cypress-app-bot
commented
5 days ago - Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.
Open MikeMcC399 opened 5 days ago
cypress-app-bot
commented
5 days ago 
MikeMcC399
commented
5 days ago All fixed issues from Debian are now included
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
$ trivy image --ignore-unfixed cypress/factory:4.0.3
2024-07-03T11:25:05+02:00 INFO Vulnerability scanning is enabled
2024-07-03T11:25:05+02:00 INFO Secret scanning is enabled
2024-07-03T11:25:05+02:00 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-03T11:25:05+02:00 INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-03T11:25:05+02:00 INFO Detected OS family="debian" version="12.6"
2024-07-03T11:25:05+02:00 INFO [debian] Detecting vulnerabilities... os_version="12" pkg_num=282
2024-07-03T11:25:05+02:00 INFO Number of language-specific files num=0
2024-07-03T11:25:05+02:00 WARN Using severities from other vendors for some vulnerabilities. Read https://aquasecurity.github.io/trivy/v0.53/docs/scanner/vulnerability#severity-selection for details.
cypress/factory:4.0.3 (debian 12.6)
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)Dockerfile doing it in this order.MikeMcC399
commented
5 days ago Ready for review and merge
Issue
12.6was released on June 29th, 2024 and contains vulnerability fixes which are not included incypress/factory:4.0.2(currentlatest).Change
Update to
debian:12.6-slimincypress/factory, specifying exact version of Debian for documentation clarity of version in use.Verification
On Ubuntu
22.04.4LTS, Node.jsv20.15.0LTSExecute:
and confirm that all images are built without errors or warnings.
Continue with
and confirm that the image builds without errors or warnings and runs successfully.