Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade node from 18.8-alpine3.16 to 18.13-alpine3.16 #170

Merged
merged 1 commit into from
Feb 5, 2023
Merged

[Snyk] Security upgrade node from 18.8-alpine3.16 to 18.13-alpine3.16 #170

merged 1 commit into from
Feb 5, 2023

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Feb 4, 2023

Keeping your Docker base image up-to-date means you鈥檒l benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • Dockerfile.test

We recommend upgrading to node:18.13-alpine3.16, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 614 Insecure Randomness
SNYK-UPSTREAM-NODE-3035792		 No Known Exploit
medium severity 621 HTTP Request Smuggling
SNYK-UPSTREAM-NODE-3035795		 Proof of Concept
high severity 625 Buffer Overflow
SNYK-UPSTREAM-NODE-3092932		 No Known Exploit
high severity 721 Buffer Overflow
SNYK-UPSTREAM-NODE-3092933		 Proof of Concept
high severity 614 DNS Rebinding
SNYK-UPSTREAM-NODE-3105822		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

馃 Insecure Randomness

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 4093330042

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 59.499%
Totals Coverage Status
Change from base Build 4093064020: 0.0%
Covered Lines: 1176
Relevant Lines: 1949
馃挍 - Coveralls

@sonarcloud
Copy link

sonarcloud bot commented Feb 4, 2023

Kudos, SonarCloud Quality Gate passed!聽 聽 Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@cameri cameri merged commit a0dcc05 into main Feb 5, 2023
@cameri cameri deleted the snyk-fix-a9dded000f7558b0c7af199c3d43594c branch February 5, 2023 00:02
github-actions bot pushed a commit that referenced this pull request Feb 5, 2023
@semantic-release-bot
chore(release): 1.22.1 [skip ci]
49bc63c 
## [1.22.1](v1.22.0...v1.22.1) (2023-02-05)

### Bug Fixes

* Dockerfile.test to reduce vulnerabilities ([#170](#170)) ([a0dcc05](a0dcc05))
* SettingsStatic class default to yaml file ([#158](#158)) ([7a4667c](7a4667c))
* update supported nips in readme ([#164](#164)) ([a0ff972](a0ff972))
@github-actions
Copy link

github-actions bot commented Feb 5, 2023

馃帀 This PR is included in version 1.22.1 馃帀

The release is available on GitHub release

Your semantic-release bot 馃摝馃殌

antonleviathan pushed a commit that referenced this pull request Feb 8, 2023
@snyk-bot @antonleviathan
fix: Dockerfile.test to reduce vulnerabilities (#170)
fa41eb5 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3035792
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3035795
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3092932
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3092933
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3105822
antonleviathan pushed a commit that referenced this pull request Feb 8, 2023
@semantic-release-bot @antonleviathan
chore(release): 1.22.1 [skip ci]
9fcf026 
## [1.22.1](v1.22.0...v1.22.1) (2023-02-05)

### Bug Fixes

* Dockerfile.test to reduce vulnerabilities ([#170](#170)) ([a0dcc05](a0dcc05))
* SettingsStatic class default to yaml file ([#158](#158)) ([7a4667c](7a4667c))
* update supported nips in readme ([#164](#164)) ([a0ff972](a0ff972))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@snyk-bot @coveralls @cameri