search

miracum / ahd2fhir

A REST service for mapping text analysis results from Averbis Health Discovery to FHIR resources.
Apache License 2.0
8 stars 0 forks source link

chore(deps): update gcr.io/distroless/python3-debian12:nonroot docker digest to c4606a5 #179

Closed renovate[bot] closed 5 months ago

renovate[bot] commented 5 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
gcr.io/distroless/python3-debian12 final digest 95f5fa8 -> c4606a5

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

github-actions[bot] commented 5 months ago

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 5 0 0.04s
✅ BASH bash-exec 2 0 0.03s
✅ BASH shellcheck 2 0 0.01s
✅ BASH shfmt 2 0 0.04s
✅ DOCKERFILE hadolint 2 0 0.15s
✅ JSON jsonlint 17 0 0.26s
✅ JSON npm-package-json-lint yes no 0.99s
✅ JSON prettier 17 0 1.61s
✅ MARKDOWN markdownlint 3 0 0.69s
✅ PYTHON bandit 31 0 1.54s
✅ PYTHON black 31 0 2.0s
✅ PYTHON flake8 31 0 0.99s
✅ PYTHON isort 31 0 0.43s
✅ PYTHON mypy 31 0 9.75s
✅ PYTHON pyright 31 0 9.25s
✅ PYTHON ruff 31 0 0.07s
✅ REPOSITORY checkov yes no 15.99s
✅ REPOSITORY gitleaks yes no 0.11s
✅ REPOSITORY git_diff yes no 0.01s
✅ REPOSITORY grype yes no 14.83s
✅ REPOSITORY kics yes no 32.54s
✅ REPOSITORY secretlint yes no 0.93s
✅ REPOSITORY syft yes no 0.61s
✅ REPOSITORY trivy yes no 14.1s
✅ REPOSITORY trivy-sbom yes no 8.33s
✅ REPOSITORY trufflehog yes no 4.81s
✅ YAML prettier 15 0 1.02s
✅ YAML yamllint 15 0 0.66s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

_MegaLinter is graciously provided by OX Security_

github-actions[bot] commented 5 months ago

Trivy image scan report

ghcr.io/miracum/ahd2fhir:pr-179 (debian 12.6)

62 known vulnerabilities found (LOW: 24 CRITICAL: 1 HIGH: 6 MEDIUM: 28)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
libc6 CVE-2010-4756 LOW 2.36-9+deb12u7
libc6 CVE-2018-20796 LOW 2.36-9+deb12u7
libc6 CVE-2019-1010022 LOW 2.36-9+deb12u7
libc6 CVE-2019-1010023 LOW 2.36-9+deb12u7
libc6 CVE-2019-1010024 LOW 2.36-9+deb12u7
libc6 CVE-2019-1010025 LOW 2.36-9+deb12u7
libc6 CVE-2019-9192 LOW 2.36-9+deb12u7
libexpat1 CVE-2023-52425 HIGH 2.5.0-1
libexpat1 CVE-2023-52426 LOW 2.5.0-1
libexpat1 CVE-2024-28757 LOW 2.5.0-1
libgcc-s1 CVE-2023-4039 MEDIUM 12.2.0-14
libgcc-s1 CVE-2022-27943 LOW 12.2.0-14
libgomp1 CVE-2023-4039 MEDIUM 12.2.0-14
libgomp1 CVE-2022-27943 LOW 12.2.0-14
libgssapi-krb5-2 CVE-2024-26462 HIGH 1.20.1-2+deb12u1
libgssapi-krb5-2 CVE-2024-26458 MEDIUM 1.20.1-2+deb12u1
libgssapi-krb5-2 CVE-2024-26461 MEDIUM 1.20.1-2+deb12u1
libgssapi-krb5-2 CVE-2024-37370 MEDIUM 1.20.1-2+deb12u1
libgssapi-krb5-2 CVE-2024-37371 MEDIUM 1.20.1-2+deb12u1
libgssapi-krb5-2 CVE-2018-5709 LOW 1.20.1-2+deb12u1
libk5crypto3 CVE-2024-26462 HIGH 1.20.1-2+deb12u1
libk5crypto3 CVE-2024-26458 MEDIUM 1.20.1-2+deb12u1
libk5crypto3 CVE-2024-26461 MEDIUM 1.20.1-2+deb12u1
libk5crypto3 CVE-2024-37370 MEDIUM 1.20.1-2+deb12u1
libk5crypto3 CVE-2024-37371 MEDIUM 1.20.1-2+deb12u1
libk5crypto3 CVE-2018-5709 LOW 1.20.1-2+deb12u1
libkrb5-3 CVE-2024-26462 HIGH 1.20.1-2+deb12u1
libkrb5-3 CVE-2024-26458 MEDIUM 1.20.1-2+deb12u1
libkrb5-3 CVE-2024-26461 MEDIUM 1.20.1-2+deb12u1
libkrb5-3 CVE-2024-37370 MEDIUM 1.20.1-2+deb12u1
libkrb5-3 CVE-2024-37371 MEDIUM 1.20.1-2+deb12u1
libkrb5-3 CVE-2018-5709 LOW 1.20.1-2+deb12u1
libkrb5support0 CVE-2024-26462 HIGH 1.20.1-2+deb12u1
libkrb5support0 CVE-2024-26458 MEDIUM 1.20.1-2+deb12u1
libkrb5support0 CVE-2024-26461 MEDIUM 1.20.1-2+deb12u1
libkrb5support0 CVE-2024-37370 MEDIUM 1.20.1-2+deb12u1
libkrb5support0 CVE-2024-37371 MEDIUM 1.20.1-2+deb12u1
libkrb5support0 CVE-2018-5709 LOW 1.20.1-2+deb12u1
libncursesw6 CVE-2023-50495 MEDIUM 6.4-4
libncursesw6 CVE-2023-45918 LOW 6.4-4
libpython3.11-minimal CVE-2023-27043 MEDIUM 3.11.2-6+deb12u2
libpython3.11-minimal CVE-2024-4032 LOW 3.11.2-6+deb12u2
libpython3.11-minimal CVE-2024-0397 UNKNOWN 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2023-27043 MEDIUM 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2024-4032 LOW 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2024-0397 UNKNOWN 3.11.2-6+deb12u2
libsqlite3-0 CVE-2023-7104 HIGH 3.40.1-2
libsqlite3-0 CVE-2024-0232 MEDIUM 3.40.1-2
libsqlite3-0 CVE-2021-45346 LOW 3.40.1-2
libssl3 CVE-2024-4603 MEDIUM 3.0.13-1~deb12u1
libssl3 CVE-2024-4741 MEDIUM 3.0.13-1~deb12u1
libssl3 CVE-2024-5535 MEDIUM 3.0.13-1~deb12u1
libssl3 CVE-2024-2511 LOW 3.0.13-1~deb12u1
libstdc++6 CVE-2023-4039 MEDIUM 12.2.0-14
libstdc++6 CVE-2022-27943 LOW 12.2.0-14
libtinfo6 CVE-2023-50495 MEDIUM 6.4-4
libtinfo6 CVE-2023-45918 LOW 6.4-4
libuuid1 CVE-2022-0563 LOW 2.38.1-5+deb12u1
python3.11-minimal CVE-2023-27043 MEDIUM 3.11.2-6+deb12u2
python3.11-minimal CVE-2024-4032 LOW 3.11.2-6+deb12u2
python3.11-minimal CVE-2024-0397 UNKNOWN 3.11.2-6+deb12u2
zlib1g CVE-2023-45853 CRITICAL 1:1.2.13.dfsg-1

No Misconfigurations found

miracum-bot commented 5 months ago

:tada: This issue has been resolved in version 3.1.9 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: