This PR adds explicit version tags to the golang and alpine Docker image sources in Dockerfile.
This project already has a valid Dependabot configuration for scanning Docker image versions, but without explicit tags Dependabot can't do anything with them, putting the bonjour-reflector image at risk of security vulnerabilities from un-patched base images.
This change should add automated Dependabot PRs for base image updates, which in my opinion is critical for a container that will run in an environment such as an edge router.
This PR adds explicit version tags to the
golangandalpineDocker image sources inDockerfile.This project already has a valid Dependabot configuration for scanning Docker image versions, but without explicit tags Dependabot can't do anything with them, putting the bonjour-reflector image at risk of security vulnerabilities from un-patched base images.
This change should add automated Dependabot PRs for base image updates, which in my opinion is critical for a container that will run in an environment such as an edge router.