Closed valar999 closed 4 years ago
I see that Dockerfile linter fail with https://github.com/hadolint/hadolint/wiki/DL3018 But don't agree that it is good approach, you decide accept this PR or not.
Alpine, as any other distribution, has some versions of software and update it basically to fix security problems.
As an example nodejs Dockerfile https://github.com/nodejs/docker-node/blob/master/Dockerfile-alpine.template
We stick to a specific base image version, so no need to specify git, python and other packages version.
git 2.18.1-r0 has vulnerability CVE-2018-19486