To avoid these issues, it is recommended to use specific version tags for {image_type} images.

This can be done by appending the version number or tag to the {image_type} image name.
For example, instead of `my-image:latest`, it is better to use `my-image:1.2.3-alpine` or `my-image:1.2.3`.

For even more control and traceability, it is also possible to specify your image by digest using the sha256 of the image. This will pin your image to a specific version in time, but will also exclude it from eventual security updates.
An example would be using `my-image@sha256:26c68657ccce2cb0a31b330cb0be2b5e108d467f641c62e13ab40cbec258c68d`.

More information can be found in the documentation at the end.