Skip to main content

Tabs

Versions

All image lines and versions offered by Minimus are graphically arranged on a chronological timeline, making it simple to understand what versions are available and when they were last updated. Image Versions
  • The left minimap lists the image lines for quick navigation. Select any image line to view available versions offered by Minimus.
  • Images are shown in pairs: a production version alongside a dev version. The dev version is fitted with a few extra developer tools intended for specific use-cases. About image variants
For every image version the following is shown:
  • The recommended tag with the option to copy the pull command in one-click with an embedded active token. A tally shows the number of alternative tags available. Click the version to drill down on it and see the full list of available tags. About the image version card
  • A summary of the number of vulnerabilities currently impacting the image version broken down by severity categories. Vulnerability data shown on this page is current and updated often.
  • An exploitability label shows if the image is currently affected by an active or likely exploit. Learn more
  • A pull counter shows the number of times the image version was pulled by the organization (or by you, if you are on a personal account).
    To lookup which exact digest was pulled, dive into the digest history. Learn more
  • The compressed image size for the amd64 architecture is listed.

Quick start

The quick start guide offers a few simple commands to help get started with the Minimus image, along with some pointers on how it is different from the public image. For in-depth instructions, refer to the documentation provided by the source project.

Risk reduction

Offers a security posture summary report and compares the vulnerability report for the Minimus latest and latest-dev versions to the latest public image. Risk Reduction
  • The Vulnerabilities Comparison graph shows a comparison of the unique CVE count over the previous 30 days. Toggle the view between latest and latest-dev to see both comparisons to the latest public image.
    Vulnerabilities detected and fixed on the same day are not included. If you’re interested in all fixes reported for a Minimus image, visit the image changelog instead.
  • The Detailed Vulnerability Comparison table lists all of the CVEs impacting the latest Minimus image and the public image. For each vulnerability, the full list of impacted packages is provided.
  • The Size Comparison widget compares the compressed image sizes for amd64.
Note that the data for the risk reduction comparison is compiled once a day (The time of the report is indicated). For the most recent vulnerability report for the latest image, see the image version card.

Compliance

The compliance tab demonstrates how the Minimus image meets security, licensing, and regulatory requirements. The information is organized in the following tabs: CIS, NIST, FIPS, STIG, image signature, and SBOM signature. Learn more Compliance Tab

Changelog

A comprehensive changelog maps the image by image line and version, detailing every digest built by Minimus and the changes delivered by every image build. The data is organized by image line and image version as usual. Use the filtering options and searchbar to easily track vulnerability fixes, package version updates, packages added or removed, maintenance updates and more. Expand an entry in the changelog to view more details such as which CVE was fixed and what packages it affected, which packages were updated to what version, etc. Hover over an entry to select the option to compare digests. This button will open the Digest History tab within the image version card. The digest history view shows the latest number of vulnerabilities reported for each image digest and their severity. Learn more about the Minimus image update policy Changelog Complete
  • Toggle between Prod and Dev images. Production and development image lines are shown separately.
  • Expand any fixed vulnerability entry to drill down on the details. The expanded view offers a shortcut link to open the full advisory listing in another browser tab.
  • Search the list by a digest to understand if newer builds have since been released for the same image version and whether they fix vulnerabilities.
Images that are can be deployed using Minimus curated Helm charts include a tab showing related charts. Select a chart from the list to be redirected to the relevant Helm chart page where you can look up version details and deployment instructions. Learn more Related Charts

Drill down

Select any version to drill down on the image version’s details, including the image’s specifications, SBOM, current vulnerability report, and digest history. About the image version card

Private images

The image card for private images includes the following tabs:
  • Versions - complete with a vulnerability report for every version, SBOM, and digest history.
    • The image lines and versions of the private image match those of the starter image.
    • Private images have prod and dev tags.
  • Compliance - includes full CIS and NIST compliance reports, image signature and SBOM signature.
    • STIG and FIPS need to be validated independently.
  • Changelog - complete with all vulnerability fix announcements and related advisories.
The risk reduction tab is hidden for private images.