People are also forgetting how newer docker infrastructures use multi-arch and multi-stage builds, meaning a single build could count for dozens of manifest hits, especially with distributed caching.

All the things docker has been working for to enhance the build tooling will now be more difficult to use, even if the user never stores a single image of their own on docker hub.

The real reason this is a problem, is that docker hub has never focused on implementing standard and secure features for account management. Even with the recently implemented access tokens, there's no way for me to limit the scope of those tokens to a specific organization or image, and thus it's no different from a password.

That means if I build something from one organization, it's going to impact the ability to build something for another organization.

This effort seems to me like they are trying to disguise a last ditch effort to stay afloat.

Now that github, gitlab, and other great image repository options exist that don't lack these inherent security/integration features, anyone impacted can easily switch providers for no cost.

This new rate limiting won't help anything for docker, it's just going to kick off the exodus away from docker. Ironically, it's this account/security/integration stuff that they lacked focus on that lost them so much financial opportunity to begin with.

And docker hub account management and security management options have always been _horrible_. For example, I can't create a login token exclusive to one organization or repo on docker hub, meaning anywhere i use those credentials is a potential security risk to ALL my orgs and projects.