search

turkdevops / sourcegraph

Universal code search (self-hosted)
https://sourcegraph.com
Other
1 stars 0 forks source link

[Snyk] Security upgrade python from 3-alpine to 3.11.0a5-alpine #310

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

We recommend upgrading to python:3.11.0a5-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
critical severity 571 Integer Overflow or Wraparound
SNYK-ALPINE315-EXPAT-2393733		 No Known Exploit
critical severity 571 Integer Overflow or Wraparound
SNYK-ALPINE315-EXPAT-2393735		 No Known Exploit
low severity 221 CVE-2021-3995
SNYK-ALPINE315-UTILLINUX-2393739		 No Known Exploit
low severity 221 CVE-2021-3996
SNYK-ALPINE315-UTILLINUX-2393741		 No Known Exploit
low severity 221 CVE-2022-0563
SNYK-ALPINE315-UTILLINUX-2401805		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

mistaken-pull-closer[bot] commented 2 years ago

Thanks for your submission.

It appears that you've created a pull request using one of our repository's branches. Since this is almost always a mistake, we're going to go ahead and close this. If it was intentional, please let us know what you were intending and we can see about reopening it.

Thanks again!

pull-dog[bot] commented 2 years ago

*Ruff* :dog: I wasn't able to find any Docker Compose files in your repository at any of the given paths in the pull-dog.json configuration file, or the default docker-compose.yml file :weary: Make sure the given paths are correct.

Files checked:

What is this? Pull Dog is a GitHub app that makes test environments for your pull requests using Docker, from a `docker-compose.yml` file you specify. It takes 19 seconds to set up (we counted!) and there's a free plan available. Visit our website to learn more.
Commands - `@pull-dog up` to reprovision or provision the server. - `@pull-dog down` to delete the provisioned server.
Troubleshooting Need help? Don't hesitate to file an issue in our repository **Configuration** ```json { "isLazy": false, "dockerComposeYmlFilePaths": [ "docker-compose.yml" ], "expiry": "00:00:00", "conversationMode": "singleComment" } ``` **Trace ID** 5cf11ec0-928e-11ec-9055-1e764af75e22