search

jgraph / docker-drawio

Dockerized draw.io based on whichever is the most secure image at the time.
GNU General Public License v3.0
1.6k stars 371 forks source link

Docker Image no longer updated #171

Open carstencodes opened 1 week ago

carstencodes commented 1 week ago

Hi,

the docker image is no longer updated on docker hub.

I inspected the gh actions log and saw, that ant war is failing in the building image.

After a little investigation: This action is also failing in the regular repository.

It is actually failing since this commit where build.xml was deleted by @davidjgraph

@davidjgraph Was the deletion of the file intentional without any replacement?

Regards

Carsten

davidjgraph commented 1 week ago

Yeah, it's on the todo. That file won't work, but the problem is it's half of the pair of build files on the source repo, so we can't change one without the other.

ejhayter commented 1 day ago

Hi,

Not sure if this adds to this or is it's own issue. I wanted to note that the latest build available on docker hub is based on Apache Tomcat 9.0.95, there are currently 3 CVEs reported against that version; CVE-2024-52316, CVE-2024-52317, and CVE-2024-52318.

It would be very nice to get a new build even of the old version but with updated dependencies (should be automatically pulled in by tomcat:9-jre11).

Regards,

Emily