Skip to content

Commit 88c9204

Browse files
chorrellchorrell
committed
Merge pull request #108 from infosiftr/fix-gpg
Fix "gpg" usage to stop relying on deprecated and insecure behavior
2 parents 1a4f0d2 + 3626d29 commit 88c9204

File tree

12 files changed

+36
-36
lines changed

12 files changed

+36
-36
lines changed

0.10/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,10 @@ ENV NPM_VERSION 2.14.1
2020

2121
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2222
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
23-
&& gpg --verify SHASUMS256.txt.asc \
24-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
23+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
24+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2525
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
26-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc \
26+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
2727
&& npm install -g npm@"$NPM_VERSION" \
2828
&& npm cache clear
2929

0.10/slim/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ RUN buildDeps='curl ca-certificates xz-utils' \
2424
&& rm -rf /var/lib/apt/lists/* \
2525
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2626
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
27-
&& gpg --verify SHASUMS256.txt.asc \
28-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
27+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
28+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2929
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
30-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc \
30+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
3131
&& apt-get purge -y --auto-remove $buildDeps \
3232
&& npm install -g npm@"$NPM_VERSION" \
3333
&& npm cache clear

0.10/wheezy/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,10 @@ ENV NPM_VERSION 2.14.1
2020

2121
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2222
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
23-
&& gpg --verify SHASUMS256.txt.asc \
24-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
23+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
24+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2525
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
26-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc \
26+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
2727
&& npm install -g npm@"$NPM_VERSION" \
2828
&& npm cache clear
2929

0.12/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,9 @@ ENV NODE_VERSION 0.12.10
1919

2020
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2121
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
22-
&& gpg --verify SHASUMS256.txt.asc \
23-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
22+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
23+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2424
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
25-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc
25+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt
2626

2727
CMD [ "node" ]

0.12/slim/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,10 +23,10 @@ RUN buildDeps='curl ca-certificates xz-utils' \
2323
&& rm -rf /var/lib/apt/lists/* \
2424
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2525
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
26-
&& gpg --verify SHASUMS256.txt.asc \
27-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
26+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
27+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2828
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
29-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc \
29+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
3030
&& apt-get purge -y --auto-remove $buildDeps
3131

3232
CMD [ "node" ]

0.12/wheezy/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,9 @@ ENV NODE_VERSION 0.12.10
1919

2020
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2121
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
22-
&& gpg --verify SHASUMS256.txt.asc \
23-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
22+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
23+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2424
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
25-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc
25+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt
2626

2727
CMD [ "node" ]

4.3/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,9 +20,9 @@ ENV NODE_VERSION 4.3.1
2020

2121
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2222
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
23-
&& gpg --verify SHASUMS256.txt.asc \
24-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
23+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
24+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2525
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
26-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc
26+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt
2727

2828
CMD [ "node" ]

4.3/slim/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ RUN buildDeps='xz-utils' \
2424
&& rm -rf /var/lib/apt/lists/* \
2525
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2626
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
27-
&& gpg --verify SHASUMS256.txt.asc \
28-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
27+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
28+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2929
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
30-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc \
30+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
3131
&& apt-get purge -y --auto-remove $buildDeps
3232

3333
CMD [ "node" ]

4.3/wheezy/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,9 +20,9 @@ ENV NODE_VERSION 4.3.1
2020

2121
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2222
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
23-
&& gpg --verify SHASUMS256.txt.asc \
24-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
23+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
24+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2525
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
26-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc
26+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt
2727

2828
CMD [ "node" ]

5.7/Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,9 +20,9 @@ ENV NODE_VERSION 5.7.0
2020

2121
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
2222
&& curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
23-
&& gpg --verify SHASUMS256.txt.asc \
24-
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt.asc | sha256sum -c - \
23+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
24+
&& grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
2525
&& tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \
26-
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc
26+
&& rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt
2727

2828
CMD [ "node" ]

0 commit comments

Comments
 (0)