@sir I think containerization is really great for internal development. You're afforded so much freedom to run it on any "platform" the same.
But you're right the way it's used for distribution is dumb. Very little is verifiable.
Personally I try to only download images from trusted sources who publish the dockerfile and have the images built verifiably (public CI)
It's still a farcry from proper package management and I've had to build many custom dockerfiles as a result.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!