Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Umbrel v1.2.2 #311

Open
wants to merge 3 commits into
base: development
Choose a base branch
from
Open

Umbrel v1.2.2 #311

wants to merge 3 commits into from

Conversation

PeterNashaat
Copy link
Member

  • Updating Umbrel to latest version.

@PeterNashaat PeterNashaat mentioned this pull request Oct 31, 2024
Open
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 31, 2024
View reviewed changes
tfgrid3/umbrel/app/Dockerfile
@@ -0,0 +1,92 @@
FROM --platform=$BUILDPLATFORM debian:bookworm-slim AS base

Check failure

Code scanning / Trivy

Image user should not be 'root' High

Artifact: tfgrid3/umbrel/app/Dockerfile
Type: dockerfile
Vulnerability DS002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS002
tfgrid3/umbrel/app/Dockerfile
Comment on lines +4 to +6
RUN apt-get update && \
apt-get install -y git && \
rm -rf /var/lib/apt/lists/*

Check failure

Code scanning / Trivy

'apt-get' missing '--no-install-recommends' High

Artifact: tfgrid3/umbrel/app/Dockerfile
Type: dockerfile
Vulnerability DS029
Severity: HIGH
Message: '--no-install-recommends' flag is missed: 'apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/*'
Link: DS029
tfgrid3/umbrel/flist/Dockerfile
@@ -0,0 +1,24 @@
FROM ubuntu:22.04

Check failure

Code scanning / Trivy

Image user should not be 'root' High

Artifact: tfgrid3/umbrel/flist/Dockerfile
Type: dockerfile
Vulnerability DS002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS002
tfgrid3/umbrel/flist/Dockerfile
Comment on lines +3 to +6
RUN apt-get update && DEBIAN_FRONTEND=noninteractive\
apt-get -qq install curl net-tools iputils-ping openssh-server docker.io \
fswatch jq rsync sudo iproute2 git gettext-base python3 gnupg avahi-daemon avahi-discover libnss-mdns \
&& rm -rf /var/lib/apt/lists/*

Check failure

Code scanning / Trivy

'apt-get' missing '-y' to avoid manual input High

Artifact: tfgrid3/umbrel/flist/Dockerfile
Type: dockerfile
Vulnerability DS021
Severity: HIGH
Message: '-y' flag is missed: 'apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -qq install curl net-tools iputils-ping openssh-server docker.io fswatch jq rsync sudo iproute2 git gettext-base python3 gnupg avahi-daemon avahi-discover libnss-mdns && rm -rf /var/lib/apt/lists/*'
Link: DS021
tfgrid3/umbrel/flist/Dockerfile
Comment on lines +3 to +6
RUN apt-get update && DEBIAN_FRONTEND=noninteractive\
apt-get -qq install curl net-tools iputils-ping openssh-server docker.io \
fswatch jq rsync sudo iproute2 git gettext-base python3 gnupg avahi-daemon avahi-discover libnss-mdns \
&& rm -rf /var/lib/apt/lists/*

Check failure

Code scanning / Trivy

'apt-get' missing '--no-install-recommends' High

Artifact: tfgrid3/umbrel/flist/Dockerfile
Type: dockerfile
Vulnerability DS029
Severity: HIGH
Message: '--no-install-recommends' flag is missed: 'apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -qq install curl net-tools iputils-ping openssh-server docker.io fswatch jq rsync sudo iproute2 git gettext-base python3 gnupg avahi-daemon avahi-discover libnss-mdns && rm -rf /var/lib/apt/lists/*'
Link: DS029
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hossnys hossnys Awaiting requested review from hossnys hossnys is a code owner

@coesensbert coesensbert Awaiting requested review from coesensbert coesensbert is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@PeterNashaat