atomist[bot]
commented
3 years ago 
Path: Dockerfile · Docker image scan
Vulnerability report for image atomist/skill at digest sha256:f322f4005c1c2e8e399b4e99300b43fdf1cbc5beb83e702bd8826e925f4c8fb9.
Detected 2 critical, 23 high, 30 medium and 1 low severity vulnerabilities.
More details are available in the vulnerability report.
This pull request pins 2 APT packages in
Dockerfileto the latest available version.curl>7.74.0-1ubuntu2.1nodejs>14.17.4-deb-1nodesource1Atomist uses the APT package sources configured in the base image to determine latest available versions. Use a comment like
# atomist:apt-source=deb https://deb.nodesource.com/node_14.x hirsute mainto add additional APT sources. Disable pinning of packages by placing# atomist:apt-ignoreas comment before aRUNinstruction.File changed:
Dockerfileatomist/docker-base-image-policy · Configure