Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HOFF-409: Fix Vulnerabilities #654

Draft
wants to merge 11 commits into
base: master
Choose a base branch
from
Draft

HOFF-409: Fix Vulnerabilities #654

wants to merge 11 commits into from

Conversation

gadorcruz
Copy link
Contributor

What?

Update the following to fix the current vulnerabilities:

  • node image to 20.16.0
  • remove snyk
  • add trivy to scan image and packages
  • update slack and cron jobs
  • update dockerfile node version
  • update hof package to 21.0.6

Why?

The current node image and packages has critical, high and medium vulnerabilities that need fixing

How?

Update the .drone.yml, dockerfile and json package

Testing?

Screenshots (optional)

Anything Else? (optional)

Check list

  • I have reviewed my own pull request for linting issues (e.g. adding new lines)
  • I have written tests (if relevant)
  • I have created a JIRA number for my branch
  • I have created a JIRA number for my commit
  • I have followed the chris beams method for my commit https://cbea.ms/git-commit/
    here is an example commit
  • Ensure drone builds are green especially tests
  • I will squash the commits before merging

@gadorcruz gadorcruz marked this pull request as draft August 29, 2024 13:05
@gadorcruz
Copy link
Contributor Author

This PR is for information only until the node packages are updated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@gadorcruz