Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Security upgrade node from 20.7.0-alpine to 20.13.0-alpine #19

Open
wants to merge 30 commits into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade node from 20.7.0-alpine to 20.13.0-alpine #19

wants to merge 30 commits into from

Conversation

gabrielpastori1
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • Dockerfile

We recommend upgrading to node:20.13.0-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 614 CVE-2023-5363
SNYK-ALPINE318-OPENSSL-6032386		 No Known Exploit
medium severity 621 Path Traversal
SNYK-UPSTREAM-NODE-6252334		 Proof of Concept
high severity 614 Privilege Context Switching Error
SNYK-UPSTREAM-NODE-6252335		 No Known Exploit
high severity 721 Path Traversal
SNYK-UPSTREAM-NODE-6255385		 Proof of Concept
high severity 614 Allocation of Resources Without Limits or Throttling
SNYK-UPSTREAM-NODE-6564548		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Path Traversal
🦉 Allocation of Resources Without Limits or Throttling

gabrielpastori1 and others added 30 commits September 9, 2023 15:29
@gabrielpastori1
feat: env to hide index and manager
d962915
@gabrielpastori1
fix: add PORT as env alias to SERVER_PORT
d48ce9f
@gabrielpastori1
fix: default options to CORS_ORIGIN and CORS_METHODS
bd7294c
@gabrielpastori1
add heroku app.json
b63648c
@gabrielpastori1
fix: heroku non required env
f6efb7d
@gabrielpastori1
fix: RABBITMQ_URI non required
a371164
@gabrielpastori1
feat: alias to DATABASE_CONNECTION_URI for heroku deploy
42d0c30
@gabrielpastori1
feat: add Procfile
05c9732
@gabrielpastori1
add heroku to readme
391c10e
@gabrielpastori1
fix: removal of very expensive heroku mongoDB
88011da
@gabrielpastori1
fix: add HEROKU_ENV
0505338
@gabrielpastori1
fix: DATABASE_CONNECTION_URI required
af2f883
@gabrielpastori1
fix: add LOG_LEVEL env
93d255f
@gabrielpastori1
fix: force http in heroku
b99f099
@gabrielpastori1
fix: revert delete instance router
d775a45
@gabrielpastori1
add Procfile
2d51647
@gabrielpastori1
fix: procfile
c2a8685
@gabrielpastori1
fix: procfile
cf58498
@gabrielpastori1
comment env force 8080
7a74cea
@gabrielpastori1
hide index
dead37d
@gabrielpastori1
add rabbitMQ log
a020eb2
@gabrielpastori1
fix: rabbitMQ event hook
f0b9353
@gabrielpastori1
feat: link preview and hide manager
18d52a7
@gabrielpastori1
Merge branch 'main' into heroku-button
9e977d4
@gabrielpastori1
Merge pull request #5 from gabrielpastori1/heroku-button
215f3d5 
Heroku button
@gabrielpastori1
Merge pull request #6 from EvolutionAPI/main
26d1f83 
1.5.4
@gabrielpastori1
Update issue templates
8e362a9
@gabrielpastori1
Merge branch 'EvolutionAPI:main' into main
f5ecd8e
@gabrielpastori1
Merge remote-tracking branch 'upstream/main'
236af88
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
c169089 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE318-OPENSSL-6032386
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-6252334
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-6252335
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-6255385
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-6564548
gabrielpastori1 pushed a commit that referenced this pull request Jan 4, 2025
@judsonjuniorr
Merge pull request #19 from EvolutionAPI/v2.0.0
f17bb4e 
changelog
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gabrielpastori1 @snyk-bot