search

bitwarden / self-host

Bitwarden's self-hosted release repository
GNU General Public License v3.0
316 stars 55 forks source link

Update dotnet monorepo to v8 (major) - autoclosed #131

Closed renovate[bot] closed 5 months ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
mcr.microsoft.com/dotnet/aspnet final major 6.0 -> 8.0
mcr.microsoft.com/dotnet/sdk stage major 6.0 -> 8.0

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

This PR has been generated by Mend Renovate. View repository job log here.

bitwarden-bot commented 1 year ago

Logo Checkmarx One – Scan Summary & Details – 7fe9091a-dfe6-4381-bb10-63c324d28c99

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Missing User Instruction /Dockerfile: 176 A user should be specified in the dockerfile, otherwise the image will run as root
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212 When installing a package, its pin version should be defined
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 54 When installing a package, its pin version should be defined
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212 When installing a package, its pin version should be defined
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212 When installing a package, its pin version should be defined
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212 When installing a package, its pin version should be defined
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212 When installing a package, its pin version should be defined
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212 When installing a package, its pin version should be defined
MEDIUM NPM Install Command Without Pinned Version /Dockerfile: 58 Check if packages installed by npm are pinning a specific version.
MEDIUM Using Platform Flag with FROM Command /Dockerfile: 37 Don't use '--platform' flag with FROM
LOW Healthcheck Instruction Missing /Dockerfile: 176 Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
LOW Multiple RUN, ADD, COPY, Instructions Listed /Dockerfile: 222 Multiple commands (RUN, COPY, ADD) should be grouped in order to reduce the number of layers.
LOW Multiple RUN, ADD, COPY, Instructions Listed /Dockerfile: 249 Multiple commands (RUN, COPY, ADD) should be grouped in order to reduce the number of layers.

Fixed Issues

Severity Issue Source File / Package
HIGH Missing User Instruction /Dockerfile: 176
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 54
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 212
MEDIUM NPM Install Command Without Pinned Version /Dockerfile: 58
MEDIUM Using Platform Flag with FROM Command /Dockerfile: 37
LOW Healthcheck Instruction Missing /Dockerfile: 176
LOW Multiple RUN, ADD, COPY, Instructions Listed /Dockerfile: 249
LOW Multiple RUN, ADD, COPY, Instructions Listed /Dockerfile: 222
renovate[bot] commented 7 months ago

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

âš  Warning: custom changes will be lost.