From 277e43c58df77c890ce9fd1a70317e86cba1d338 Mon Sep 17 00:00:00 2001 From: Dmitry Patsura Date: Mon, 8 Apr 2024 19:17:26 +0200 Subject: [PATCH] feat(docker): Security upgrade Node.js from 18.19.1 to 18.20.1 (#8094) https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN11-UTILLINUX-6508632 - https://snyk.io/vuln/SNYK-DEBIAN11-UTILLINUX-6508632 - https://snyk.io/vuln/SNYK-DEBIAN11-UTILLINUX-6508632 - https://snyk.io/vuln/SNYK-DEBIAN11-ZLIB-6008961 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-6564548 --------- Co-authored-by: snyk-bot --- .nvmrc | 2 +- packages/cubejs-docker/dev.Dockerfile | 2 +- packages/cubejs-docker/latest-debian-jdk.Dockerfile | 4 ++-- packages/cubejs-docker/latest.Dockerfile | 4 ++-- packages/cubejs-docker/local.Dockerfile | 2 +- packages/cubejs-docker/testing-drivers.Dockerfile | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.nvmrc b/.nvmrc index 3c5535cf60a0e..99c98cdd6a88f 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -18.19.1 +18.20.1 diff --git a/packages/cubejs-docker/dev.Dockerfile b/packages/cubejs-docker/dev.Dockerfile index 4cefdb01fecb0..d2e5760aed8aa 100644 --- a/packages/cubejs-docker/dev.Dockerfile +++ b/packages/cubejs-docker/dev.Dockerfile @@ -1,4 +1,4 @@ -FROM node:18.19.1-bullseye-slim AS base +FROM node:18.20.1-bullseye-slim AS base ARG IMAGE_VERSION=dev diff --git a/packages/cubejs-docker/latest-debian-jdk.Dockerfile b/packages/cubejs-docker/latest-debian-jdk.Dockerfile index fac8c48251efd..06480bd7485a5 100644 --- a/packages/cubejs-docker/latest-debian-jdk.Dockerfile +++ b/packages/cubejs-docker/latest-debian-jdk.Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile-upstream:master-experimental -FROM node:18.19.1-bullseye-slim as builder +FROM node:18.20.1-bullseye-slim as builder WORKDIR /cube COPY . . @@ -18,7 +18,7 @@ RUN apt-get update \ # action. So, a process will use the root lock file here. RUN yarn install --prod && yarn cache clean -FROM node:18.19.1-bullseye-slim +FROM node:18.20.1-bullseye-slim ARG IMAGE_VERSION=unknown diff --git a/packages/cubejs-docker/latest.Dockerfile b/packages/cubejs-docker/latest.Dockerfile index d247fece7ab38..7aaa29415d96a 100644 --- a/packages/cubejs-docker/latest.Dockerfile +++ b/packages/cubejs-docker/latest.Dockerfile @@ -1,4 +1,4 @@ -FROM node:18.19.1-bullseye-slim as builder +FROM node:18.20.1-bullseye-slim as builder WORKDIR /cube COPY . . @@ -17,7 +17,7 @@ RUN apt-get update \ # action. So, a process will use the root lock file here. RUN yarn install --prod && yarn cache clean -FROM node:18.19.1-bullseye-slim +FROM node:18.20.1-bullseye-slim ARG IMAGE_VERSION=unknown diff --git a/packages/cubejs-docker/local.Dockerfile b/packages/cubejs-docker/local.Dockerfile index a193e4f5c4a6b..d55365c6f90e2 100644 --- a/packages/cubejs-docker/local.Dockerfile +++ b/packages/cubejs-docker/local.Dockerfile @@ -1,7 +1,7 @@ ARG DEV_BUILD_IMAGE=cubejs/cube:build FROM $DEV_BUILD_IMAGE as build -FROM node:18.19.1-bullseye-slim +FROM node:18.20.1-bullseye-slim ARG IMAGE_VERSION=dev diff --git a/packages/cubejs-docker/testing-drivers.Dockerfile b/packages/cubejs-docker/testing-drivers.Dockerfile index 0ba441c9d5d6c..d9ab2aec50a07 100644 --- a/packages/cubejs-docker/testing-drivers.Dockerfile +++ b/packages/cubejs-docker/testing-drivers.Dockerfile @@ -1,7 +1,7 @@ ###################################################################### # Base image # ###################################################################### -FROM node:18.19.1-bullseye-slim AS base +FROM node:18.20.1-bullseye-slim AS base ARG IMAGE_VERSION=dev