Skip to content

Commit

Permalink
Fix alpine image vulnerabilities
Browse files Browse the repository at this point in the history 
See: https://hub.docker.com/layers/library/node/20-alpine/images/sha256-b793e2d077f19ecc31e3f94e910207f18e6a97f8c7bab81077265f58682a3df0
- cross-spawn 7.0.3 high risk
- alpine/openssl 3.3.2-r0 medium risk
  • Loading branch information
@manuelpuchta
manuelpuchta committed Nov 29, 2024
1 parent 4a1698a commit e515bcc
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,13 @@ RUN npm run build
# Final image that runs the app
FROM node:20.17.0-alpine3.20

# TODO: Check https://hub.docker.com/r/library/node/tags?name=alpine3.20
# - Remove ssl if CVE-2024-9143 is fixed (https://scout.docker.com/vulnerabilities/id/CVE-2024-9143?s=alpine)
# - Remove npm upgrade if CVE-2024-21538 is fixed (https://scout.docker.com/vulnerabilities/id/CVE-2024-21538?s=github)
RUN apk add --no-cache libssl3=3.3.2-r1 && \
npm update -g npm && npm cache clean --force && \
apk add --no-cache dumb-init && rm -rf /var/cache/apk/*

USER node
ENV NODE_ENV=production
ENV npm_config_cache=/tmp/.npm
Expand Down

0 comments on commit e515bcc

Please sign in to comment.