@bagder Well, at least for podman users, we can ensure an official shortname matches wherever you want to go: https://github.com/containers/shortnames 😉

And have you looked at where to move the official images for curl yet? I've been using quay.io for my personal images and it's quite nice. 😀

@bagder i thought you meant about the fact that without curl, docker things will break. instead, it's much worse. it's kind of like a bait and switch.

either way, both outcomes are bad for the docker registry, so docker might have to make an exception for the popular images (while allowing less popular images to die).

@bagder on the one hand I can understand that running such a platform „for free“ is hard. On the other hand they already charge users for using the platform. By also charging the „content providers“ (and hence scaring them away) they will also loose the users in the long run. Why pay if your favourite images are not available any more?

Not to mention all the other issues (e.g. bad actors claiming previously well known account names etc). This seems like giant footgun.

@bagder i created + ran freepository for 17 yrs - lots of paid accounts but TONS of free ones.

i never did anything like this + even when i sunsetted the service, i gave everyone six months notice + the ability to download full repos.

not everyone who provides a free service behaves this way.

@bagder *nodds in agreement*

Every good #hoster will #chache shit and use at least an inhouse #CDN to save on external traffic.

To the point that hosters have caching proxies for packages of distros preconfigured in their images.

@bagder that's right, they need to tend their own walled garden.

Kinda like with Elon threatening to allow impersonators on his site if you don't give him money lol

@bagder this can become the biggest industrial catastrophe..

But I read on github that they will forbid squating... (I don't really trust them..)

I recomend people to forbid their registry and ask their package maintainer to use a different one.

@bagder there's going to be a lot of squatting of Docker names soon. Docker images may become the main vector for delivering malware. And it's all on them, all self-inflicted.

I *WANT* people to do a docker pull of curl and install malware instead. I want it with all of my heart because I want people to figure out that Docker is an unreliable company that builds an unreliable product, and that those who slap the FOSS community after relying on them to grow deserve to get nothing but shitware.

@bagder apparently, accounts/organization names are not made available to new registers. I suppose it will mitigate the risk of squatting?

(source: https://twitter.com/justincormack/status/1635706522419200004)