jason.woltje/professional-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e67727e0090dd349737a06b89db19685e362db02
professional-website/Dockerfile
Jason Woltje e67727e009
All checks were successful
ci/woodpecker/push/web Pipeline was successful
Details
ci/woodpecker/pr/web Pipeline was successful
Details
fix(docker): remove bundled npm from runner to eliminate Trivy CVE matches 
The node:24-alpine base image ships /usr/local/lib/node_modules/npm which
bundles outdated minimatch, picomatch, and tar. We run the standalone Next
server with 'node server.js' at runtime and never need npm/corepack in the
runner, so delete them entirely. Clears CVE-2026-27903/27904/33671/29786/31802.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-13 22:47:49 -05:00

2.0 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink