← Back to work Project Hardened Images DockerSupply-Chain A base-image pipeline that starts from nothing and adds only what's proven necessary. Reproducible builds, cosign signatures, SBOMs on every push, and CI that fails on a single new vulnerability.