docker-base icon indicating copy to clipboard operation
docker-base copied to clipboard

Published 20 hours ago verified publisher icon appwrite

chore: bump base image php version for security

Open PeterDaveHello opened this issue 7 months ago • 4 comments

For both base image dependency and php version security issues, references:

  • https://www.php.net/releases/8_3_19.php
  • https://hub.docker.com/layers/library/php/8.3.17-cli-alpine3.20/images/sha256-a587eaad09c7529d1c89b4963998c7f641ad2293d41d26b133ca6b7bb575f6a2

PeterDaveHello avatar Apr 08 '25 16:04 PeterDaveHello

cc @ChiragAgg5k

PeterDaveHello avatar Apr 08 '25 16:04 PeterDaveHello

@PeterDaveHello thanks for raising this PR. can you please do a Trivy scan and share the before and after results?

ChiragAgg5k avatar Apr 08 '25 16:04 ChiragAgg5k

I think the Docker Hub result is more significant

PeterDaveHello avatar Apr 08 '25 16:04 PeterDaveHello

@PeterDaveHello you are correct, docker hub result is indeed important. but that just verifies vulnerabilities in the image u shared. there might be more due to other dependencies installed. thats why we use trivy scan in our repos.

ChiragAgg5k avatar Apr 11 '25 15:04 ChiragAgg5k

Closing as superseded by https://github.com/appwrite/docker-base/pull/46

abnegate avatar Aug 08 '25 10:08 abnegate