Big name for government backed hacking tools to list them separately on supported devices / OS cause it’s more secure.

Funny enough there is a layer for discord like stuff adding into https://movim.eu/ which relies on the backed of an XMPP server.

It appears the image runs as a non root user at least… You can drop unnecessary capabilities https://oneuptime.com/blog/post/2026-01-16-docker-drop-capabilities/view

You can also add firewall redfrictions to container to only allow it to connect to services you want to limit injection attacks.

This would help, but still could be open to a lot of security problems I’d imagine.

Edit forgot also make it read-only filesystem but likely need exceptions so the application works.

I been watching this one but lacking docker images published from anywhere but docker.io has kept me from wanting to migrate to it, glad to see its being added in v2.0.0 though.

v2.5.2 is planned to release today, they pulled v2.5.0 android apk since there was a bug with it. So I’d suggest waiting for the release today at least.

Velero is the backup solution for PVCs and k8s way.