Tamas Weisz

Apologies for the long delay on this! Here's the snippet that I used to profile (note: these are annoyingly long to run, so feel free to use a smaller one...

I looked into this, and I think an extra piece of complication is the port assignment: for workers, which currently listen on a random port, using the logs is needed...

I'm happy to help this move forward! However I don't have enough experience with go modules. What's the way to inspect the dependency chain to find where we're pulling in...

> Instead of replacing logged with unlogged, we can add a config to allow switching to unlogged. Good point. I might do a proof-of-concept without the configuration change, but for...

> I don't think builder images are relevant here Yes, looks like the actual image used for the built image is on L41: https://github.com/uber/cadence/blob/027bbd6c65223c7fbebee76ab52ca300d1871c85/Dockerfile#L41 (The vulnerable package exists in the...

Hi @elkh510, unfortunately I stopped working on this when I switched companies a few months ago. That said, the last time I looked at this, the plan laid out in...