search

atomist-skills / npm-vulnerability-scanner-skill

Atomist Skill to find and fix security vulnerabilities in npm dependencies
Apache License 2.0
0 stars 0 forks source link

Re-pin Docker base image in Dockerfile #303

Open atomist[bot] opened 2 years ago

atomist[bot] commented 2 years ago

This pull request re-pins the Docker base image node:lts in Dockerfile to the current digest.

https://github.com/atomist-skills/npm-vulnerability-scanner-skill/blob/679dca3937b02d1aa4ca67440fed83cd2f7043ec/Dockerfile#L2-L2

Digest sha256:5f21943fe97b24ae1740da6d7b9c56ac43fe3495acb47c1b232b0a352b02a25c references a multi-CPU architecture image manifest. This image supports the following architectures:

Changelog for node:lts

### Commit New image build caused by commit docker-library/official-images@0edd1eb2a2b78896116767cb59242141af8cb377 to [`library/node`](https://github.com/docker-library/official-images/blob/0edd1eb2a2b78896116767cb59242141af8cb377/library/node): ``` Node: feat: Nodejs 20 LTS Iron codename ``` --- ### Comparison Comparing Docker image `node:lts` at digests _Current_ `sha256:6e54786b2ad01667d46524e82806298714f50d2be72b39706770aed55faedbd7` (823mb) and _Proposed_ `sha256:5f21943fe97b24ae1740da6d7b9c56ac43fe3495acb47c1b232b0a352b02a25c` (968mb): #### Packages The following package differences were detected: | Name | Current | Proposed | Type | | ---- | ------- | -------- | ---- | | `adduser` | `3.118` | `3.134` | Apt | | `apt` | `1.8.2.3` | `2.6.1` | Apt | | `autoconf` | `2.69-11` | `2.71-3` | Apt | | `automake` | `1:1.16.1-4` | `1:1.16.5-1.3` | Apt | | `autotools-dev` | `20180224.1` | `20220109.1` | Apt | | `base-files` | `10.3 deb10u12` | `12.4 deb12u2` | Apt | | `base-passwd` | `3.5.46` | `3.6.1` | Apt | | `bash` | `5.0-4` | `5.2.15-2 b2` | Apt | | `binutils` | `2.31.1-16` | `2.40-2` | Apt | | `binutils-common` | `2.31.1-16` | `2.40-2` | Apt | | `binutils-s390x-linux-gnu` | `2.31.1-16` | `2.40-2` | Apt | | `bsdutils` | `1:2.33.1-0.1` | `1:2.38.1-5 b1` | Apt | | `bzip2` | `1.0.6-9.2~deb10u1` | `1.0.8-5 b1` | Apt | | `ca-certificates` | `20200601~deb10u2` | `20230311` | Apt | | `comerr-dev` | `2.1-1.44.5-1 deb10u3` | `2.1-1.47.0-2` | Apt | | `corepack` | `0.10.0` | `0.20.0` | Node | | `coreutils` | `8.30-3` | `9.1-1` | Apt | | `cpp` | `4:8.3.0-1` | `4:12.2.0-3` | Apt | | `curl` | `7.64.0-4 deb10u2` | `7.88.1-10 deb12u4` | Apt | | `dash` | `0.5.10.2-5` | `0.5.12-2` | Apt | | `debconf` | `1.5.71 deb10u1` | `1.5.82` | Apt | | `debian-archive-keyring` | `2019.1 deb10u1` | `2023.3 deb12u1` | Apt | | `debianutils` | `4.8.6.1` | `5.7-0.5~deb12u1` | Apt | | `default-libmysqlclient-dev` | `1.0.5` | `1.1.0` | Apt | | `diffutils` | `1:3.7-3` | `1:3.8-4` | Apt | | `dirmngr` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `dpkg` | `1.19.7` | `1.21.22` | Apt | | `dpkg-dev` | `1.19.7` | `1.21.22` | Apt | | `e2fsprogs` | `1.44.5-1 deb10u3` | `1.47.0-2` | Apt | | `file` | `1:5.35-4 deb10u2` | `1:5.44-3` | Apt | | `findutils` | `4.6.0 git+20190209-2` | `4.9.0-4` | Apt | | `fontconfig` | `2.13.1-2` | `2.14.1-4` | Apt | | `fontconfig-config` | `2.13.1-2` | `2.14.1-4` | Apt | | `fonts-dejavu-core` | `2.37-1` | `2.37-6` | Apt | | `g++` | `4:8.3.0-1` | `4:12.2.0-3` | Apt | | `gcc` | `4:8.3.0-1` | `4:12.2.0-3` | Apt | | `gir1.2-freedesktop` | `1.58.3-2` | `1.74.0-3` | Apt | | `gir1.2-gdkpixbuf-2.0` | `2.38.1 dfsg-1` | `2.42.10 dfsg-1+b1` | Apt | | `gir1.2-glib-2.0` | `1.58.3-2` | `1.74.0-3` | Apt | | `gir1.2-rsvg-2.0` | `2.44.10-2.1` | `2.54.7 dfsg-1~deb12u1` | Apt | | `git` | `1:2.20.1-2 deb10u3` | `1:2.39.2-1.1` | Apt | | `git-man` | `1:2.20.1-2 deb10u3` | `1:2.39.2-1.1` | Apt | | `gnupg` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gnupg-l10n` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gnupg-utils` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpg` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpg-agent` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpg-wks-client` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpg-wks-server` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpgconf` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpgsm` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `gpgv` | `2.2.12-1 deb10u1` | `2.2.40-1.1` | Apt | | `grep` | `3.3-1` | `3.8-5` | Apt | | `gzip` | `1.9-3` | `1.12-1` | Apt | | `hostname` | `3.21` | `3.23 nmu1` | Apt | | `icu-devtools` | `63.1-6 deb10u3` | `72.1-3` | Apt | | `imagemagick` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `imagemagick-6-common` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `imagemagick-6.q16` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `init-system-helpers` | `1.56 nmu1` | `1.65.2` | Apt | | `krb5-multidev` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libacl1` | `2.2.53-4` | `2.3.1-3` | Apt | | `libapr1` | `1.6.5-1 b1` | `1.7.2-3` | Apt | | `libaprutil1` | `1.6.1-4` | `1.6.3-1` | Apt | | `libassuan0` | `2.5.2-1` | `2.5.5-5` | Apt | | `libatomic1` | `8.3.0-6` | `12.2.0-14` | Apt | | `libattr1` | `1:2.4.48-4` | `1:2.5.1-4` | Apt | | `libaudit-common` | `1:2.8.4-3` | `1:3.0.9-1` | Apt | | `libaudit1` | `1:2.8.4-3` | `1:3.0.9-1` | Apt | | `libbinutils` | `2.31.1-16` | `2.40-2` | Apt | | `libblkid-dev` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `libblkid1` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `libbsd0` | `0.9.1-2 deb10u1` | `0.11.7-2` | Apt | | `libbz2-1.0` | `1.0.6-9.2~deb10u1` | `1.0.8-5 b1` | Apt | | `libbz2-dev` | `1.0.6-9.2~deb10u1` | `1.0.8-5 b1` | Apt | | `libc-bin` | `2.28-10 deb10u1` | `2.36-9 deb12u3` | Apt | | `libc-dev-bin` | `2.28-10 deb10u1` | `2.36-9 deb12u3` | Apt | | `libc6` | `2.28-10 deb10u1` | `2.36-9 deb12u3` | Apt | | `libc6-dev` | `2.28-10 deb10u1` | `2.36-9 deb12u3` | Apt | | `libcairo-gobject2` | `1.16.0-4 deb10u1` | `1.16.0-7` | Apt | | `libcairo-script-interpreter2` | `1.16.0-4 deb10u1` | `1.16.0-7` | Apt | | `libcairo2` | `1.16.0-4 deb10u1` | `1.16.0-7` | Apt | | `libcairo2-dev` | `1.16.0-4 deb10u1` | `1.16.0-7` | Apt | | `libcap-ng0` | `0.7.9-2` | `0.8.3-1 b3` | Apt | | `libcap2` | `1:2.25-2` | `1:2.66-4` | Apt | | `libcc1-0` | `8.3.0-6` | `12.2.0-14` | Apt | | `libcom-err2` | `1.44.5-1 deb10u3` | `1.47.0-2` | Apt | | `libcurl3-gnutls` | `7.64.0-4 deb10u2` | `7.88.1-10 deb12u4` | Apt | | `libcurl4` | `7.64.0-4 deb10u2` | `7.88.1-10 deb12u4` | Apt | | `libcurl4-openssl-dev` | `7.64.0-4 deb10u2` | `7.88.1-10 deb12u4` | Apt | | `libdatrie1` | `0.2.12-2` | `0.2.13-2 b1` | Apt | | `libdb-dev` | `5.3.1 nmu1` | `5.3.2` | Apt | | `libdb5.3` | `5.3.28 dfsg1-0.5` | `5.3.28 dfsg2-1` | Apt | | `libdb5.3-dev` | `5.3.28 dfsg1-0.5` | `5.3.28 dfsg2-1` | Apt | | `libde265-0` | `1.0.3-1 b1` | `1.0.11-1` | Apt | | `libdebconfclient0` | `0.249` | `0.270` | Apt | | `libdjvulibre-dev` | `3.5.27.1-10 deb10u1` | `3.5.28-2 b1` | Apt | | `libdjvulibre-text` | `3.5.27.1-10 deb10u1` | `3.5.28-2` | Apt | | `libdjvulibre21` | `3.5.27.1-10 deb10u1` | `3.5.28-2 b1` | Apt | | `libdpkg-perl` | `1.19.7` | `1.21.22` | Apt | | `libedit2` | `3.1-20181209-1` | `3.1-20221030-2` | Apt | | `libelf1` | `0.176-1.1` | `0.188-2.1` | Apt | | `liberror-perl` | `0.17027-2` | `0.17029-2` | Apt | | `libevent-dev` | `2.1.8-stable-4` | `2.1.12-stable-8` | Apt | | `libexif-dev` | `0.6.21-5.1 deb10u5` | `0.6.24-1 b1` | Apt | | `libexif12` | `0.6.21-5.1 deb10u5` | `0.6.24-1 b1` | Apt | | `libexpat1` | `2.2.6-2 deb10u4` | `2.5.0-1` | Apt | | `libexpat1-dev` | `2.2.6-2 deb10u4` | `2.5.0-1` | Apt | | `libext2fs2` | `1.44.5-1 deb10u3` | `1.47.0-2` | Apt | | `libffi-dev` | `3.2.1-9` | `3.4.4-1` | Apt | | `libfftw3-double3` | `3.3.8-2` | `3.3.10-1` | Apt | | `libfontconfig1` | `2.13.1-2` | `2.14.1-4` | Apt | | `libfreetype6` | `2.9.1-3 deb10u2` | `2.12.1 dfsg-5` | Apt | | `libfreetype6-dev` | `2.9.1-3 deb10u2` | `2.12.1 dfsg-5` | Apt | | `libfribidi0` | `1.0.5-3.1 deb10u1` | `1.0.8-2.1` | Apt | | `libgcrypt20` | `1.8.4-5 deb10u1` | `1.10.1-3` | Apt | | `libgdbm-compat4` | `1.18.1-4` | `1.23-3` | Apt | | `libgdbm-dev` | `1.18.1-4` | `1.23-3` | Apt | | `libgdbm6` | `1.18.1-4` | `1.23-3` | Apt | | `libgdk-pixbuf2.0-bin` | `2.38.1 dfsg-1` | `2.42.10 dfsg-1+b1` | Apt | | `libgdk-pixbuf2.0-common` | `2.38.1 dfsg-1` | `2.42.10 dfsg-1` | Apt | | `libgirepository-1.0-1` | `1.58.3-2` | `1.74.0-3` | Apt | | `libglib2.0-0` | `2.58.3-2 deb10u3` | `2.74.6-2` | Apt | | `libglib2.0-bin` | `2.58.3-2 deb10u3` | `2.74.6-2` | Apt | | `libglib2.0-data` | `2.58.3-2 deb10u3` | `2.74.6-2` | Apt | | `libglib2.0-dev` | `2.58.3-2 deb10u3` | `2.74.6-2` | Apt | | `libglib2.0-dev-bin` | `2.58.3-2 deb10u3` | `2.74.6-2` | Apt | | `libgmp-dev` | `2:6.1.2 dfsg-4+deb10u1` | `2:6.2.1 dfsg1-1.1` | Apt | | `libgmp10` | `2:6.1.2 dfsg-4+deb10u1` | `2:6.2.1 dfsg1-1.1` | Apt | | `libgmpxx4ldbl` | `2:6.1.2 dfsg-4+deb10u1` | `2:6.2.1 dfsg1-1.1` | Apt | | `libgnutls30` | `3.6.7-4 deb10u7` | `3.7.9-2` | Apt | | `libgomp1` | `8.3.0-6` | `12.2.0-14` | Apt | | `libgpg-error0` | `1.35-1` | `1.46-1` | Apt | | `libgraphite2-3` | `1.3.13-7` | `1.3.14-1` | Apt | | `libgssapi-krb5-2` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libgssrpc4` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libharfbuzz0b` | `2.3.1-1` | `6.0.0 dfsg-3` | Apt | | `libheif1` | `1.3.2-2~deb10u1` | `1.15.1-1` | Apt | | `libice-dev` | `2:1.0.9-2` | `2:1.0.10-1` | Apt | | `libice6` | `2:1.0.9-2` | `2:1.0.10-1` | Apt | | `libicu-dev` | `63.1-6 deb10u3` | `72.1-3` | Apt | | `libidn2-0` | `2.0.5-1 deb10u1` | `2.3.3-1 b1` | Apt | | `libitm1` | `8.3.0-6` | `12.2.0-14` | Apt | | `libjbig-dev` | `2.1-3.1 b2` | `2.1-6.1` | Apt | | `libjbig0` | `2.1-3.1 b2` | `2.1-6.1` | Apt | | `libjpeg-dev` | `1:1.5.2-2 deb10u1` | `1:2.1.5-2` | Apt | | `libjpeg62-turbo` | `1:1.5.2-2 deb10u1` | `1:2.1.5-2` | Apt | | `libjpeg62-turbo-dev` | `1:1.5.2-2 deb10u1` | `1:2.1.5-2` | Apt | | `libk5crypto3` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libkeyutils1` | `1.6-6` | `1.6.3-2` | Apt | | `libkrb5-3` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libkrb5-dev` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libkrb5support0` | `1.17-3 deb10u3` | `1.20.1-2 deb12u1` | Apt | | `libksba8` | `1.3.5-2` | `1.6.3-2` | Apt | | `liblcms2-2` | `2.9-3` | `2.14-2` | Apt | | `liblcms2-dev` | `2.9-3` | `2.14-2` | Apt | | `libltdl-dev` | `2.4.6-9` | `2.4.7-5` | Apt | | `libltdl7` | `2.4.6-9` | `2.4.7-5` | Apt | | `liblz4-1` | `1.8.3-1 deb10u1` | `1.9.4-1` | Apt | | `liblzma-dev` | `5.2.4-1 deb10u1` | `5.4.1-0.2` | Apt | | `liblzma5` | `5.2.4-1 deb10u1` | `5.4.1-0.2` | Apt | | `liblzo2-2` | `2.10-0.1` | `2.10-2` | Apt | | `libmagic-mgc` | `1:5.35-4 deb10u2` | `1:5.44-3` | Apt | | `libmagic1` | `1:5.35-4 deb10u2` | `1:5.44-3` | Apt | | `libmagickcore-6-arch-config` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickcore-6-headers` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickcore-6.q16-6` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickcore-6.q16-6-extra` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickcore-6.q16-dev` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickcore-dev` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickwand-6-headers` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickwand-6.q16-6` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickwand-6.q16-dev` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmagickwand-dev` | `8:6.9.10.23 dfsg-2.1+deb10u1` | `8:6.9.11.60 dfsg-1.6` | Apt | | `libmariadb-dev` | `1:10.3.34-0 deb10u1` | `1:10.11.4-1~deb12u1` | Apt | | `libmariadb-dev-compat` | `1:10.3.34-0 deb10u1` | `1:10.11.4-1~deb12u1` | Apt | | `libmariadb3` | `1:10.3.34-0 deb10u1` | `1:10.11.4-1~deb12u1` | Apt | | `libmaxminddb-dev` | `1.3.2-1 deb10u1` | `1.7.1-1` | Apt | | `libmaxminddb0` | `1.3.2-1 deb10u1` | `1.7.1-1` | Apt | | `libmount-dev` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `libmount1` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `libmpc3` | `1.1.0-1` | `1.3.1-1` | Apt | | `libmpfr6` | `4.0.2-1` | `4.2.0-1` | Apt | | `libncurses-dev` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `libncurses5-dev` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `libncurses6` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `libncursesw5-dev` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `libncursesw6` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `libnghttp2-14` | `1.36.0-2 deb10u1` | `1.52.0-1` | Apt | | `libnpth0` | `1.6-1` | `1.6-3` | Apt | | `libopenexr-dev` | `2.2.1-4.1 deb10u1` | `3.1.5-5` | Apt | | `libopenjp2-7` | `2.3.0-2 deb10u2` | `2.5.0-2` | Apt | | `libopenjp2-7-dev` | `2.3.0-2 deb10u2` | `2.5.0-2` | Apt | | `libp11-kit0` | `0.23.15-2 deb10u1` | `0.24.1-2` | Apt | | `libpam-modules` | `1.3.1-5` | `1.5.2-6 deb12u1` | Apt | | `libpam-modules-bin` | `1.3.1-5` | `1.5.2-6 deb12u1` | Apt | | `libpam-runtime` | `1.3.1-5` | `1.5.2-6 deb12u1` | Apt | | `libpam0g` | `1.3.1-5` | `1.5.2-6 deb12u1` | Apt | | `libpango-1.0-0` | `1.42.4-8~deb10u1` | `1.50.12 ds-1` | Apt | | `libpangocairo-1.0-0` | `1.42.4-8~deb10u1` | `1.50.12 ds-1` | Apt | | `libpangoft2-1.0-0` | `1.42.4-8~deb10u1` | `1.50.12 ds-1` | Apt | | `libpcre2-8-0` | `10.32-5` | `10.42-1` | Apt | | `libpixman-1-0` | `0.36.0-1` | `0.42.2-1` | Apt | | `libpixman-1-dev` | `0.36.0-1` | `0.42.2-1` | Apt | | `libpng-dev` | `1.6.36-6` | `1.6.39-2` | Apt | | `libpng16-16` | `1.6.36-6` | `1.6.39-2` | Apt | | `libpq-dev` | `11.14-0 deb10u1` | `15.3-0 deb12u1` | Apt | | `libpq5` | `11.14-0 deb10u1` | `15.3-0 deb12u1` | Apt | | `libpsl5` | `0.20.2-2` | `0.21.2-1` | Apt | | `libpython3-stdlib` | `3.7.3-1` | `3.11.2-1 b1` | Apt | | `libreadline-dev` | `7.0-5` | `8.2-1.3` | Apt | | `librsvg2-2` | `2.44.10-2.1` | `2.54.7 dfsg-1~deb12u1` | Apt | | `librsvg2-common` | `2.44.10-2.1` | `2.54.7 dfsg-1~deb12u1` | Apt | | `librsvg2-dev` | `2.44.10-2.1` | `2.54.7 dfsg-1~deb12u1` | Apt | | `librtmp1` | `2.4 20151223.gitfa8646d.1-2` | `2.4 20151223.gitfa8646d.1-2+b2` | Apt | | `libsasl2-2` | `2.1.27 dfsg-1+deb10u2` | `2.1.28 dfsg-10` | Apt | | `libsasl2-modules-db` | `2.1.27 dfsg-1+deb10u2` | `2.1.28 dfsg-10` | Apt | | `libseccomp2` | `2.3.3-4` | `2.5.4-1 b3` | Apt | | `libselinux1` | `2.8-1 b1` | `3.4-1 b6` | Apt | | `libselinux1-dev` | `2.8-1 b1` | `3.4-1 b6` | Apt | | `libsemanage-common` | `2.8-2` | `3.4-1` | Apt | | `libserf-1-1` | `1.3.9-7 b10` | `1.3.9-11` | Apt | | `libsmartcols1` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `libsqlite3-0` | `3.27.2-3 deb10u1` | `3.40.1-2` | Apt | | `libsqlite3-dev` | `3.27.2-3 deb10u1` | `3.40.1-2` | Apt | | `libss2` | `1.44.5-1 deb10u3` | `1.47.0-2` | Apt | | `libssh2-1` | `1.8.0-2.1` | `1.10.0-3 b1` | Apt | | `libssl-dev` | `1.1.1n-0 deb10u1` | `3.0.11-1~deb12u2` | Apt | | `libstdc++6` | `8.3.0-6` | `12.2.0-14` | Apt | | `libsvn1` | `1.10.4-1 deb10u3` | `1.14.2-4 b2` | Apt | | `libsystemd0` | `241-7~deb10u8` | `252.17-1~deb12u1` | Apt | | `libtasn1-6` | `4.13-3` | `4.19.0-2` | Apt | | `libthai-data` | `0.1.28-2` | `0.1.29-1` | Apt | | `libthai0` | `0.1.28-2` | `0.1.29-1` | Apt | | `libtiff-dev` | `4.1.0 git191117-2~deb10u4` | `4.5.0-6` | Apt | | `libtinfo6` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `libtool` | `2.4.6-9` | `2.4.7-5` | Apt | | `libubsan1` | `8.3.0-6` | `12.2.0-14` | Apt | | `libudev1` | `241-7~deb10u8` | `252.17-1~deb12u1` | Apt | | `libunistring2` | `0.9.10-1` | `1.0-2` | Apt | | `libutf8proc2` | `2.3.0-1` | `2.8.0-1` | Apt | | `libuuid1` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `libwebp-dev` | `0.6.1-2 deb10u1` | `1.2.4-0.2 deb12u1` | Apt | | `libwebpdemux2` | `0.6.1-2 deb10u1` | `1.2.4-0.2 deb12u1` | Apt | | `libwebpmux3` | `0.6.1-2 deb10u1` | `1.2.4-0.2 deb12u1` | Apt | | `libwmf-dev` | `0.2.8.4-14` | `0.2.12-5.1` | Apt | | `libx11-6` | `2:1.6.7-1 deb10u2` | `2:1.8.4-2 deb12u2` | Apt | | `libx11-data` | `2:1.6.7-1 deb10u2` | `2:1.8.4-2 deb12u2` | Apt | | `libx11-dev` | `2:1.6.7-1 deb10u2` | `2:1.8.4-2 deb12u2` | Apt | | `libxau-dev` | `1:1.0.8-1 b2` | `1:1.0.9-1` | Apt | | `libxau6` | `1:1.0.8-1 b2` | `1:1.0.9-1` | Apt | | `libxcb-render0` | `1.13.1-2` | `1.15-1` | Apt | | `libxcb-render0-dev` | `1.13.1-2` | `1.15-1` | Apt | | `libxcb-shm0` | `1.13.1-2` | `1.15-1` | Apt | | `libxcb-shm0-dev` | `1.13.1-2` | `1.15-1` | Apt | | `libxcb1` | `1.13.1-2` | `1.15-1` | Apt | | `libxcb1-dev` | `1.13.1-2` | `1.15-1` | Apt | | `libxext-dev` | `2:1.3.3-1 b2` | `2:1.3.4-1 b1` | Apt | | `libxext6` | `2:1.3.3-1 b2` | `2:1.3.4-1 b1` | Apt | | `libxml2` | `2.9.4 dfsg1-7+deb10u3` | `2.9.14 dfsg-1.3~deb12u1` | Apt | | `libxml2-dev` | `2.9.4 dfsg1-7+deb10u3` | `2.9.14 dfsg-1.3~deb12u1` | Apt | | `libxrender-dev` | `1:0.9.10-1` | `1:0.9.10-1.1` | Apt | | `libxrender1` | `1:0.9.10-1` | `1:0.9.10-1.1` | Apt | | `libxslt1-dev` | `1.1.32-2.2~deb10u1` | `1.1.35-1` | Apt | | `libxslt1.1` | `1.1.32-2.2~deb10u1` | `1.1.35-1` | Apt | | `libxt-dev` | `1:1.1.5-1 b3` | `1:1.2.1-1.1` | Apt | | `libxt6` | `1:1.1.5-1 b3` | `1:1.2.1-1.1` | Apt | | `libyaml-0-2` | `0.2.1-1` | `0.2.5-1` | Apt | | `libyaml-dev` | `0.2.1-1` | `0.2.5-1` | Apt | | `libzstd1` | `1.3.8 dfsg-3+deb10u2` | `1.5.4 dfsg2-5` | Apt | | `linux-libc-dev` | `4.19.235-1` | `6.1.55-1` | Apt | | `login` | `1:4.5-1.1` | `1:4.13 dfsg1-1+b1` | Apt | | `m4` | `1.4.18-2` | `1.4.19-3` | Apt | | `make` | `4.2.1-1.2` | `4.3-4.1` | Apt | | `mariadb-common` | `1:10.3.34-0 deb10u1` | `1:10.11.4-1~deb12u1` | Apt | | `mawk` | `1.3.3-17 b3` | `1.3.4.20200120-3.1` | Apt | | `mercurial` | `4.8.2-1 deb10u1` | `6.3.2-1` | Apt | | `mercurial-common` | `4.8.2-1 deb10u1` | `6.3.2-1` | Apt | | `mount` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `mysql-common` | `5.8 1.0.5` | `5.8 1.1.0` | Apt | | `ncurses-base` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `ncurses-bin` | `6.1 20181013-2+deb10u2` | `6.4-4` | Apt | | `netbase` | `5.6` | `6.4` | Apt | | `npm` | `8.5.0` | `10.1.0` | Node | | `openssh-client` | `1:7.9p1-10 deb10u2` | `1:9.2p1-2 deb12u1` | Apt | | `openssl` | `1.1.1n-0 deb10u1` | `3.0.11-1~deb12u2` | Apt | | `passwd` | `1:4.5-1.1` | `1:4.13 dfsg1-1+b1` | Apt | | `patch` | `2.7.6-3 deb10u1` | `2.7.6-7` | Apt | | `perl` | `5.28.1-6 deb10u1` | `5.36.0-7` | Apt | | `perl-base` | `5.28.1-6 deb10u1` | `5.36.0-7` | Apt | | `pinentry-curses` | `1.1.0-2` | `1.2.1-1` | Apt | | `pkg-config` | `0.29-6` | `1.8.1-1` | Apt | | `procps` | `2:3.3.15-2` | `2:4.0.2-3` | Apt | | `python3` | `3.7.3-1` | `3.11.2-1 b1` | Apt | | `python3-distutils` | `3.7.3-1` | `3.11.2-3` | Apt | | `python3-lib2to3` | `3.7.3-1` | `3.11.2-3` | Apt | | `python3-minimal` | `3.7.3-1` | `3.11.2-1 b1` | Apt | | `readline-common` | `7.0-5` | `8.2-1.3` | Apt | | `sed` | `4.7-1` | `4.9-1` | Apt | | `sensible-utils` | `0.0.12` | `0.0.17 nmu1` | Apt | | `shared-mime-info` | `1.10-1` | `2.2-1` | Apt | | `subversion` | `1.10.4-1 deb10u3` | `1.14.2-4 b2` | Apt | | `sysvinit-utils` | `2.93-8` | `3.06-4` | Apt | | `tar` | `1.30 dfsg-6` | `1.34 dfsg-1.2` | Apt | | `tzdata` | `2021a-0 deb10u4` | `2023c-5` | Apt | | `ucf` | `3.0038 nmu1` | `3.0043 nmu1` | Apt | | `unzip` | `6.0-23 deb10u2` | `6.0-28` | Apt | | `util-linux` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `uuid-dev` | `2.33.1-0.1` | `2.38.1-5 b1` | Apt | | `wget` | `1.20.1-1.1` | `1.21.3-1 b1` | Apt | | `x11-common` | `1:7.7 19` | `1:7.7 23` | Apt | | `x11proto-core-dev` | `2018.4-4` | `2022.1-1` | Apt | | `x11proto-dev` | `2018.4-4` | `2022.1-1` | Apt | | `xorg-sgml-doctools` | `1:1.11-1` | `1:1.11-1.1` | Apt | | `xtrans-dev` | `1.3.5-1` | `1.4.0-1` | Apt | | `xz-utils` | `5.2.4-1 deb10u1` | `5.4.1-0.2` | Apt | | `zlib1g` | `1:1.2.11.dfsg-1 deb10u1` | `1:1.2.13.dfsg-1` | Apt | | `zlib1g-dev` | `1:1.2.11.dfsg-1 deb10u1` | `1:1.2.13.dfsg-1` | Apt | #### Files The following file modifications were detected: | Name | Current | Proposed | Diff | | ---- | ------- | -------- | ---- | | `/bin` (89 files changed) | | `-` | `-6.0mb` | | `/etc` (278 files changed) | `633kb` | `676kb` | `43kb` | | `/lib` (211 files changed) | | `-` | `-22mb` | | `/lib32` | | `+` | `9b` | | `/opt` (22 files changed) | `15mb` | `15mb` | `486b` | | `/root` (10 files changed) | `162kb` | `2.2kb` | `-160kb` | | `/run` (2 files changed) | | `+` | `0b` | | `/sbin` (76 files changed) | | `-` | `-4.8mb` | | `/tmp` (4 files changed) | `4.2mb` | `4.2mb` | `14kb` | | `/usr` (32610 files changed) | `1.1gb` | `1.3gb` | `188mb` | | `/var` (1768 files changed) | `8.9mb` | `8.6mb` | `-311kb` | #### History The following differences in [`docker history`](https://docs.docker.com/engine/reference/commandline/history/) were detected: ```diff -/bin/sh -c #(nop) ADD file:fedc64967d4810188e8bd8289de1b1848a9501e7c68ae5bd4af83377fb9e3108 in / +/bin/sh -c #(nop) ADD file:6d8ee60b2fe4604969d8feeeb7e0dc8b9619a778d1a905c8bfdde5ede5e1eb54 in / /bin/sh -c #(nop) CMD ["bash"] -/bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates curl netbase wget ; rm -rf /var/lib/apt/lists/* -/bin/sh -c set -ex; if ! command -v gpg > /dev/null; then apt-get update; apt-get install -y --no-install-recommends gnupg dirmngr ; rm -rf /var/lib/apt/lists/*; fi +/bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates curl gnupg netbase sq wget ; rm -rf /var/lib/apt/lists/* /bin/sh -c apt-get update && apt-get install -y --no-install-recommends git mercurial openssh-client subversion procps && rm -rf /var/lib/apt/lists/* /bin/sh -c set -ex; apt-get update; apt-get install -y --no-install-recommends autoconf automake bzip2 dpkg-dev file g++ gcc imagemagick libbz2-dev libc6-dev libcurl4-openssl-dev libdb-dev libevent-dev libffi-dev libgdbm-dev libglib2.0-dev libgmp-dev libjpeg-dev libkrb5-dev liblzma-dev libmagickcore-dev libmagickwand-dev libmaxminddb-dev libncurses5-dev libncursesw5-dev libpng-dev libpq-dev libreadline-dev libsqlite3-dev libssl-dev libtool libwebp-dev libxml2-dev libxslt-dev libyaml-dev make patch unzip xz-utils zlib1g-dev $( if apt-cache show 'default-libmysqlclient-dev' 2>/dev/null | grep -q '^Version:'; then echo 'default-libmysqlclient-dev'; else echo 'libmysqlclient-dev'; fi ) ; rm -rf /var/lib/apt/lists/* /bin/sh -c groupadd --gid 1000 node && useradd --uid 1000 --gid node --shell /bin/bash --create-home node -/bin/sh -c #(nop) ENV NODE_VERSION=16.14.2 -/bin/sh -c ARCH= && dpkgArch="$(dpkg --print-architecture)" && case "${dpkgArch##*-}" in amd64) ARCH='x64';; ppc64el) ARCH='ppc64le';; s390x) ARCH='s390x';; arm64) ARCH='arm64';; armhf) ARCH='armv7l';; i386) ARCH='x86';; *) echo "unsupported architecture"; exit 1 ;; esac && set -ex && for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 74F12602B6F1C4E913FAA37AD3A89613643B6201 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C DD8F2338BAE7501E3DD5AC78C273792F7D83545D A48C2BEE680E841632CD4E44F07496B3EB3C1762 108F52B48DB57BB0CC439B2997B01419BD92F80A B9E2F5981AA6E0CD28160D9FF13993A75599653C ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; done && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt && ln -s /usr/local/bin/node /usr/local/bin/nodejs && node --version && npm --version -/bin/sh -c #(nop) ENV YARN_VERSION=1.22.18 -/bin/sh -c set -ex && for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; done && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && mkdir -p /opt && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ && ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn && ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && yarn --version +/bin/sh -c #(nop) ENV NODE_VERSION=20.9.0 +/bin/sh -c ARCH= && dpkgArch="$(dpkg --print-architecture)" && case "${dpkgArch##*-}" in amd64) ARCH='x64';; ppc64el) ARCH='ppc64le';; s390x) ARCH='s390x';; arm64) ARCH='arm64';; armhf) ARCH='armv7l';; i386) ARCH='x86';; *) echo "unsupported architecture"; exit 1 ;; esac && export GNUPGHOME="$(mktemp -d)" && set -ex && for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; done && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc && gpgconf --kill all && rm -rf "$GNUPGHOME" && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt && ln -s /usr/local/bin/node /usr/local/bin/nodejs && node --version && npm --version +/bin/sh -c #(nop) ENV YARN_VERSION=1.22.19 +/bin/sh -c set -ex && export GNUPGHOME="$(mktemp -d)" && for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; done && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && gpgconf --kill all && rm -rf "$GNUPGHOME" && mkdir -p /opt && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ && ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn && ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && yarn --version /bin/sh -c #(nop) COPY file:4d192565a7220e135cab6c77fbc1c73211b69f3d9fb37e62857b2c6eb9363d51 in /usr/local/bin/ /bin/sh -c #(nop) ENTRYPOINT ["docker-entrypoint.sh"] /bin/sh -c #(nop) CMD ["node"] ``` #### Ports No different exposed ports detected #### Environment Variables The following different environment variables were detected: ```diff -NODE_VERSION 16.14.2 +NODE_VERSION 20.9.0 -YARN_VERSION 1.22.18 +YARN_VERSION 1.22.19 ```

Pinning FROM lines to digests makes your builds repeatable. Atomist will raise new pull requests whenever the tag moves, so that you know when the base image has been updated. You can follow a new tag at any time. Just replace the digest with the new tag you want to follow. Atomist, will switch to following this new tag.

File changed:

atomist[bot] commented 2 years ago
Vulnerabilities
Comparison

👏 No new critical or high vulnerabilities compared with target branch main 👏 No new critical or high vulnerabilities compared with unstable

More details are available in the vulnerability report