Closed atomist[bot] closed 2 years ago
atomist[bot]
commented
3 years ago | Vulnerabilities |     |
| Comparison |  |
π No new critical or high vulnerabilities compared with target branch main
π‘ Rebase branch atomist/pin-docker-base-image/dockerfile to include latest changes from branch main to increase accuracy of vulnerability report
More details are available in the vulnerability report
atomist[bot]
commented
2 years ago | Vulnerabilities |    |
| Comparison | |
π No new critical or high vulnerabilities compared with target branch main
More details are available in the vulnerability report
atomist[bot]
commented
2 years ago | Vulnerabilities | |
| Comparison | |
π No new critical or high vulnerabilities compared with target branch main
More details are available in the vulnerability report
atomist[bot]
commented
2 years ago | Vulnerabilities | |
| Comparison |  |
π¨ Adds 13 critical and 26 high severity vulnerabilities compared with target branch main
π‘ Rebase branch atomist/pin-docker-base-image/dockerfile to include latest changes from branch main to increase accuracy of vulnerability report
More details are available in the vulnerability report
atomist[bot]
commented
2 years ago | Vulnerabilities | |
| Comparison | |
π No new critical or high vulnerabilities compared with target branch main
π‘ Rebase branch atomist/pin-docker-base-image/dockerfile to include latest changes from branch main to increase accuracy of vulnerability report
More details are available in the vulnerability report
This pull request pins the following Docker base images in
Dockerfileto their current digests.https://github.com/atomist-playground/maventest/blob/eab75da28ab2a4e7f27ef237c7a5adcc0b28fe02/Dockerfile#L1-L1
Digest
sha256:72922abc95d38e02f750b34800239dc0e2c298e74bfdd970018367f0d9281d5creferences a multi-CPU architecture image manifest. This image supports the following architectures:sha256:76901dd823713fc519bbc58a8483e74e425c6df9f7949060e35bd28a1dd40ff0linux/386sha256:dcd0da4501bbc9b110fd3f6bee27a719612a86ac103de374f45846f8330eb139linux/amd64sha256:1b0d2a5a5b045057bd54fef0a75d3dc9c86e428607b3a7d776a8d8c16a7c09e6linux/arm/v6sha256:bd89e0c87f5ce859c8ca9b5de1f0c7784d881f52394485db6323cf9bdefba2b6linux/arm64/v8sha256:21b2f05e89c085243de02426650a3946596f6dcdd1085dc61fb9d146a3528159linux/ppc64lesha256:388690c431b8ff109d12ca7188e15695846898d4af4266674703962ec992af04linux/s390xhttps://github.com/atomist-playground/maventest/blob/eab75da28ab2a4e7f27ef237c7a5adcc0b28fe02/Dockerfile#L7-L7
Digest
sha256:e3168174d367db9928bb70e33b4750457092e61815d577e368f53efb29fea48breferences a multi-CPU architecture image manifest. This image supports the following architectures:sha256:1fd09fd5afe54f291466780b031bad48958d3a26024089f731e2f67ed65eec52linux/386sha256:8fce9c197de91e925595a74e159b82b589f70baf2e086f6e63a8b8c8e193a8calinux/amd64sha256:276ab66fea0757b89713c21470082e6149f9694678a47bc27a4b5b1c59d55f8blinux/arm/v6sha256:119a2eeaa6095110682d895fb5d9854b95670356f765b1d83a8a1a8e6aa08408linux/arm64/v8sha256:a49ad6435ca0fd97feb0e63cd6184f3a7228488d18b783224a8d26488b64a166linux/ppc64lesha256:eff34e430da88312020b0708e51bae3edec4980eaf04d1072fd6ee505df1cc04linux/s390xPinning
FROMlines to digests makes your builds repeatable. Atomist will raise new pull requests whenever the tag moves, so that you know when the base image has been updated. You can follow a new tag at any time. Just replace the digest with the new tag you want to follow. Atomist, will switch to following this new tag.File changed:
Dockerfile