UDS Core is published in multiple flavors. A flavor determines the container image source registry and hardening posture for every component in the platform. All flavors expose the same configuration surface and the same components, with the exception of the Portal layer.
The unicorn flavor is the Defense Unicorns supported option for production. Its images are FIPS-validated and undergo additional patching and curation, giving it a near-zero CVE posture.
Compare CVE counts: You can view current CVE counts for the upstream and registry1 flavors on the UDS Registry Core Package. The unicorn flavor undergoes additional patching and curation by Defense Unicorns, resulting in significantly fewer CVEs.
The unicorn flavor is only available in a private organization on the UDS Registry. It requires a Defense Unicorns support agreement. Contact Defense Unicorns for access.
You select a flavor when building a UDS Bundle. All Core packages within a bundle should use the same flavor to ensure image consistency.
Production users create their own bundles, selecting registry1 or unicorn packages.
Demo bundles (k3d-core-demo, k3d-core-slim-dev) are published from upstream only.
Switching flavors requires no application-side changes. The CRDs and configuration surface apply regardless of flavor, and only the bundle references change.
