From 996d137128b33cee97d7dda1315a7c18fe34cf97 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 24 May 2024 21:38:01 +0000 Subject: [PATCH 1/4] fix: Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN11-ZLIB-6008961 - https://snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-6277510 - https://snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-6277510 - https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-531492 - https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-532215 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 424de89d..d30d2387 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG NODEJS_IMAGE=node:18-bullseye-slim +ARG NODEJS_IMAGE=node:22.1-bookworm-slim FROM --platform=$BUILDPLATFORM $NODEJS_IMAGE AS base # Install dependencies only when needed From 0996d8082d895b7fe3b00b8bea19ae2a52f8ea67 Mon Sep 17 00:00:00 2001 From: bleterrier Date: Sat, 25 May 2024 09:41:35 +0200 Subject: [PATCH 2/4] Upgrade Dockerfile image version + fix prisma openssl --- prisma/schema.prisma | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/prisma/schema.prisma b/prisma/schema.prisma index f2be671d..d52d1ebe 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -3,7 +3,8 @@ generator client { provider = "prisma-client-js" - binaryTargets = ["native", "debian-openssl-1.1.x", "linux-arm64-openssl-1.1.x"] + //binaryTargets = ["native", "debian-openssl-1.1.x", "linux-arm64-openssl-1.1.x"] + binaryTargets = ["native", "debian-openssl-1.1.x" ,"debian-openssl-3.0.x", "linux-arm64-openssl-1.1.x"] } datasource db { From b10e6bbe898274b8589b3e43a2ca26ef8057afe5 Mon Sep 17 00:00:00 2001 From: bleterrier Date: Sat, 25 May 2024 19:15:57 +0200 Subject: [PATCH 3/4] Bumped node image version to node:22.1-bookworm-slim in devcontainer dockerfile --- .devcontainer/Dockerfile.dev | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.devcontainer/Dockerfile.dev b/.devcontainer/Dockerfile.dev index 7b536628..63c52c87 100644 --- a/.devcontainer/Dockerfile.dev +++ b/.devcontainer/Dockerfile.dev @@ -1,4 +1,4 @@ -FROM node:18-bullseye-slim +FROM node:22.1-bookworm-slim ENV NODE_ENV development RUN apt update && apt install -y git curl sudo postgresql-client procps nano @@ -11,4 +11,4 @@ RUN apt update && apt install -y git curl sudo postgresql-client procps nano EXPOSE 3000 5555 ENV PORT 3000 -ENTRYPOINT ["/workspaces/.devcontainer/init-cmd.sh"] \ No newline at end of file +ENTRYPOINT ["/workspaces/.devcontainer/init-cmd.sh"] From 1630c6266b3b6ec3e08f6d6666e20f7f7f5b0b5c Mon Sep 17 00:00:00 2001 From: Bernt Christian Egeland Date: Sat, 25 May 2024 19:08:28 +0000 Subject: [PATCH 4/4] arm64 openssl --- prisma/schema.prisma | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/prisma/schema.prisma b/prisma/schema.prisma index d52d1ebe..963128ec 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -3,8 +3,7 @@ generator client { provider = "prisma-client-js" - //binaryTargets = ["native", "debian-openssl-1.1.x", "linux-arm64-openssl-1.1.x"] - binaryTargets = ["native", "debian-openssl-1.1.x" ,"debian-openssl-3.0.x", "linux-arm64-openssl-1.1.x"] + binaryTargets = ["native", "debian-openssl-3.0.x", "linux-arm64-openssl-3.0.x"] } datasource db {