Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Security upgrade node from 18.8-alpine3.16 to 18.13-alpine3.16 #170

Merged
merged 1 commit into from
Feb 5, 2023
Merged

[Snyk] Security upgrade node from 18.8-alpine3.16 to 18.13-alpine3.16 #170

merged 1 commit into from
Feb 5, 2023

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Feb 4, 2023

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • Dockerfile.test

We recommend upgrading to node:18.13-alpine3.16, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 614 Insecure Randomness
SNYK-UPSTREAM-NODE-3035792		 No Known Exploit
medium severity 621 HTTP Request Smuggling
SNYK-UPSTREAM-NODE-3035795		 Proof of Concept
high severity 625 Buffer Overflow
SNYK-UPSTREAM-NODE-3092932		 No Known Exploit
high severity 721 Buffer Overflow
SNYK-UPSTREAM-NODE-3092933		 Proof of Concept
high severity 614 DNS Rebinding
SNYK-UPSTREAM-NODE-3105822		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Insecure Randomness

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 4093330042

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 59.499%
Totals Coverage Status
Change from base Build 4093064020: 0.0%
Covered Lines: 1176
Relevant Lines: 1949
💛 - Coveralls

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 4, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@cameri cameri merged commit a0dcc05 into main Feb 5, 2023
@cameri cameri deleted the snyk-fix-a9dded000f7558b0c7af199c3d43594c branch February 5, 2023 00:02
github-actions bot pushed a commit that referenced this pull request Feb 5, 2023
@semantic-release-bot
chore(release): 1.22.1 [skip ci]
49bc63c 
## [1.22.1](v1.22.0...v1.22.1) (2023-02-05)

### Bug Fixes

* Dockerfile.test to reduce vulnerabilities ([#170](#170)) ([a0dcc05](a0dcc05))
* SettingsStatic class default to yaml file ([#158](#158)) ([7a4667c](7a4667c))
* update supported nips in readme ([#164](#164)) ([a0ff972](a0ff972))
@github-actions
Copy link

github-actions bot commented Feb 5, 2023

🎉 This PR is included in version 1.22.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

antonleviathan pushed a commit that referenced this pull request Feb 8, 2023
@snyk-bot @antonleviathan
fix: Dockerfile.test to reduce vulnerabilities (#170)
fa41eb5 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3035792
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3035795
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3092932
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3092933
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-3105822
antonleviathan pushed a commit that referenced this pull request Feb 8, 2023
@semantic-release-bot @antonleviathan
chore(release): 1.22.1 [skip ci]
9fcf026 
## [1.22.1](v1.22.0...v1.22.1) (2023-02-05)

### Bug Fixes

* Dockerfile.test to reduce vulnerabilities ([#170](#170)) ([a0dcc05](a0dcc05))
* SettingsStatic class default to yaml file ([#158](#158)) ([7a4667c](7a4667c))
* update supported nips in readme ([#164](#164)) ([a0ff972](a0ff972))
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@snyk-bot @coveralls @cameri