This update to use alpine:3.13.7 seems to be compliant with snyk.
Testing codeclimate/codeclimate-phpcodesniffer:latest...
Organization: fede-moya
Package manager: apk
Project name: docker-image|codeclimate/codeclimate-phpcodesniffer
Docker image: codeclimate/codeclimate-phpcodesniffer:latest
Platform: linux/amd64
Base image: alpine:3.13.7
Licenses: enabled
✔ Tested 37 dependencies for known issues, no vulnerable paths found.
According to our scan, you are currently using the most secure version of the selected base image
I have tested this image locally using different phpcodesniffer's configurations extracted from the users that reported having issues the first time. Still there is change for some user to experience some kind of trouble with this new image. If that happens the plan is to go a case by cases basis to resolve the problem.
According to what is exposed on QUA-502 our latest update introduced new build failures for some of the users using the
stablechannel.The motivation behind https://github.com/codeclimate/codeclimate-phpcodesniffer/pull/88 was to resolve critical vulnerabilities reported by snyk.
This update to use
alpine:3.13.7seems to be compliant with snyk.I have tested this image locally using different phpcodesniffer's configurations extracted from the users that reported having issues the first time. Still there is change for some user to experience some kind of trouble with this new image. If that happens the plan is to go a case by cases basis to resolve the problem.