[Snyk] Security upgrade node from alpine to 21.2-alpine3.18 #319

wkylin · 2023-12-01T14:35:00Z

This PR was automatically created by Snyk using the credentials of a real user.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

Dockerfile

We recommend upgrading to node:21.2-alpine3.18, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Priority Score / 1000	Issue	Exploit Maturity
614	CVE-2023-5363 SNYK-ALPINE318-OPENSSL-6032386	No Known Exploit
614	CVE-2023-5363 SNYK-ALPINE318-OPENSSL-6032386	No Known Exploit
586	Improper Check for Unusual or Exceptional Conditions SNYK-ALPINE318-OPENSSL-6055795	No Known Exploit
586	Improper Check for Unusual or Exceptional Conditions SNYK-ALPINE318-OPENSSL-6055795	No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE318-OPENSSL-6032386 - https://snyk.io/vuln/SNYK-ALPINE318-OPENSSL-6032386 - https://snyk.io/vuln/SNYK-ALPINE318-OPENSSL-6055795 - https://snyk.io/vuln/SNYK-ALPINE318-OPENSSL-6055795

vercel · 2023-12-01T14:35:02Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
pro-react-admin	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Dec 1, 2023 2:35pm

what-the-diff · 2023-12-01T14:35:22Z

PR 总结

“FROM”行在Dockerfile中已从node:alpine更新为node:21.2-alpine3.18
这个更改将我们Docker容器的基础节点环境从旧的node:alpine版本更新到了新版的node:21.2-alpine3.18，这将帮助我们的应用享受最新的功能改进和安全性更新。