Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade node from 18.13-alpine3.16 to 18-alpine3.16 #196

Merged
merged 1 commit into from
Feb 18, 2023
Merged

[Snyk] Security upgrade node from 18.13-alpine3.16 to 18-alpine3.16 #196

merged 1 commit into from
Feb 18, 2023

Conversation

cameri
Copy link
Owner

@cameri cameri commented Feb 11, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • Dockerfile.test

We recommend upgrading to node:18-alpine3.16, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
low severity 221 CVE-2022-4304
SNYK-ALPINE316-OPENSSL-3314623		 No Known Exploit
low severity 317 CVE-2022-4450
SNYK-ALPINE316-OPENSSL-3314624		 No Known Exploit
low severity 221 CVE-2023-0286
SNYK-ALPINE316-OPENSSL-3314641		 No Known Exploit
low severity 221 CVE-2023-0215
SNYK-ALPINE316-OPENSSL-3314643		 No Known Exploit
low severity 221 CVE-2023-0215
SNYK-ALPINE316-OPENSSL-3314643		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 4153079020

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 58.999%
Totals Coverage Status
Change from base Build 4148256062: 0.0%
Covered Lines: 1167
Relevant Lines: 1951
💛 - Coveralls

1 similar comment
@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 4153079020

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 58.999%
Totals Coverage Status
Change from base Build 4148256062: 0.0%
Covered Lines: 1167
Relevant Lines: 1951
💛 - Coveralls

@sonarcloud
Copy link

sonarcloud bot commented Feb 11, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@cameri cameri merged commit eac8c50 into main Feb 18, 2023
@cameri cameri deleted the snyk-fix-c49ceb15684ee3e925dd02ffd01f44af branch February 18, 2023 12:32
github-actions bot pushed a commit that referenced this pull request Feb 20, 2023
@semantic-release-bot
chore(release): 1.22.5 [skip ci]
6335496 
## [1.22.5](v1.22.4...v1.22.5) (2023-02-20)

### Bug Fixes

* confirm invoice function ambiguous unit variable ([#221](#221)) ([fd32949](fd32949))
* Dockerfile.test to reduce vulnerabilities ([#196](#196)) ([eac8c50](eac8c50))
* upgrade axios from 1.2.4 to 1.2.5 ([#211](#211)) ([a390e29](a390e29))
* upgrade axios from 1.2.5 to 1.2.6 ([#215](#215)) ([e99ac5d](e99ac5d))
* upgrade pg from 8.8.0 to 8.9.0 ([#213](#213)) ([fe3726b](fe3726b))
* upgrade pg-query-stream from 4.2.4 to 4.3.0 ([#214](#214)) ([9272389](9272389))
* upgrade redis from 4.5.1 to 4.6.2 ([#212](#212)) ([86e8818](86e8818))
@github-actions
Copy link

🎉 This PR is included in version 1.22.5 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

brandonrobinson5060 pushed a commit to VIDA-Global/nostream that referenced this pull request Feb 22, 2023
@cameri @brandonrobinson5060
fix: Dockerfile.test to reduce vulnerabilities (cameri#196)
23f78c3
brandonrobinson5060 pushed a commit to VIDA-Global/nostream that referenced this pull request Feb 22, 2023
@semantic-release-bot @brandonrobinson5060
chore(release): 1.22.5 [skip ci]
ffa86bc 
## [1.22.5](cameri/nostream@v1.22.4...v1.22.5) (2023-02-20)

### Bug Fixes

* confirm invoice function ambiguous unit variable ([cameri#221](cameri#221)) ([fd32949](cameri@fd32949))
* Dockerfile.test to reduce vulnerabilities ([cameri#196](cameri#196)) ([eac8c50](cameri@eac8c50))
* upgrade axios from 1.2.4 to 1.2.5 ([cameri#211](cameri#211)) ([a390e29](cameri@a390e29))
* upgrade axios from 1.2.5 to 1.2.6 ([cameri#215](cameri#215)) ([e99ac5d](cameri@e99ac5d))
* upgrade pg from 8.8.0 to 8.9.0 ([cameri#213](cameri#213)) ([fe3726b](cameri@fe3726b))
* upgrade pg-query-stream from 4.2.4 to 4.3.0 ([cameri#214](cameri#214)) ([9272389](cameri@9272389))
* upgrade redis from 4.5.1 to 4.6.2 ([cameri#212](cameri#212)) ([86e8818](cameri@86e8818))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cameri @coveralls @snyk-bot