smebberson
commented
8 years ago Good idea! Where do you see we'll add this? At the top of the first RUN statement?
Open matthewvalimaki opened 8 years ago
smebberson
commented
8 years ago Good idea! Where do you see we'll add this? At the top of the first RUN statement?
matthewvalimaki
commented
8 years ago @smebberson first run sounds right place to me. On all images of course. On Apr 10, 2016 7:34 PM, "Scott Mebberson" notifications@github.com wrote:
Good idea! Where do you see we'll add this? At the top of the first RUN statement?
— You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub https://github.com/smebberson/docker-alpine/issues/39#issuecomment-208128459
smebberson
commented
8 years ago @matthewvalimaki, damn, I missed this in my recent updates. I should have added it in while I was there. Do you think a minor or patch release is okay for this addition?
matthewvalimaki
commented
8 years ago @smebberson I think it's fine if you just push apk --update upgrade to master and they'll be in images whenever you just make a new release.
smebberson
commented
7 years ago @matthewvalimaki, I've made a bunch of progress on this. All of the new images have this, you can see the CHANGELOG for notes accordingly. I'll keep this open for now.
I recommend
apk upgrade --updateto be executed on every image. For examplelibcrypto,libsslandbindare out of date. While security is responsibility of user providing latest (at the time of build at least) would be good practice.Also vaguely related: "Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers." https://github.com/coreos/clair/issues/12.