Re-pin Docker base image in Dockerfile

[atomist]

This pull request re-pins the Docker base image alpine:3.14 in Dockerfile to the current digest.

nodejs-service/Dockerfile

Line 1 in 50e8d9b

FROM alpine:3.14@sha256:bd9137c3bb45dbc40cde0f0e19a8b9064c2bc485466221f5e95eb72b0d0cf82e

Changelog for alpine:3.14

Commit

New image build caused by commit docker-library/official-images@6066110 to library/alpine:

alpine: snapshot 20230901

---

Comparison

Comparing Docker image alpine:3.14 at digests

Current sha256:eb3e4e175ba6d212ba1d6e04fc0782916c08e1c9d7b45892e9796141b1d379ae (5.3mb) and
Proposed sha256:bd9137c3bb45dbc40cde0f0e19a8b9064c2bc485466221f5e95eb72b0d0cf82e (5.1mb):

Packages

No package differences detected

Files

The following file modifications were detected:

Name	Current	Proposed	Diff
/bin/busybox	810kb	858kb	48kb
/etc/apk/arch	7b	8b	1b
/etc/apk/keys/alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub		-	0b
/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub		-	0b
/etc/apk/keys/alpine-devel@lists.alpinelinux.org-524d27bb.rsa.pub		+	451b
/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub		-	0b
/etc/apk/keys/alpine-devel@lists.alpinelinux.org-58199dcc.rsa.pub		+	451b
/lib/apk/db/installed	12kb	12kb	-60b
/lib/apk/db/triggers	76b	76b	0b
/lib/ld-musl-aarch64.so.1		+	618kb
/lib/ld-musl-x86_64.so.1		-	0b
/lib/libapk.so.3.12.0	180kb	179kb	-160b
/lib/libc.musl-aarch64.so.1		+	20b
/lib/libc.musl-x86_64.so.1		-	0b
/lib/libcrypto.so.1.1	2.5mb	2.2mb	-257kb
/lib/libssl.so.1.1	511kb	503kb	-8.1kb
/lib/libz.so.1.2.11	98kb	90kb	-8.1kb
/sbin/apk	68kb	68kb	-376b
/sbin/mkmntdirs	14kb	5.6kb	-8.1kb
/usr/bin/getconf	36kb	33kb	-3.1kb
/usr/bin/getent	52kb	49kb	-3.2kb
/usr/bin/iconv	25kb	21kb	-3.2kb
/usr/bin/ldd	52b	53b	1b
/usr/bin/scanelf	78kb	78kb	-56b
/usr/bin/ssl_client	14kb	9.6kb	-4.1kb
/usr/lib/engines-1.1/afalg.so	22kb	18kb	-4.1kb
/usr/lib/engines-1.1/capi.so	14kb	5.6kb	-8.0kb
/usr/lib/engines-1.1/padlock.so	26kb	5.6kb	-20kb
/usr/lib/libtls.so.2.0.3	70kb	66kb	-4.1kb

History

The following differences in docker history were detected:

-/bin/sh -c #(nop) ADD file:34eb5c40aa00028921a224d1764ae1b1f3ef710d191e4dfc7df55e0594aa7217 in /
+/bin/sh -c #(nop) ADD file:1a8fd1066485e1261462e689c1a072f010c1d3be904b73ef2b84128fac652951 in /
 /bin/sh -c #(nop)  CMD ["/bin/sh"]

Ports

No different exposed ports detected

Environment Variables

No different environment variables detected

---

Pinning FROM lines to digests makes your builds repeatable. Atomist will raise new pull requests whenever the tag moves, so that you know when the base image has been updated. You can follow a new tag at any time. Just replace the digest with the new tag you want to follow. Atomist, will switch to following this new tag.

---

File changed:

• Dockerfile

[atomist]

Dockerfile

ghcr.io/vonwig/nodejs-service:62ef81c linux/amd64

Vulnerabilities

Comparison

👏 No new critical or high vulnerabilities compared with target branch main

---

Dockerfile

vonwig/nodejs-service:62ef81c linux/amd64

Vulnerabilities

Comparison

👏 No new critical or high vulnerabilities compared with target branch main
👏 No new critical or high vulnerabilities compared with demo/production

---

More details are available in the vulnerability report