akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

chore(docker): pin golang base images to 1.25.4-alpine to satisfy hadolint DL3006

Browse Source
This commit is contained in:
GitHub Actions
2025-11-30 00:36:20 +00:00
parent 2014ff9fce
commit 00b2bc798a
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@@ -48,7 +48,7 @@ RUN --mount=type=cache,target=/app/frontend/node_modules/.cache \
npm run build
# ---- Backend Builder ----
FROM --platform=$BUILDPLATFORM golang:alpine AS backend-builder
FROM --platform=$BUILDPLATFORM golang:1.25.4-alpine AS backend-builder
# Copy xx helpers for cross-compilation
COPY --from=xx / /
@@ -98,7 +98,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
# ---- Caddy Builder ----
# Build Caddy from source to ensure we use the latest Go version and dependencies
# This fixes vulnerabilities found in the pre-built Caddy images (e.g. CVE-2025-59530, stdlib issues)
FROM --platform=$BUILDPLATFORM golang:alpine AS caddy-builder
FROM --platform=$BUILDPLATFORM golang:1.25.4-alpine AS caddy-builder
ARG TARGETOS
ARG TARGETARCH
ARG CADDY_VERSION