Open MikeMcC399 opened 5 days ago
All fixed issues from Debian are now included
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
$ trivy image --ignore-unfixed cypress/factory:4.0.3
2024-07-03T11:25:05+02:00 INFO Vulnerability scanning is enabled
2024-07-03T11:25:05+02:00 INFO Secret scanning is enabled
2024-07-03T11:25:05+02:00 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-03T11:25:05+02:00 INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-03T11:25:05+02:00 INFO Detected OS family="debian" version="12.6"
2024-07-03T11:25:05+02:00 INFO [debian] Detecting vulnerabilities... os_version="12" pkg_num=282
2024-07-03T11:25:05+02:00 INFO Number of language-specific files num=0
2024-07-03T11:25:05+02:00 WARN Using severities from other vendors for some vulnerabilities. Read https://aquasecurity.github.io/trivy/v0.53/docs/scanner/vulnerability#severity-selection for details.
cypress/factory:4.0.3 (debian 12.6)
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
Dockerfile
doing it in this order.Ready for review and merge
Issue
12.6
was released on June 29th, 2024 and contains vulnerability fixes which are not included incypress/factory:4.0.2
(currentlatest
).Change
Update to
debian:12.6-slim
incypress/factory
, specifying exact version of Debian for documentation clarity of version in use.Verification
On Ubuntu
22.04.4
LTS, Node.jsv20.15.0
LTSExecute:
and confirm that all images are built without errors or warnings.
Continue with
and confirm that the image builds without errors or warnings and runs successfully.