Debian-Dev Docker Images

Snapshot releases of debian-dev docker images for reproducible build environments.

Built	Signed	Scanned
attestably	cosign (keyless attestation via OIDC)	(low-to-no CVE's at buildtime)
ephemerally	docker provenance (attestation)	grype (at buildtime)
immutably	in-toto (github release TSA attestation)	syft (images/OS/firmware)
rootlessly	yubikey (openpgp-rsa-2048/ssh-ecdsa-sk)	scout (slim/base images)

Usage

Use It!

Find pull instructions in the → Docker Hub
See other examples → 0mniteck

Fork It!

A. Create a Docker Hub
B. Fork this repo and edit the .identity file
C. Manually set versions using the .pinned_ver file

Build It!

Requirements:

Yubikey with CCID enabled is required for signing
linux/arm64 or linux/amd64 (Cross Compile supported - 5x slower)
Ubuntu 25.10 (will run on any debian distro with minor changes)

Clone git clone https://github.com/$REPO/Debian.git && cd Debian

Build using ./buildscript.sh as a standard user

Push Digests and Results

Full chain Software Bill of Materials (Docker/OS/Firmware)
- Syft SBOM's spdx.json
- Grype Scans/Results
- Image Attestation/Digests/Signature
- Provenance Metadata

Docker Grype Status

Debian/readme.md

Lines 1 to 7 in 2e0266f

    
           #### ✔ Scanned for vulnerabilities [750 vulnerability matches]  
        
           #### ├── by severity: 0 critical, 47 high, 210 medium, 47 low, 591 negligible (107 unknown) 
        
           #### └── by status: 4 fixed, 998 not-fixed, 252 ignored  
        
           ##  
        
           ``` 
        
           # 0mniteck/debian-slim:02-18-2026 
        
           sha256:13b15f452474e3f662cb3c2c76d2b480f90c2e6318f3905ae9b4711fd6c7b10b

Debian/readme.md

Lines 1 to 7 in 50ca39a

    
           #### ✔ Scanned for vulnerabilities [878 vulnerability matches]  
        
           #### ├── by severity: 0 critical, 60 high, 251 medium, 47 low, 665 negligible (107 unknown) 
        
           #### └── by status: 6 fixed, 1124 not-fixed, 252 ignored  
        
           ##  
        
           ``` 
        
           # 0mniteck/debian:02-18-2026 
        
           sha256:e73327a93716835759f598bee57456c2e8fa93d8afff42087e5dba297adf61d7

Debian/readme.md

Lines 1 to 7 in 325de3b

    
           #### ✔ Scanned for vulnerabilities [937 vulnerability matches]  
        
           #### ├── by severity: 0 critical, 65 high, 255 medium, 56 low, 706 negligible (107 unknown) 
        
           #### └── by status: 6 fixed, 1183 not-fixed, 252 ignored  
        
           ##  
        
           ``` 
        
           # 0mniteck/debian-extra:02-18-2026 
        
           sha256:683e5406079257604f7f6ab0848293d0ef6bb55c501df162fcbd2d0f65ec8c22

OS Results

Debian/Results/readme.md

Lines 1 to 11 in 6435dc9

    
           #### ✔ Scanned for vulnerabilities [6784 vulnerability matches]  
        
           #### ├── by severity: 0 critical, 7 high, 10355 medium, 698 low, 114 negligible 
        
           #### └── by status: 3352 fixed, 7822 not-fixed, 4390 ignored  
        
           ##  
        
           ``` 
        
           # 0mniteck/debian-extra:02-18-2026 
        
           sha256:683e5406079257604f7f6ab0848293d0ef6bb55c501df162fcbd2d0f65ec8c22 
        
           # 0mniteck/debian-slim:02-18-2026 
        
           sha256:13b15f452474e3f662cb3c2c76d2b480f90c2e6318f3905ae9b4711fd6c7b10b 
        
           # 0mniteck/debian:02-18-2026 
        
           sha256:e73327a93716835759f598bee57456c2e8fa93d8afff42087e5dba297adf61d7

Firmware Scans

`U-Boot:/Results`

Currently Tagged Image/Snapshots

Low-to-No CVE's for current tag 2026-02-18
- Immutable Release

debian:trixie-20260202-slim sha256:f6e2cfac5cf956ea044b4bd75e6397b4372ad88fe00908045e9a0d21712ae3ba

https://snapshot.debian.org/archive/debian/20260218T142537Z

https://snapshot.debian.org/archive/debian-security/20260218T154409Z

0mniteck's Current GPG Key ID: 287EE837E6ED2DD3

^{^{*Vigilant Mode is on for this repo so all remote pushes/tags should be signed with a verified key.}}

Included Packages

debian-slim: build-essential curl git libasound2-dev libgtk-3-dev libnss3-dev libpulse-dev lsb-release rubygems wget xauth xvfb

↓

debian: bc bison device-tree-compiler flex gcc-aarch64-linux-gnu gcc-arm-linux-gnueabihf gcc-arm-none-eabi libgnutls28-dev libncurses-dev libssl-dev lzop nasm parted python3-dev python3-pyelftools python3-setuptools swig unzip uuid-dev zip

↓

debian-extra: acpica-tools adb adduser autoconf automake bzip2 ccache clang cmake codespell cpio cscope e2tools expect fastboot ftp-upload g++ gawk gcc gdb-multiarch gdisk gettext gperf help2man libattr1-dev libcap-ng-dev libclang-rt-dev libfdt-dev libftdi-dev libglib2.0-dev libgmp3-dev libhidapi-dev libmpc-dev libpixman-1-dev libslirp-dev libstdc++6 libtext-template-perl libtool libtool-bin libusb-1.0-0-dev lld make meson mtools netcat-openbsd ninja-build patch python-is-python3 python3-cryptography python3-pip python3-pycodestyle python3-pycryptodome python3-serial rsync texinfo xalan xdg-utils xterm xz-utils zlib1g-dev

Name		Name	Last commit message	Last commit date
Latest commit History 531 Commits
Results		Results
debian @ 50ca39a		debian @ 50ca39a
debian-extra @ 325de3b		debian-extra @ 325de3b
debian-slim @ 2e0266f		debian-slim @ 2e0266f
.gitmodules		.gitmodules
.identity		.identity
.pinned_ver		.pinned_ver
buildscript.sh		buildscript.sh
license		license
modules		modules
readme.md		readme.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Debian-Dev Docker Images

Usage

Use It!

Find pull instructions in the → Docker Hub

See other examples → 0mniteck

Fork It!

Build It!

Push Digests and Results

Docker Grype Status

OS Results

Firmware Scans

`U-Boot:/Results`

Currently Tagged Image/Snapshots

Included Packages

↓

↓

See also:

About

Uh oh!

Releases 1

Contributors

Uh oh!

Languages

	#### ✔ Scanned for vulnerabilities [750 vulnerability matches]
	#### ├── by severity: 0 critical, 47 high, 210 medium, 47 low, 591 negligible (107 unknown)
	#### └── by status: 4 fixed, 998 not-fixed, 252 ignored
	##
	```
	# 0mniteck/debian-slim:02-18-2026
	sha256:13b15f452474e3f662cb3c2c76d2b480f90c2e6318f3905ae9b4711fd6c7b10b

	#### ✔ Scanned for vulnerabilities [878 vulnerability matches]
	#### ├── by severity: 0 critical, 60 high, 251 medium, 47 low, 665 negligible (107 unknown)
	#### └── by status: 6 fixed, 1124 not-fixed, 252 ignored
	##
	```
	# 0mniteck/debian:02-18-2026
	sha256:e73327a93716835759f598bee57456c2e8fa93d8afff42087e5dba297adf61d7

	#### ✔ Scanned for vulnerabilities [937 vulnerability matches]
	#### ├── by severity: 0 critical, 65 high, 255 medium, 56 low, 706 negligible (107 unknown)
	#### └── by status: 6 fixed, 1183 not-fixed, 252 ignored
	##
	```
	# 0mniteck/debian-extra:02-18-2026
	sha256:683e5406079257604f7f6ab0848293d0ef6bb55c501df162fcbd2d0f65ec8c22

	#### ✔ Scanned for vulnerabilities [6784 vulnerability matches]
	#### ├── by severity: 0 critical, 7 high, 10355 medium, 698 low, 114 negligible
	#### └── by status: 3352 fixed, 7822 not-fixed, 4390 ignored
	##
	```
	# 0mniteck/debian-extra:02-18-2026
	sha256:683e5406079257604f7f6ab0848293d0ef6bb55c501df162fcbd2d0f65ec8c22
	# 0mniteck/debian-slim:02-18-2026
	sha256:13b15f452474e3f662cb3c2c76d2b480f90c2e6318f3905ae9b4711fd6c7b10b
	# 0mniteck/debian:02-18-2026
	sha256:e73327a93716835759f598bee57456c2e8fa93d8afff42087e5dba297adf61d7

License

0mniteck/Debian

Folders and files

Latest commit

History

Repository files navigation

Debian-Dev Docker Images

Usage

Use It!

Find pull instructions in the → Docker Hub

See other examples → 0mniteck

Fork It!

Build It!

Push Digests and Results

Docker Grype Status

OS Results

Firmware Scans

U-Boot:/Results

Currently Tagged Image/Snapshots

Included Packages

↓

↓

See also:

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 1

Contributors

Uh oh!

Languages

`U-Boot:/Results`