The article presents a set of production-ready container images designed to minimize vulnerabilities. Built daily using Chainguard's apko and Wolfi packages, these images typically have zero or very few known CVEs. Each image includes only the necessary packages to maintain a smaller attack surface. The collection features various programming environments and tools, including Python, Node.js, Go, Nginx, and Jenkins, among others. Each image is accessible via specific pull commands, and they are published with two tags: an immutable version tag and a mutable latest tag. For instance, the Python image can be pulled using `docker pull ghcr.io/rtvkiz/minimal-python:latest`, while the immutable version would be something like `docker pull ghcr.io/rtvkiz/minimal-redis-slim:8.4.1-r0`. The article emphasizes the importance of using the immutable tag for production to avoid unexpected changes. The versioning system resets the revision number with each new upstream version, ensuring clarity for updates. Security is a central theme. Traditional base images often come with numerous known vulnerabilities that can take weeks to patch. In contrast, the minimal images promise updates within 24 to 48 hours of CVE disclosures and are cryptographically signed for added security. The article also outlines the build pipeline, which includes native ARM64 runners, and highlights the use of automated tools for vulnerability scanning and image signing, ensuring a robust approach to supply chain security.