Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update kutt imge and modules #714

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from

Conversation

salmgazer
Copy link

closes #713

In this PR:

  1. Nodejs image has been changed to node:18-alpine
  2. Npm modules with vulnerabilities have been updated.
  3. redis image has been updated to redis:7.2.1-alpine
  4. postgres image has been updated to postgres:16.0-alpine

This has removed 15 severe vulnerabilities. See below

npm i

> [email protected] prepare
> husky install

husky - Git hooks installed

removed 9 packages, changed 3 packages, and audited 1354 packages in 1s

133 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

@rfedoruk
Copy link

rfedoruk commented Oct 8, 2023

Node 20 is probably going to be more secure, although I have not tried to build it myself so not sure if it would work. I think if the upgrade is already going to happen may be better to do that. Also may make sense to try and have separate build and run steps in the Dockerfile

@fama
Copy link

fama commented Nov 14, 2023

@salmgazer : Are you currently running kutt with these changes?

I was wondering why the added python.

Rest looks good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Update Nodejs Alpine image and node modules with vulnerabilities
3 participants