From 10d084a3ee27517023483d0921b2ccc8f5a2d5ba Mon Sep 17 00:00:00 2001 From: scribd-secbot <119979755+scribd-secbot@users.noreply.github.com> Date: Wed, 4 Oct 2023 09:24:53 -0700 Subject: [PATCH] fix: Dockerfile to reduce vulnerabilities (#28) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE310-APKTOOLS-1246341 - https://snyk.io/vuln/SNYK-ALPINE310-APKTOOLS-1534688 - https://snyk.io/vuln/SNYK-ALPINE310-BUSYBOX-1090151 - https://snyk.io/vuln/SNYK-ALPINE310-MUSL-458452 - https://snyk.io/vuln/SNYK-ALPINE310-MUSL-458452 Co-authored-by: snyk-bot --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d3b53d8..9dd91e0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ WORKDIR /app RUN CGO_ENABLED=0 GOOS=linux go build -ldflags '-extldflags "-static"' -FROM alpine:3.10.1 +FROM alpine:3.18.3 RUN addgroup --gid 1000 app && \ adduser --system --uid 1000 --ingroup app app