Closed leonardocustodio closed 2 months ago
โฑ๏ธ Estimated effort to review: 1 ๐ตโชโชโชโช |
๐งช No relevant tests |
๐ No security concerns identified |
โก No key issues to review |
Category | Suggestion | Score |
Security |
Use a SHA256 digest for Docker images to ensure immutability and security___ **To ensure that the decoder service always uses the most secure and up-to-dateversion, consider using a more specific tag than just the version number, such as the SHA256 digest of the image. This approach prevents issues related to mutable tags and ensures that the exact intended version of the image is used.** [docker-compose.yml [31]](https://github.com/enjin/platform/pull/46/files#diff-e45e45baeda1c1e73482975a664062aa56f20c03dd9d64a827aba57775bed0d3R31-R31) ```diff -image: enjin/platform-decoder:v1.9.1 +image: enjin/platform-decoder@sha256: Suggestion importance[1-10]: 9Why: Using a SHA256 digest for Docker images enhances security by ensuring that the exact intended version of the image is used, preventing issues related to mutable tags. This is a significant improvement for maintaining a secure and reliable deployment. | 9 |
PR Type
enhancement, configuration changes
Description
decoder
service image version indocker-compose.yml
fromv1.9.0
tov1.9.1
.Changes walkthrough ๐
docker-compose.yml
Upgrade `decoder` service image version in Docker Compose
docker-compose.yml
decoder
service image version fromv1.9.0
tov1.9.1
.