Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-16 21:56:25 -05:00
Code Issues Activity

fix: Dockerfile to reduce vulnerabilities (#3073)

Browse source 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE315-LIBRETLS-2428776
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-2426331
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-2426331
This commit is contained in:
Snyk bot 2022-03-21 11:25:18 +00:00 committed by GitHub
parent 5199775a06
commit 98a40887f5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Dockerfile
View file

@ -1,4 +1,4 @@
FROM --platform=${BUILDPLATFORM:-linux/amd64} node:16.13.2-alpine as builder
FROM --platform=${BUILDPLATFORM:-linux/amd64} node:16.14.2-alpine as builder
ENV NODE_ENV=development \
VERDACCIO_BUILD_REGISTRY=https://registry.verdaccio.org
@ -20,7 +20,7 @@ RUN npm -g i pnpm@6.24.1 && \
# FIXME: need to remove devDependencies from the build
# RUN pnpm install --prod --ignore-scripts
FROM node:16.13.2-alpine
FROM node:16.14.2-alpine
LABEL maintainer="https://github.com/verdaccio/verdaccio"
ENV VERDACCIO_APPDIR=/opt/verdaccio \