[FOLIO-3634] platform-complete Dockerfile apk upgrade Node and nginx fixing curl Created: 08/Nov/22 Updated: 09/Nov/22 Resolved: 09/Nov/22 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | Continuous Integration |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | TBD |
| Reporter: | Julian Ladisch | Assignee: | Julian Ladisch |
| Resolution: | Done | Votes: | 0 |
| Labels: | security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||||||
| Sprint: | |||||||||||||||||
| Development Team: | Stripes Force | ||||||||||||||||
| RCA Group: | Related dependency upgrade | ||||||||||||||||
| Description |
|
Use apk upgrade in This will upgrade curl fixing Double Free and Cleartext Transmission of Sensitive Information: Replace FROM node:lts-alpine3.14 as stripes_build by FROM node:16-alpine as stripes_build because the alpine3.14 is no longer maintained and Node 16 is no longer active LTS. We need Node 16 because postcss-nesting doesn't support Node 18. |