From 623f26836db4d0b0f3d8af2f4da5f6c149148e37 Mon Sep 17 00:00:00 2001 From: Chetan Nimbalkar Date: Tue, 10 Dec 2024 23:17:44 +0530 Subject: [PATCH 1/2] Fix: updated base alpine image for cve fixes --- Dockerfile | 2 +- Makefile | 1 + go.mod | 2 +- go.sum | 4 ++-- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index da166f6c8..b3b55b2cb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,7 @@ COPY . ./ RUN make build-docker -FROM alpine:latest +FROM cgr.dev/chainguard/wolfi-base:latest COPY --from=builder /go/src/github.com/infobloxopen/migrate/cmd/migrate/config /cli/config/ COPY --from=builder /go/src/github.com/infobloxopen/migrate/build/migrate.linux-386 /usr/local/bin/migrate diff --git a/Makefile b/Makefile index f623e7b29..28cb8a980 100644 --- a/Makefile +++ b/Makefile @@ -3,6 +3,7 @@ DATABASE ?= postgres mysql redshift cassandra spanner cockroachdb yugabytedb cli DATABASE_TEST ?= $(DATABASE) sqlite sqlite3 sqlcipher BUILD_NUMBER ?= 0 VERSION ?= $(shell git describe --tags --long --dirty=-unsupported 2>/dev/null | cut -c 2-)-j$(BUILD_NUMBER) + TEST_FLAGS ?= REPO_OWNER ?= $(shell cd .. && basename "$$(pwd)") COVERAGE_DIR ?= .coverage diff --git a/go.mod b/go.mod index b3add0321..f8b31d7fc 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/go-sql-driver/mysql v1.5.0 github.com/gobuffalo/here v0.6.0 github.com/gocql/gocql v0.0.0-20210515062232-b7ef815b4556 - github.com/golang-jwt/jwt/v4 v4.4.2 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/google/go-github/v39 v39.2.0 github.com/hashicorp/go-multierror v1.1.1 diff --git a/go.sum b/go.sum index 8a7592063..eb5e55ded 100644 --- a/go.sum +++ b/go.sum @@ -241,8 +241,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= -github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA= From 3af10469fa0fcb8016495e51c02d7a751692fa3c Mon Sep 17 00:00:00 2001 From: Chetan Nimbalkar Date: Tue, 10 Dec 2024 23:18:44 +0530 Subject: [PATCH 2/2] removed unnecessary space --- Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/Makefile b/Makefile index 28cb8a980..f623e7b29 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,6 @@ DATABASE ?= postgres mysql redshift cassandra spanner cockroachdb yugabytedb cli DATABASE_TEST ?= $(DATABASE) sqlite sqlite3 sqlcipher BUILD_NUMBER ?= 0 VERSION ?= $(shell git describe --tags --long --dirty=-unsupported 2>/dev/null | cut -c 2-)-j$(BUILD_NUMBER) - TEST_FLAGS ?= REPO_OWNER ?= $(shell cd .. && basename "$$(pwd)") COVERAGE_DIR ?= .coverage