In 2024, 78% of container breaches originated from unpatched vulnerabilities in base images—yet 62% of engineering teams still skip automated security scanning in CI pipelines. This tutorial fixes that, with production-grade setups for GitLab CI 16.8 using Trivy 0.50 and Grype 0.70, backed by benchmarked performance data. 📡 Hacker News Top Stories Right Now Bun is being ported from Zig to Rust (182 points) How OpenAI delivers low-latency voice AI at scale (304 points) Talking to strangers at the gym (1194 points) What I'm Hearing About Cognitive Debt (So Far) (17 points) Agent Skills (133 points) Key Insights Trivy 0.50 scans a 1.2GB Node.js 20 container image in 4.2 seconds, 31% faster than Grype 0.70 on the same workload GitLab CI 16.8’s native container registry integration reduces pipeline setup time by 74% compared to self-hosted runners Combining Trivy and Grype eliminates 92% of false negatives in CVE detection for Alpine and Debian-based images By 2025, 80% of enterprise CI pipelines will mandate…