Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin golang Docker tag to f7b989b - autoclosed #235

Closed
wants to merge 1 commit into from
Closed

Pin golang Docker tag to f7b989b - autoclosed #235

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 19, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Type Update Change
golang final pinDigest -> f7b989b

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner January 19, 2024 10:09
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 19, 2024
View reviewed changes
Dockerfile
@@ -1,4 +1,4 @@
FROM golang:1.20-alpine
FROM golang:1.20-alpine@sha256:f7b989b7892ae3e768a2c84b622884b9160df135421559f8932ad4f0d64ea4c8

Check failure

Code scanning / Trivy

Image user should not be 'root' High

Artifact: Dockerfile\nType: dockerfile\nVulnerability DS002\nSeverity: HIGH\nMessage: Specify at least 1 USER command in Dockerfile with non-root user as argument\nLink: DS002
Dockerfile
@@ -1,4 +1,4 @@
FROM golang:1.20-alpine
FROM golang:1.20-alpine@sha256:f7b989b7892ae3e768a2c84b622884b9160df135421559f8932ad4f0d64ea4c8

Check notice

Code scanning / Trivy

No HEALTHCHECK defined Low

Artifact: Dockerfile\nType: dockerfile\nVulnerability DS026\nSeverity: LOW\nMessage: Add HEALTHCHECK instruction in your Dockerfile\nLink: DS026
@renovate renovate bot force-pushed the renovate/pin-dependencies branch 6 times, most recently from 61af8e0 to ddd6c28 Compare January 19, 2024 15:38
@renovate renovate bot changed the title Pin dependencies Pin golang Docker tag to f7b989b Jan 19, 2024
@renovate renovate bot force-pushed the renovate/pin-dependencies branch 2 times, most recently from 2ecf0f6 to 2b36875 Compare January 19, 2024 15:47
@renovate renovate bot force-pushed the renovate/pin-dependencies branch from 2b36875 to f2bd6ff Compare January 21, 2024 15:06
@renovate renovate bot changed the title Pin golang Docker tag to f7b989b Pin golang Docker tag to f7b989b - autoclosed Jan 21, 2024
@renovate renovate bot closed this Jan 21, 2024
@renovate renovate bot deleted the renovate/pin-dependencies branch January 21, 2024 15:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diegoluisi diegoluisi Awaiting requested review from diegoluisi

Assignees

@diegoluisi diegoluisi

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@diegoluisi