Closed kenthua closed 6 years ago
Since the original commits were not ideal, I updated the package.json with the vulnerable versions and removed the added npm commands in the Dockerfile.
Just in case, published smartthings-mqtt-bridge@3.0.0 to account for the major Node version bump.
+1
Without jumping into the code, switched the image to the
node:alpine
image, added npm package update via npm audit.Current
Updated
Image size 688MB -> 143MB
Tested image on local instance