Closed nodiscc closed 1 year ago
The correct solution would be to update the base alpine image to 3.17 or 3.18 (https://hub.docker.com/_/alpine/).
I don't use the docker deployment method, so if someone is willing to rebuild/test an alpine:3.18
-based image and send a Pull Request, I would merge it.
The alpine:3.16
base image now points to alpine:3.16.7
which no longer has these vulnerabilities. https://github.com/shaarli/Shaarli/actions/runs/5911196280/job/16033493409#step:10:20
We should still consider upgrading the base image to 3.17 or 3.18.
Closing as the initial problem is now resolved.
Ref. https://github.com/shaarli/Shaarli/actions/runs/5727352782/job/15519576105