Closed tobybellwood closed 4 months ago
This PR updates a heap of the NPM dependencies in Lagoon. This should help us to target efforts better at the core packages in use.
It also reduces the number of vulnerabilities in the images
## Overview │ Analyzed Image │ Comparison Image ────────────────────┼────────────────────────────────────┼───────────────────────────────────────────── Target │ lagoon/api:latest │ uselagoon/api:latest digest │ 02c172452e33 │ 6a7f1a82e9db platform │ linux/amd64 │ linux/amd64 provenance │ │ https://github.com/uselagoon/lagoon.git │ │ 18b3b827c73f740d61a9c1900926a87c1adaaa4a vulnerabilities │ 1C 17H 41M 3L 1? │ 10C 31H 62M 3L 2? │ -9 -14 -21 -1 │ size │ 146 MB (-30 MB) │ 176 MB packages │ 1316 (-333) │ 1649 │ │ Base image │ node:20-alpine │ node:20-alpine tags │ also known as │ also known as │ • 20-alpine3.19 │ • 20-alpine3.18 │ • 20.11-alpine │ • iron-alpine │ • 20.11-alpine3.19 │ • iron-alpine3.18 │ • 20.11.0-alpine │ • lts-alpine │ • 20.11.0-alpine3.19 │ • lts-alpine3.18 │ • iron-alpine │ │ • iron-alpine3.19 │ │ • lts-alpine │ │ • lts-alpine3.19 │ vulnerabilities │ 0C 0H 2M 0L 1? │ 0C 0H 2M 0L 1?
This PR updates a heap of the NPM dependencies in Lagoon. This should help us to target efforts better at the core packages in use.
It also reduces the number of vulnerabilities in the images