Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Python image version to 3.9.18 #2456

Merged
merged 1 commit into from
Aug 31, 2023
Merged

Update Python image version to 3.9.18 #2456

merged 1 commit into from
Aug 31, 2023

Conversation

WadeBarnes
Copy link
Contributor

  • Reduces the number of vulnerabilities in the image.

@WadeBarnes
Update Python image version to 3.9.18
3a0b779 
- Reduces the number of vulnerabilities in the image.

Signed-off-by: Wade Barnes <[email protected]>
@WadeBarnes WadeBarnes requested review from swcurran and dbluhm August 31, 2023 12:25
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@swcurran
Copy link
Contributor

I noticed that Synk is saying this is making “no change detected” — as we are still using Bullseye Slim 3.9.16. Is there a Bullseye Slim 3.9.18 that we should also update to as part of this?

@dbluhm
Copy link
Contributor

dbluhm commented Aug 31, 2023

Slim-bookworm, perhaps?

@WadeBarnes
Copy link
Contributor Author

I noticed that Synk is saying this is making “no change detected” — as we are still using Bullseye Slim 3.9.16. Is there a Bullseye Slim 3.9.18 that we should also update to as part of this?

The Synk scan for the PR is not scanning the docker file. I'm basing this change off the Synk scan that includes the dockerfiles.

@WadeBarnes
Copy link
Contributor Author

Slim-bookworm, perhaps?

I recall that breaking things when we tried it, but I could try again.

@dbluhm
Copy link
Contributor

dbluhm commented Aug 31, 2023

Slim-bookworm, perhaps?

I recall that breaking things when we tried it, but I could try again.

I was mostly speculating on why the Snyk scan didn't report any changes. Your other comment explained that 🙂 Would be interesting to see if that change further resolved reported vulnerabilities and what breaks as a result but that doesn't seem like an urgent need right now.

@WadeBarnes
Copy link
Contributor Author

Slim-bookworm, perhaps?

I recall that breaking things when we tried it, but I could try again.

On the surface building with slim-bookworm succeeds. However I think we should introduce this through the nightly tests as part of the matrix first to make sure there are no surprises. I'll enter a ticket for that.

@WadeBarnes
Copy link
Contributor Author

Slim-bookworm, perhaps?

I recall that breaking things when we tried it, but I could try again.

I was mostly speculating on why the Snyk scan didn't report any changes. Your other comment explained that 🙂 Would be interesting to see if that change further resolved reported vulnerabilities and what breaks as a result but that doesn't seem like an urgent need right now.

Based on the report here, there's not too much of a difference; https://hub.docker.com/_/python/tags?page=1&name=3.9

@WadeBarnes WadeBarnes merged commit 39cac36 into openwallet-foundation:main Aug 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dbluhm dbluhm dbluhm approved these changes

@swcurran swcurran swcurran approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@WadeBarnes @swcurran @dbluhm