While using always the latest version may seem convenient, the build cannot be repeated because it is not clear which was the last version. In
addition, it can lead to unpredictability and issues such as version mismatch and potential security vulnerabilities.
What is the potential impact?
For example, if a developer builds and deploys an application using my-image:latest
, they may unknowingly be using a different version
of the image than another developer who also built and deployed the same application using my-image:latest
. This can lead to version
mismatches, which can cause bugs or compatibility issues.
In addition, using latest
as the tag for Dockerfile images can potentially introduce security vulnerabilities. For instance, if a
security vulnerability is discovered in an image and a new version is released to fix it, using latest
as the tag means that the
application will automatically use the updated image, even if it has not been properly tested and vetted for compatibility with the application.