Closed atomist[bot] closed 3 years ago
Dockerfile
· Docker image scanVulnerability report for image atomist/skill
at digest sha256:f322f4005c1c2e8e399b4e99300b43fdf1cbc5beb83e702bd8826e925f4c8fb9
.
Detected 2 critical, 23 high, 30 medium and 1 low severity vulnerabilities.
More details are available in the vulnerability report.
This pull request pins 2 APT packages in
Dockerfile
to the latest available version.curl
>7.74.0-1ubuntu2.1
nodejs
>14.17.4-deb-1nodesource1
Atomist uses the APT package sources configured in the base image to determine latest available versions. Use a comment like
# atomist:apt-source=deb https://deb.nodesource.com/node_14.x hirsute main
to add additional APT sources. Disable pinning of packages by placing# atomist:apt-ignore
as comment before aRUN
instruction.File changed:
Dockerfile
atomist/docker-base-image-policy · Configure