From 88046dda7f28ac80c21894b661aa6c47b7299cf6 Mon Sep 17 00:00:00 2001 From: Mathias Beaulieu-Duncan Date: Tue, 3 Feb 2026 03:33:34 -0500 Subject: [PATCH] Update README with friendlier tone Focus on Wolfi benefits rather than competitor comparisons. Highlight lightweight nature and automatic updates. Co-Authored-By: Claude Opus 4.5 --- README.md | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 860c823..ff31997 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Flutter SDK Docker Images -Minimal, secure Flutter SDK images for CI/CD pipelines. Built on [Wolfi](https://wolfi.dev) for a smaller footprint and zero CVEs. +Lightweight Flutter SDK images for CI/CD pipelines. Built on [Wolfi](https://wolfi.dev), a security-focused Linux distribution designed for containers. ## Images @@ -10,23 +10,21 @@ Minimal, secure Flutter SDK images for CI/CD pipelines. Built on [Wolfi](https:/ | `svrnty/flutter-sdk:android-latest` | Android APK/AAB builds | ~1.7 GB | | `svrnty/flutter-sdk:linux-latest` | Linux desktop builds | ~1.3 GB | -### Size Comparison +## Why Wolfi? -| Image | Size | -|-------|------| -| **svrnty/flutter-sdk:android** | **1.7 GB** | -| cirrusci/flutter:stable | 4.5 GB | -| ghcr.io/cirruslabs/flutter:stable | 6.8 GB | +[Wolfi](https://wolfi.dev) is a lightweight Linux distribution built specifically for containers. It provides: -Up to **75% smaller** than alternatives. +- **Minimal footprint** - Only essential packages, nothing extra +- **Daily security updates** - Patches applied quickly +- **Designed for containers** - No legacy cruft from traditional distros ## Features -- **Zero CVEs** - No critical, high, or medium vulnerabilities +- **Lightweight** - Optimized for fast CI/CD pulls +- **Secure** - Built on Wolfi with continuous vulnerability scanning - **Multi-arch** - Supports both `linux/amd64` and `linux/arm64` - **Non-root** - Runs as unprivileged user (UID 65532) -- **Minimal** - Only includes dependencies needed for each platform -- **SBOM & Provenance** - Full supply chain attestations included +- **Supply chain security** - SBOM and SLSA provenance attestations included ## Usage @@ -94,13 +92,13 @@ jobs: - `-` - Specific Flutter version (e.g., `android-3.38.9`) - `-dev` - Pre-release testing -## Security +## Automatic Updates -All images are: -- Scanned with Docker Scout on every release -- Built with SBOM and SLSA provenance attestations -- Based on Wolfi (minimal attack surface) -- Automatically updated when new Flutter versions are released +Images are automatically rebuilt when: +- New Flutter stable versions are released +- Base image security updates are available + +Every build is scanned and includes supply chain attestations (SBOM, SLSA provenance). ## License