• sabreW4K3@lemmy.tf
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    9 months ago

    I don’t understand. Why are they so specific in the Docker Compose? Why not just have a Docker that pulls the latest of each package without requiring the user to copy long strings?

    • EarMaster@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      9 months ago

      For the exact reason they are posting this. What if some service you are referencing has breaking changes? If you pinpoint the exact version it will have no effect to your project unless you decide (hopefully after some consideration) to upgrade the service version number.

      • sabreW4K3@lemmy.tf
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        9 months ago

        Sorry, I think I’m asking my question poorly, what I mean is instead of

        image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
            
        

        Which clearly requires user interaction, why not take that out of users’ hands and just have

        image: tensorchord/pgvecto-rs:latest-stable
            
        

        Which is effectively what they’re using anyway? I can understand freezing on a version when the upstream removes a feature, but that’s not happened and even so, why do they need the SHA verification? Sorry if it seems stupid and straight forward, this is the only container I host that does this and so I’m trying to understand it rather than just feel aggrieved by it.

        • topsecret@feddit.uk
          link
          fedilink
          English
          arrow-up
          7
          ·
          9 months ago

          Also, it’s best practise to specifically refer to the digest for containers to avoid re-tags resulting in different images. For folks who audit what runs on their infrastructure, digests are the standard way of referring to an image. For Immich, I’d presume that the digest is partially a security thing and partially a “this specific image is known to be working”.

        • GravitySpoiled@lemmy.mlOP
          link
          fedilink
          English
          arrow-up
          4
          ·
          9 months ago

          I wondered about the sha as well but that’s good if you really depend on that version. Since immich is still heavily developing, this isn’t something I’d focus in the short term. Only if it persists

        • ShortN0te@lemmy.ml
          link
          fedilink
          English
          arrow-up
          4
          ·
          9 months ago

          pgvecto.rs is a Postgres extension that provides vector similarity search functions. It is written in Rust and based on pgrx. It is currently in the beta status, we invite you to try it out in production and provide us with feedback. Read more at 📝our blog.

          Because there is no stable release. Any update can have breaking changes since it is beta software like immich itself.

          • sabreW4K3@lemmy.tf
            link
            fedilink
            English
            arrow-up
            4
            ·
            9 months ago

            Thank you very much. I looked at their Github and saw a couple channels for releases and made a poor assumption. Thanks for sharing your insight.