This is related to the recent massive Jellyfin upgrade. The Jellyfin team recommends to only upgrade directly to the new version from version 10.10.7.
I checked my server and I happened to be a bit slow, I got 10.10.3. Maybe that is fine but I don’t want to take any chances. Then I realised I have no idea how I’d get this specific version first before upgrading to the latest version, with using docker.
I tried finding the answer but somehow couldn’t really find a good page explaining it. Can I do this with docker compose or maybe it is better to just run this one time without compose? How to do it and what is easier?
Its also good practice to include the sha256 digest after the version like
If you pull without digest and say the maintainers get compromised and release an update with the same version tag with malicious stuff in it, then you won’t pull it automatically since the digest does not match.
You can only do that if you get a specific version, or can this be done in some way with just leaving it to latest version?
I believe you can just do the sha but it would be a similar affect pinning it to that sxact docker image, but doing so without version tag makes it harder for you to know what you are running.
The sha256 is generated by an algorithm based off of the bytes of the image wherr the tag is overwritable and pushed by the developer.