-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: expat lib and go binary deps vulns #2940
chore: expat lib and go binary deps vulns #2940
Conversation
@knqyf263 this PR fix Critical and High vulnerabilities found in |
00b0a2b
to
2b9ff8b
Compare
Signed-off-by: chenk <hen.keinan@gmail.com>
81d125f
to
73440bf
Compare
Dockerfile
Outdated
@@ -1,5 +1,6 @@ | |||
FROM alpine:3.16.2 | |||
RUN apk --no-cache add ca-certificates git | |||
RUN apk add --upgrade expat-dev |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you revert it? Those packages will be updated when the next version is released because Alpine tries to use the latest version at that time. I'll cut off v0.32.1, then those vulns will be addressed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@knqyf263 done
Signed-off-by: chenk <hen.keinan@gmail.com>
Signed-off-by: chenk <hen.keinan@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll merge this PR once the tests will pass.
Signed-off-by: chenk hen.keinan@gmail.com
Description
Fix expat and go binary dependencies vulnerabilities
Related issues
Checklist