Debian-Dev Docker Images

Tagged releases of debian-dev docker images for reproducible build environments.

Built		Scanned		Signed
ephemerally		syft		yubikey (openpgp-rsa-2048/ssh-ecdsa-sk)
rootlessly		grype		in-toto (TSA attestation)
attestably		scout (slim/base images)		docker provenance (attestation)

Usage

Use It!

• Find pull instructions in the Docker Hub

• See other examples 0mniteck

Fork It!

• A. Create a Docker Hub
• B. Fork and edit the .identity file
• C. Bump versions using the .pinned_ver file

Build It!

Requirements:

• aarch64/armv8/arm64 (rootless builds can't be CC'd)
• Yubikey with CCID enabled is required for signing
• Ubuntu 25.10 (will run on any debian distro with minor changes)

Build using pkexec --keep-cwd ./buildscript.sh

Push Digests and Grype Status

Debian/image.digests

Lines 3 to 4 in ff892f7

	# 0mniteck/debian-slim:02-14-2026
	sha256:a2ec07c419329a3abbcadd5d0395c035ddd97497255dd4a894e7169db60f776d

Debian/readme.md

Lines 1 to 3 in 6ee9b6b

	#### ✔ Scanned for vulnerabilities [778 vulnerability matches]
	#### ├── by severity: 1 critical, 64 high, 220 medium, 47 low, 591 negligible (69 unknown)
	#### └── by status: 25 fixed, 967 not-fixed, 214 ignored

Debian/image.digests

Lines 5 to 6 in ff892f7

	# 0mniteck/debian:02-14-2026
	sha256:9bfef687d57652a614f0373625e0cd0835b4081921e5c2b17b58cc5c44a761a7

Debian/readme.md

Lines 1 to 3 in 16e7b15

	#### ✔ Scanned for vulnerabilities [906 vulnerability matches]
	#### ├── by severity: 1 critical, 77 high, 261 medium, 47 low, 665 negligible (69 unknown)
	#### └── by status: 27 fixed, 1093 not-fixed, 214 ignored

Debian/image.digests

Lines 1 to 2 in ff892f7

	# 0mniteck/debian-extra:02-14-2026
	sha256:1ab70b7b8b6609060f8471f07bbeaec62b7740b75a44e1c234d7b7396619c95b

Debian/readme.md

Lines 1 to 3 in 7ee312f

	#### ✔ Scanned for vulnerabilities [965 vulnerability matches]
	#### ├── by severity: 1 critical, 82 high, 265 medium, 56 low, 706 negligible (69 unknown)
	#### └── by status: 27 fixed, 1152 not-fixed, 214 ignored

Currently Supported Tagged Images/Snapshots

02/14/26:

debian:trixie-20260202-slim sha256:87e841c117299b7bfba269bd410cd1215f9aac28e8b3bab5d93117542e2636f1

https://snapshot.debian.org/archive/debian/20260213T203004Z

https://snapshot.debian.org/archive/debian-security/20260213T190147Z

02/12/26:

debian:trixie-20260202-slim sha256:87e841c117299b7bfba269bd410cd1215f9aac28e8b3bab5d93117542e2636f1

https://snapshot.debian.org/archive/debian/20260212T204405Z

https://snapshot.debian.org/archive/debian-security/20260212T194631Z

01/22/26:

debian:trixie-20260112-slim sha256:5a777b4bb3cfd59d2def8e0db5e3e70a9bfa262d7f5f2251a4b0ee84d7b45193

https://snapshot.debian.org/archive/debian/20260121T202109Z

https://snapshot.debian.org/archive/debian-security/20260120T213558Z

Included Packages

debian-slim: build-essential curl git git-lfs libasound2-dev libgtk-3-dev libnss3-dev libpulse-dev lsb-release rubygems wget xauth xvfb

↓

debian: bc bison device-tree-compiler flex gcc-aarch64-linux-gnu gcc-arm-linux-gnueabihf gcc-arm-none-eabi libgnutls28-dev libncurses-dev libssl-dev lzop nasm parted python3-dev python3-pyelftools python3-setuptools swig unzip uuid-dev zip

↓

debian-extra: acpica-tools adb adduser autoconf automake bzip2 ccache clang cmake codespell cpio cscope e2tools expect fastboot ftp-upload g++ gawk gcc gdb-multiarch gdisk gettext gperf help2man libattr1-dev libcap-ng-dev libclang-rt-dev libfdt-dev libftdi-dev libglib2.0-dev libgmp3-dev libhidapi-dev libmpc-dev libpixman-1-dev libslirp-dev libstdc++6 libtext-template-perl libtool libtool-bin libusb-1.0-0-dev lld make meson mtools netcat-openbsd ninja-build patch python-is-python3 python3-cryptography python3-pip python3-pycodestyle python3-pycryptodome python3-serial rsync texinfo xalan xdg-utils xterm xz-utils zlib1g-dev