Jon Johnson

> We should upgrade python2 to 2.7.18 or python3 You're saying this is fixed with just a version bump?

I'd probably lean toward just removing the warning altogether, but I'm not sure how to weigh the annoyance of an incorrect warning message vs the time saved from this warning...

> However, this is not the case, because the problem was actually that my system was not able to run docker without sudo. And with sudo I was not able...

tl;dr if kaniko wants to build this static binary, they need to pass more flags: https://github.com/golang/go/issues/24787#issuecomment-387611691

~~Is there a similar tool to [`stargzify`](https://github.com/google/crfs/tree/master/stargz/stargzify) for eStargz that I can play with?~~ Edit: nvm, found https://github.com/containerd/stargz-snapshotter/blob/v0.2.0/docs/ctr-remote.md

> This is a contradiction as the current version of the spec says the only mediaType allowed in an image index is `application/vnd.oci.image.manifest.v1+json` and `application/vnd.oci.image.index.v1+json` I read this differently. The...

I'll add another weak argument in favor: it would be nice to have a minimal dependency implementation of the healthcheck parser for things like https://github.com/bazelbuild/rules_docker/pull/1742

> Why include the size of the reference? `size` is a REQUIRED [descriptor property](https://github.com/opencontainers/image-spec/blob/master/descriptor.md#properties), so we need to include it, but it's the size of the thing being referenced. Looking...

Some things I'm personally unsure about for this proposal: ### plurality The current proposal adds a singular `reference` to descriptors and image/index objects. I think this is cleaner in most...

> can avoid DoS attacks Exactly. Here's a scenario I would imagine is prevented by this: You've been compromised such that there is a MITM between your client and the...