The Dockerfile in ./github/actions/tools file in the fork i'm working with of this repository is rightfully flagged by aquasecurity/trivy-action as a high security vulnerability. Running containers as the root user goes against container security best practices. I propose we update the Dockerfile to run as User 1001.
The Dockerfile in ./github/actions/tools file in the fork i'm working with of this repository is rightfully flagged by aquasecurity/trivy-action as a high security vulnerability. Running containers as the root user goes against container security best practices. I propose we update the Dockerfile to run as User 1001.