Docker save, OCI tarball surgery, and hand-recomputed digests. gzipping the tar was faster.
Things that actually made it out of the backlog. Against all odds, these got done. Or at least documented.
Vulnerability scanning, VEX files, and Docker Hardened Images. CVE count is a bad metric.
Docker scratch containers are small, but what if I just booted a Go binary directly on bare metal?
University had me 'build' a compiler by adding features to someone else's code. This time I wanted the segfaults to be my own.
I always thought ECC was just error correction. Turns out the detection part is the whole point.
Making two computers behind NATs talking directly to each other. What could possibly go wrong.
Running my own Tailscale so my mates can't blame the network when they lose
Got Plex running in an LXC with iGPU passthrough. Now I maintain media infrastructure for family members. This is fine.