Bump production-stage image to nginx:1.26

github-copilot-resources / copilot-metrics-viewer

Tool to visualize the Copilot metrics provided via the Copilot Business Metrics API (current in public beta)

https://copilot-metrics-viewer-gthcc5cmd9ebf2ff.westeurope-01.azurewebsites.net/

MIT License

303 stars 154 forks source link

Bump production-stage image to nginx:1.26 #68

Closed lukemaslany-next closed 3 months ago

lukemaslany-next commented 4 months ago

Bumping the production-stage container image from nginx:1.19 to nginx:1.26 should eliminate more than 200 vulnerability findings - including 34 CVEs rated at critical (as of 11-Jul-2024).

Prisma Twistlock Summary using nginx1.19

Vulnerabilities found for image ghcr.io/github-copilot-resources/copilot-metrics-viewer:latest:

total - 201
critical - 34
high - 72
medium - 95
low - 0

copilot-metrics-viewer__vulnerability_scan_7_12_24_12_02_41.csv

martedesco commented 3 months ago

Nice catch @lukemaslany-next , thanks for contributing! I will add to a new release soon.