no installation needed: BuildKit supports loading frontends dynamically from container images. Images for Dockerfile frontends are available at docker/dockerfile repository. To…
Read now
-
Level Up Security with Scoped Access Tokens
November 2024 update: Read the Docker security documentation to learn about the latest security features. Then, visit the Docker subscriptions page to find a plan that’s right for you. — Scoped tokens are here ! Scopes give you more fine grained control over what access your tokens have to your content and other public content on Docker…
Read now
-
Docker Captain Take 5 – Lucas Santos
Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what…
Read now
-
Docker for Node.js Developers: 5 Things You Need to Know Not to Fail Your Security
Guest post by Liran Tal, Snyk Director of Developer Advocacy Docker is totalling up to more than 318 billion downloads of container images. With millions of applications available on Docker Hub, container-based applications are popular and make an easy way to consume and publish applications. That being said, the naive way of building your own…
Read now
-
Video: Docker Build: Simplify Cloud-native Development with Docker & DAPR
Docker’s Peter McKee hosts serverless wizard and open sorcerer Yaron Schneider for a high-octane tour of DAPR (as in Distributed Application Runtime) and how it leverages Docker. A principal software engineer at Microsoft in Redmond, Washington, Schneider co-founded the DAPR project to make developers’ lives easier when writing distributed applications. DAPR, which Schneider defines as…
Read now