Closed atomist[bot] closed 3 years ago
Vulnerabilities |
Comparison |
🎉 Fixes 7 high severity vulnerabilities compared with target branch main
🎉 Fixes 7 high severity vulnerabilities compared with unstable
More details are available in the vulnerability report
Pull request auto merged:
This pull request re-pins the Docker base image
python:rc
inDockerfile
to the current digest.https://github.com/atomist-skills/yamllint-skill/blob/c9ebec7adfaa28846a6ef55465d1f2575a1a14d2/Dockerfile#L1-L1
Digest
sha256:532e860a95afb13562603d2b84db1fe6ca164112a2b99e45fa451bd2c683f90d
references a multi-CPU architecture image manifest. This image supports the following architectures:sha256:2ce46b9944cb73233a560f8de746c59041d5d242531331bb6c78dc217125f58a
linux/386
sha256:7a6bac5f0f651e1741a1ec8998f80a486e0a68b535e54ca3a24f544a9a5ef015
linux/amd64
sha256:738dcfa6d8e50214c38bd25fbde8c7e33e76bc3cc5773c9a5fd654053413049a
linux/arm/v5
sha256:db247e90d2e8c9bdf0db53acb6fcf20bcfa034fd6e46bda76cfdc4f7976d1c9a
linux/arm/v7
sha256:487d7260f41f667884c627ac167beb71133e65b4d240038fa2061d25c728d953
linux/arm64/v8
sha256:aac5796ab217dcd60666b336c92ca87cab237f1b6c8579ebaf56b76ec767b565
linux/mips64le
sha256:368f77dd46a05982603a90c0be592efde0a6b5454c0e15881a14d72c8e64a25c
linux/ppc64le
sha256:7c2bdce49e41bb32a840bcbaf49c2f7deeea0712f2462b7f549d41d8721ea835
linux/s390x
sha256:16b51aafd8e6da655a8ef0eecf8bfe26aef2617194f56ffe844973e38155b0e3
windows/amd64
sha256:0a03b1cedb11e0792098fef2adbc7d4d18c12b655cbb5382b73fa35e1e3f665b
windows/amd64
sha256:28acc1243c9a2ec8bf76fc33d389d33652ca93b3b926f154574bcdf78a710eda
windows/amd64
Changelog for
python:rc
### Commit New image build caused by commit docker-library/official-images@a094039ecf8f719973ebeb26ea5d7e3b530fc2d0 to [`library/python`](https://github.com/docker-library/official-images/blob/a094039ecf8f719973ebeb26ea5d7e3b530fc2d0/library/python): ``` Update python Changes: - https://github.com/docker-library/python/commit/465cbc7: Merge pull request https://github.com/docker-library/python/pull/659 from mangin/3.11-rc - https://github.com/docker-library/python/commit/34e07d8: Add 3.11.0a1 ``` --- ### Comparison Comparing Docker image `python:rc` at digests _Current_ `sha256:cfc285ff5313016e64c875f3c7d00da9890f773432ad0936f841e86b5fb11944` (868mb) and _Proposed_ `sha256:532e860a95afb13562603d2b84db1fe6ca164112a2b99e45fa451bd2c683f90d` (868mb): #### Packages The following package differences were detected: | Name | Current | Proposed | Type | | ---- | ------- | -------- | ---- | | `linux-libc-dev` | `5.10.46-4` | `5.10.46-5` | Apt | #### Files The following file modifications were detected: | Name | Current | Proposed | Diff | | ---- | ------- | -------- | ---- | | `/etc/apt/sources.list` | `435b` | `435b` | `0b` | | `/etc/machine-id` | `33b` | `33b` | `0b` | | `/etc/shadow` | `501b` | `501b` | `0b` | | `/etc/shadow-` | `501b` | `501b` | `0b` | | `/root/.wget-hsts` | `254b` | `254b` | `0b` | | `/tmp/tmpixmquy8acacert.pem` | | `-` | `0b` | | `/tmp/tmpruj9_hl0cacert.pem` | | `+` | `253kb` | | `/usr/lib/python3.9/__pycache__/_markupbase.cpython-39.pyc` | `7.6kb` | `7.6kb` | `0b` | | `/usr/lib/python3.9/__pycache__/difflib.cpython-39.pyc` | `58kb` | `58kb` | `0b` | | `/usr/lib/python3.9/__pycache__/ftplib.cpython-39.pyc` | `28kb` | `28kb` | `0b` | | `/usr/lib/python3.9/__pycache__/gettext.cpython-39.pyc` | `18kb` | `18kb` | `0b` | | `/usr/lib/python3.9/__pycache__/hashlib.cpython-39.pyc` | `6.5kb` | `6.5kb` | `0b` | | `/usr/lib/python3.9/__pycache__/mailbox.cpython-39.pyc` | `59kb` | `59kb` | `0b` | | `/usr/lib/python3.9/__pycache__/nntplib.cpython-39.pyc` | `31kb` | `31kb` | `0b` | | `/usr/lib/python3.9/__pycache__/pathlib.cpython-39.pyc` | `43kb` | `43kb` | `0b` | | `/usr/lib/python3.9/__pycache__/pydoc.cpython-39.pyc` | `84kb` | `84kb` | `0b` | | `/usr/lib/python3.9/__pycache__/rlcompleter.cpython-39.pyc` | `5.6kb` | `5.6kb` | `0b` | | `/usr/lib/python3.9/__pycache__/socket.cpython-39.pyc` | `28kb` | `28kb` | `0b` | | `/usr/lib/python3.9/__pycache__/tarfile.cpython-39.pyc` | `62kb` | `62kb` | `0b` | | `/usr/lib/python3.9/__pycache__/typing.cpython-39.pyc` | `70kb` | `70kb` | `0b` | | `/usr/lib/python3.9/__pycache__/zipfile.cpython-39.pyc` | `58kb` | `58kb` | `0b` | | `/usr/lib/python3.9/asyncio/__pycache__/__main__.cpython-39.pyc` | `3.1kb` | `3.1kb` | `0b` | | `/usr/lib/python3.9/distutils/__pycache__/msvc9compiler.cpython-39.pyc` | `17kb` | `17kb` | `0b` | | `/usr/lib/python3.9/email/__pycache__/message.cpython-39.pyc` | `37kb` | `37kb` | `0b` | | `/usr/lib/python3.9/http/__pycache__/client.cpython-39.pyc` | `34kb` | `34kb` | `0b` | | `/usr/lib/python3.9/json/__pycache__/decoder.cpython-39.pyc` | `9.6kb` | `9.6kb` | `0b` | | `/usr/lib/python3.9/lib2to3/__pycache__/fixer_util.cpython-39.pyc` | `12kb` | `12kb` | `0b` | | `/usr/lib/python3.9/lib2to3/pgen2/__pycache__/tokenize.cpython-39.pyc` | `15kb` | `15kb` | `0b` | | `/usr/lib/python3.9/test/__pycache__/test_support.cpython-39.pyc` | `21kb` | `21kb` | `0b` | | `/usr/lib/python3.9/unittest/__pycache__/mock.cpython-39.pyc` | `76kb` | `76kb` | `0b` | | `/usr/lib/python3.9/wsgiref/__pycache__/handlers.cpython-39.pyc` | `16kb` | `16kb` | `0b` | | `/usr/lib/python3.9/wsgiref/__pycache__/util.cpython-39.pyc` | `5.3kb` | `5.3kb` | `0b` | | `/usr/lib/python3/dist-packages/hgdemandimport/__pycache__/__init__.cpython-39.pyc` | `1.1kb` | `1.1kb` | `0b` | | `/usr/lib/python3/dist-packages/hgext/__pycache__/commitextras.cpython-39.pyc` | `2.1kb` | `2.1kb` | `0b` | | `/usr/lib/python3/dist-packages/hgext/__pycache__/phabricator.cpython-39.pyc` | `57kb` | `57kb` | `0b` | | `/usr/lib/python3/dist-packages/hgext/__pycache__/rebase.cpython-39.pyc` | `53kb` | `53kb` | `0b` | | `/usr/lib/python3/dist-packages/hgext/__pycache__/sqlitestore.cpython-39.pyc` | `26kb` | `26kb` | `0b` | | `/usr/lib/python3/dist-packages/hgext/convert/__pycache__/git.cpython-39.pyc` | `13kb` | `13kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/commands.cpython-39.pyc` | `192kb` | `192kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/exchange.cpython-39.pyc` | `72kb` | `72kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/exchangev2.cpython-39.pyc` | `14kb` | `14kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/extensions.cpython-39.pyc` | `23kb` | `23kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/fancyopts.cpython-39.pyc` | `11kb` | `11kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/filesetlang.cpython-39.pyc` | `9.0kb` | `9.0kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/formatter.cpython-39.pyc` | `28kb` | `28kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/localrepo.cpython-39.pyc` | `89kb` | `89kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/logcmdutil.cpython-39.pyc` | `29kb` | `29kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/minifileset.cpython-39.pyc` | `3.9kb` | `3.9kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/revlog.cpython-39.pyc` | `70kb` | `70kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/revsetlang.cpython-39.pyc` | `23kb` | `23kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/statprof.cpython-39.pyc` | `27kb` | `27kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/templatekw.cpython-39.pyc` | `31kb` | `31kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/templater.cpython-39.pyc` | `33kb` | `33kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/ui.cpython-39.pyc` | `63kb` | `63kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/util.cpython-39.pyc` | `91kb` | `91kb` | `0b` | | `/usr/lib/python3/dist-packages/mercurial/__pycache__/wireprotov2server.cpython-39.pyc` | `29kb` | `29kb` | `0b` | | `/usr/local/lib/libpython3.10.so.1.0` | `20mb` | `20mb` | `664b` | | `/usr/local/lib/python3.10/lib-dynload/_datetime.cpython-310-x86_64-linux-gnu.so` | `872kb` | `871kb` | `-1.0kb` | | `/usr/local/lib/python3.10/lib-dynload/_decimal.cpython-310-x86_64-linux-gnu.so` | `2.0mb` | `2.0mb` | `1.2kb` | | `/usr/local/lib/python3.10/lib-dynload/_heapq.cpython-310-x86_64-linux-gnu.so` | `153kb` | `147kb` | `-6.4kb` | | `/usr/local/lib/python3.10/lib-dynload/_pickle.cpython-310-x86_64-linux-gnu.so` | `720kb` | `720kb` | `-64b` | | `/usr/local/lib/python3.10/lib-dynload/select.cpython-310-x86_64-linux-gnu.so` | `116kb` | `116kb` | `-8b` | | `/usr/local/share/fonts/.uuid` | `36b` | `36b` | `0b` | | `/usr/share/doc/linux-libc-dev/changelog.Debian.gz` | `318kb` | `318kb` | `680b` | | `/usr/share/fonts/.uuid` | `36b` | `36b` | `0b` | | `/usr/share/fonts/truetype/.uuid` | `36b` | `36b` | `0b` | | `/usr/share/fonts/truetype/dejavu/.uuid` | `36b` | `36b` | `0b` | | `/var/cache/fontconfig/2a334bef-859f-44bc-99a7-3e436d5bf288-le64.cache-7` | | `-` | `0b` | | `/var/cache/fontconfig/2efcc77c-663f-4792-8368-b3bafc6f1118-le64.cache-7` | | `+` | `144b` | | `/var/cache/fontconfig/394fc820-2d38-49ec-988b-12a25a6a23f5-le64.cache-7` | | `-` | `0b` | | `/var/cache/fontconfig/786c691e-4791-41e1-a013-39515cea4b9c-le64.cache-7` | | `-` | `0b` | | `/var/cache/fontconfig/898ad464-53b9-419c-9f5d-6387baaa3cfb-le64.cache-7` | | `-` | `0b` | | `/var/cache/fontconfig/bbb1c94a-d398-4beb-b1d9-c8c5bde52cd4-le64.cache-7` | | `+` | `15kb` | | `/var/cache/fontconfig/c9e82163-8002-415a-96a8-1bfeaf0fb2c6-le64.cache-7` | | `+` | `160b` | | `/var/cache/fontconfig/fcab6020-8c87-43d6-a36d-5064391d607f-le64.cache-7` | | `+` | `104b` | | `/var/cache/ldconfig/aux-cache` | `17kb` | `17kb` | `0b` | | `/var/lib/dpkg/info/linux-libc-dev:amd64.md5sums` | `58kb` | `58kb` | `0b` | | `/var/lib/dpkg/status` | `372kb` | `372kb` | `0b` | | `/var/lib/dpkg/status-old` | `372kb` | `372kb` | `0b` | | `/var/log/alternatives.log` | `11kb` | `11kb` | `0b` | | `/var/log/apt/eipp.log.xz` | `16kb` | `16kb` | `-8b` | | `/var/log/apt/history.log` | `15kb` | `15kb` | `0b` | | `/var/log/apt/term.log` | `79kb` | `79kb` | `0b` | | `/var/log/dpkg.log` | `153kb` | `153kb` | `0b` | #### History The following differences in [`docker history`](https://docs.docker.com/engine/reference/commandline/history/) were detected: ```diff -/bin/sh -c #(nop) ADD file:1fedf68870782f1b44cd50691444aab4061cc0c70f24e5fabe9c562cc46eb9af in / +/bin/sh -c #(nop) ADD file:d05a14b1e57f9cc8eeb316a843403bbb35176d6222d60d6ddbb34faba977e316 in / /bin/sh -c #(nop) CMD ["bash"] /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates curl netbase wget ; rm -rf /var/lib/apt/lists/* /bin/sh -c set -ex; if ! command -v gpg > /dev/null; then apt-get update; apt-get install -y --no-install-recommends gnupg dirmngr ; rm -rf /var/lib/apt/lists/*; fi ``` #### Ports No different exposed ports detected #### Environment Variables No different environment variables detected
Pinning
FROM
lines to digests makes your builds repeatable. Atomist will raise new pull requests whenever the tag moves, so that you know when the base image has been updated. You can follow a new tag at any time. Just replace the digest with the new tag you want to follow. Atomist, will switch to following this new tag.File changed:
Dockerfile