You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
May not recognize "trixie" codename. Test or switch to tarball install.
python:3.13-slim-trixie base image
LOW
Tag exists; no Python version change needed
golang:*-trixie builder
NONE
Builder output is static binary; builder base doesn't matter
build-essential (GCC 14 vs 12)
LOW
Forward compatible for target repos
System packages (git, curl, gnupg, ca-certificates)
NONE
Identical behavior
Copied binaries (mise, gh, uv)
NONE
All statically linked; no glibc dependency
Python wheels (cedarpy, cffi, claude-agent-sdk)
NONE
All manylinux_2_17; trixie has glibc 2.38+
Hardcoded paths
NONE
All application-defined
Shell-out binaries (git, du, which)
NONE
Stable interfaces
Primary Concern: NodeSource
The curl -fsSL https://deb.nodesource.com/setup_24.x | bash - script reads /etc/os-release to determine the distribution codename. If it doesn't recognize "trixie", it will fail.
Alternatives if NodeSource fails:
Force codename in the NodeSource script
Download Node.js tarball directly from nodejs.org
Use Debian's packaged Node.js if trixie ships >= 20.x
Summary
Upgrade the agent container base image from Debian bookworm (12, now oldstable) to trixie (13, current stable since Aug 2025).
Related: #104 (toolchain monitoring RFC), #105 (Python 3.14 upgrade)
Risk Assessment: LOW (one known breakage point)
python:3.13-slim-trixiebase imagegolang:*-trixiebuilderPrimary Concern: NodeSource
The
curl -fsSL https://deb.nodesource.com/setup_24.x | bash -script reads/etc/os-releaseto determine the distribution codename. If it doesn't recognize "trixie", it will fail.Alternatives if NodeSource fails:
Changes Required
agent/Dockerfile:python:3.13-slim→python:3.13-slim-trixieagent/Dockerfile:golang:1.26.3-bookworm→golang:1.26.3-trixie(optional, builder only)Testing Required
Notes