diff --git a/.github/workflows/security_semgrep.yml b/.github/workflows/security_semgrep.yml index 3a613f09d1..29c5e7968e 100644 --- a/.github/workflows/security_semgrep.yml +++ b/.github/workflows/security_semgrep.yml @@ -9,7 +9,7 @@ jobs: name: Semgrep Analyze runs-on: ubuntu-latest container: - image: returntocorp/semgrep@sha256:11be9038036e2e0ad072cabd08c1241920ebef1489b8a0b1696487c8264a7e65 # 1.47.0 + image: returntocorp/semgrep@sha256:4cc2a2d7482901c6cdec930d46ab54c4de189ce48348e0fce80bd9f639c94a7e # 1.47.0 steps: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 diff --git a/frontend/Dockerfile b/frontend/Dockerfile index 1eafdde1a8..b729ace219 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -1,4 +1,4 @@ -FROM oven/bun@sha256:96ae5d400b552c372c377062c582785e2d816f49d3af5959fb0b5ec8dbdc0da5 +FROM oven/bun@sha256:9852e504d935fc3b238e10535deb94ff3e66064ad2187d79e57d625605e60c81 # hadolint ignore=DL3008 RUN apt-get update && apt-get -y --no-install-recommends install unzip && apt-get clean && rm -rf /var/lib/apt/lists/* RUN useradd -ms /bin/bash app diff --git a/frontend/Dockerfile.azure b/frontend/Dockerfile.azure index 0ebf043673..1cd8e577c5 100644 --- a/frontend/Dockerfile.azure +++ b/frontend/Dockerfile.azure @@ -1,6 +1,6 @@ # ---- Build Stage ---- # alpine -FROM oven/bun@sha256:96ae5d400b552c372c377062c582785e2d816f49d3af5959fb0b5ec8dbdc0da5 as build +FROM oven/bun@sha256:9852e504d935fc3b238e10535deb94ff3e66064ad2187d79e57d625605e60c81 as build RUN apt-get update && apt-get -y install unzip=6.0-26+deb11u1 --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* WORKDIR /home/bun/app