File tree Expand file tree Collapse file tree 1 file changed +7
-8
lines changed
Expand file tree Collapse file tree 1 file changed +7
-8
lines changed Original file line number Diff line number Diff line change 11# syntax=docker/dockerfile:1.4
22
33# Build stage
4- # Using node:22-alpine with OpenSSL 3.3.2+ to address CVE-2024-6119
5- # Pinned to specific SHA256 digest for supply chain security and deterministic builds
6- # To update: podman pull node:22-alpine && podman inspect node:22-alpine --format '{{index .RepoDigests 0}}'
7- # Last updated: 2025-10-24
8- FROM node:22-alpine@sha256:d31216005bd330aa47f848822d4f269f6c79f0905b60cca1d87577149519daa6 AS builder
4+ # Using node:22.1.0-alpine with OpenSSL 3.3.2+ to address CVE-2024-6119
5+ # Pinned to AMD64-specific SHA256 digest for supply chain security and deterministic builds
6+ # To update: docker pull --platform linux/amd64 node:22.1.0-alpine && docker inspect --format='{{index .RepoDigests 0}}' node:22.1.0-alpine
7+ FROM node:22.1.0-alpine@sha256:487dc5d5122d578e13f2231aa4ac0f63068becd921099c4c677c850df93bede8 AS builder
98
109# Set build-time variables for reproducibility
1110ARG NODE_ENV=development
@@ -55,9 +54,9 @@ COPY . .
5554RUN npm run build
5655
5756# Production stage
58- # Using node:22-alpine with OpenSSL 3.3.2+ to address CVE-2024-6119
59- # Pinned to specific SHA256 digest for supply chain security and deterministic builds
60- FROM node:22-alpine@sha256:d31216005bd330aa47f848822d4f269f6c79f0905b60cca1d87577149519daa6 AS production
57+ # Using node:22.1.0 -alpine with OpenSSL 3.3.2+ to address CVE-2024-6119
58+ # Pinned to AMD64- specific SHA256 digest for supply chain security and deterministic builds
59+ FROM node:22.1.0 -alpine@sha256:487dc5d5122d578e13f2231aa4ac0f63068becd921099c4c677c850df93bede8 AS production
6160
6261# Declare build arguments in production stage
6362ARG PORT=3081
You can’t perform that action at this time.
0 commit comments