[Snyk] Security upgrade alpine from 3.7 to 3.18.12#42
[Snyk] Security upgrade alpine from 3.7 to 3.18.12#42RealTschoegl wants to merge 1 commit intomasterfrom
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE37-MUSL-458286 - https://snyk.io/vuln/SNYK-ALPINE37-MUSL-458286
Upgrade the final runtime container in
|
|
Please mark whether you used AI to assist coding in this PR
|
![gitstream-cm[bot]](https://avatars.githubusercontent.com/in/230441?s=60&v=4){kind=small}
There was a problem hiding this comment.
✨ PR Review
The PR upgrades Alpine Linux from 3.7 to 3.18.12 to fix critical security vulnerabilities, which is important for security. However, this represents a major version jump that could introduce compatibility issues.
1 issues detected:
🐞 Bug - Major base image upgrades without proper testing can break application functionality due to changed dependencies or system behavior.
Details: Upgrading from Alpine 3.7 to 3.18.12 represents a significant version jump spanning multiple years of changes. This could introduce breaking changes in package availability, system libraries, or application behavior that may cause the application to fail at runtime.
File:keto/Dockerfile-alpine (19-19)
Generated by LinearB AI and added by gitStream.
AI-generated content may contain inaccuracies. Please verify before using. We'd love your feedback! 🚀
| RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-s -X github.com/justpark/auth/keto/cmd.Version=$git_tag -X github.com/justpark/auth/keto/cmd.BuildTime=`TZ=UTC date -u '+%Y-%m-%dT%H:%M:%SZ'` -X github.com/justpark/auth/keto/cmd.GitHash=$git_commit" -a -installsuffix cgo -o keto | ||
|
|
||
| FROM alpine:3.7 | ||
| FROM alpine:3.18.12 |
There was a problem hiding this comment.
🐞 Bug - Major Version Jump: Test the application thoroughly with the new Alpine version in a staging environment before merging. Consider upgrading incrementally through intermediate versions to identify potential compatibility issues.
| FROM alpine:3.18.12 | |
| FROM alpine:3.7 |
2 participants
Snyk has created this PR to fix 1 vulnerabilities in the dockerfile dependencies of this project.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Snyk changed the following file(s):
keto/Dockerfile-alpineWe recommend upgrading to
alpine:3.18.12, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Vulnerabilities that will be fixed with an upgrade:
SNYK-ALPINE37-MUSL-458286
SNYK-ALPINE37-MUSL-458286
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.