fix(frontend): remediate Trivy vulnerabilities in build image
This commit is contained in:
@@ -18,6 +18,9 @@ LABEL maintainer="Sean Morley" \
|
||||
# The WORKDIR instruction sets the working directory for everything that will happen next
|
||||
WORKDIR /app
|
||||
|
||||
# Upgrade zlib to include Alpine security fixes
|
||||
RUN apk upgrade --no-cache zlib
|
||||
|
||||
# Install pnpm globally first
|
||||
RUN npm install -g pnpm
|
||||
|
||||
@@ -46,4 +49,4 @@ USER node:node
|
||||
EXPOSE 3000
|
||||
|
||||
# Run startup.sh instead of the default command
|
||||
CMD ["./startup.sh"]
|
||||
CMD ["./startup.sh"]
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
"@iconify-json/mdi": "^1.2.3",
|
||||
"@sveltejs/adapter-node": "^5.5.4",
|
||||
"@sveltejs/adapter-vercel": "^5.10.3",
|
||||
"@sveltejs/kit": "2.20.0",
|
||||
"@sveltejs/kit": "^2.49.5",
|
||||
"@sveltejs/vite-plugin-svelte": "^3.1.2",
|
||||
"@tailwindcss/typography": "^0.5.19",
|
||||
"@types/node": "^22.19.15",
|
||||
|
||||
67
frontend/pnpm-lock.yaml
generated
67
frontend/pnpm-lock.yaml
generated
@@ -66,13 +66,13 @@ importers:
|
||||
version: 1.2.3
|
||||
'@sveltejs/adapter-node':
|
||||
specifier: ^5.5.4
|
||||
version: 5.5.4(@sveltejs/kit@2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))
|
||||
version: 5.5.4(@sveltejs/kit@2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15)))
|
||||
'@sveltejs/adapter-vercel':
|
||||
specifier: ^5.10.3
|
||||
version: 5.10.3(@sveltejs/kit@2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(rollup@4.59.0)
|
||||
version: 5.10.3(@sveltejs/kit@2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15)))(rollup@4.59.0)
|
||||
'@sveltejs/kit':
|
||||
specifier: 2.20.0
|
||||
version: 2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))
|
||||
specifier: ^2.49.5
|
||||
version: 2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15))
|
||||
'@sveltejs/vite-plugin-svelte':
|
||||
specifier: ^3.1.2
|
||||
version: 3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))
|
||||
@@ -591,6 +591,14 @@ packages:
|
||||
cpu: [x64]
|
||||
os: [win32]
|
||||
|
||||
'@standard-schema/spec@1.1.0':
|
||||
resolution: {integrity: sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==}
|
||||
|
||||
'@sveltejs/acorn-typescript@1.0.9':
|
||||
resolution: {integrity: sha512-lVJX6qEgs/4DOcRTpo56tmKzVPtoWAaVbL4hfO7t7NVwl9AAXzQR6cihesW1BmNMPl+bK6dreu2sOKBP2Q9CIA==}
|
||||
peerDependencies:
|
||||
acorn: ^8.9.0
|
||||
|
||||
'@sveltejs/adapter-node@5.5.4':
|
||||
resolution: {integrity: sha512-45X92CXW+2J8ZUzPv3eLlKWEzINKiiGeFWTjyER4ZN4sGgNoaoeSkCY/QYNxHpPXy71QPsctwccBo9jJs0ySPQ==}
|
||||
peerDependencies:
|
||||
@@ -601,14 +609,21 @@ packages:
|
||||
peerDependencies:
|
||||
'@sveltejs/kit': ^2.4.0
|
||||
|
||||
'@sveltejs/kit@2.20.0':
|
||||
resolution: {integrity: sha512-xCUGevE2GFhpDAxZiVOsk6HKaBicwU7uWYcMOcpHCDcjoN6mKBIeMEzuddRMqSA4zjbeA+RcillCv1ppkWRwSQ==}
|
||||
'@sveltejs/kit@2.53.4':
|
||||
resolution: {integrity: sha512-iAIPEahFgDJJyvz8g0jP08KvqnM6JvdW8YfsygZ+pMeMvyM2zssWMltcsotETvjSZ82G3VlitgDtBIvpQSZrTA==}
|
||||
engines: {node: '>=18.13'}
|
||||
hasBin: true
|
||||
peerDependencies:
|
||||
'@sveltejs/vite-plugin-svelte': ^3.0.0 || ^4.0.0-next.1 || ^5.0.0
|
||||
'@opentelemetry/api': ^1.0.0
|
||||
'@sveltejs/vite-plugin-svelte': ^3.0.0 || ^4.0.0-next.1 || ^5.0.0 || ^6.0.0-next.0 || ^7.0.0
|
||||
svelte: ^4.0.0 || ^5.0.0-next.0
|
||||
vite: ^5.0.3 || ^6.0.0
|
||||
typescript: ^5.3.3
|
||||
vite: ^5.0.3 || ^6.0.0 || ^7.0.0-beta.0 || ^8.0.0
|
||||
peerDependenciesMeta:
|
||||
'@opentelemetry/api':
|
||||
optional: true
|
||||
typescript:
|
||||
optional: true
|
||||
|
||||
'@sveltejs/vite-plugin-svelte-inspector@2.1.0':
|
||||
resolution: {integrity: sha512-9QX28IymvBlSCqsCll5t0kQVxipsfhFFL+L2t3nTWfXnddYwxBuAEtTtlaVQpRz9c37BhJjltSeY4AJSC03SSg==}
|
||||
@@ -1092,9 +1107,6 @@ packages:
|
||||
ieee754@1.2.1:
|
||||
resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==}
|
||||
|
||||
import-meta-resolve@4.2.0:
|
||||
resolution: {integrity: sha512-Iqv2fzaTQN28s/FwZAoFq0ZSs/7hMAHJVX+w8PZl3cY19Pxk6jFFalxQoIfW2826i/fDLXv8IiEZRIT0lDuWcg==}
|
||||
|
||||
inflight@1.0.6:
|
||||
resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==}
|
||||
deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
|
||||
@@ -1567,8 +1579,8 @@ packages:
|
||||
set-blocking@2.0.0:
|
||||
resolution: {integrity: sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==}
|
||||
|
||||
set-cookie-parser@2.7.2:
|
||||
resolution: {integrity: sha512-oeM1lpU/UvhTxw+g3cIfxXHyJRc/uidd3yK1P242gzHds0udQBYzs3y8j4gCCW+ZJ7ad0yctld8RYO+bdurlvw==}
|
||||
set-cookie-parser@3.0.1:
|
||||
resolution: {integrity: sha512-n7Z7dXZhJbwuAHhNzkTti6Aw9QDDjZtm3JTpTGATIdNzdQz5GuFs22w90BcvF4INfnrL5xrX3oGsuqO5Dx3A1Q==}
|
||||
|
||||
shebang-command@2.0.0:
|
||||
resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==}
|
||||
@@ -2267,17 +2279,23 @@ snapshots:
|
||||
'@rollup/rollup-win32-x64-msvc@4.59.0':
|
||||
optional: true
|
||||
|
||||
'@sveltejs/adapter-node@5.5.4(@sveltejs/kit@2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))':
|
||||
'@standard-schema/spec@1.1.0': {}
|
||||
|
||||
'@sveltejs/acorn-typescript@1.0.9(acorn@8.16.0)':
|
||||
dependencies:
|
||||
acorn: 8.16.0
|
||||
|
||||
'@sveltejs/adapter-node@5.5.4(@sveltejs/kit@2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15)))':
|
||||
dependencies:
|
||||
'@rollup/plugin-commonjs': 29.0.2(rollup@4.59.0)
|
||||
'@rollup/plugin-json': 6.1.0(rollup@4.59.0)
|
||||
'@rollup/plugin-node-resolve': 16.0.3(rollup@4.59.0)
|
||||
'@sveltejs/kit': 2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))
|
||||
'@sveltejs/kit': 2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15))
|
||||
rollup: 4.59.0
|
||||
|
||||
'@sveltejs/adapter-vercel@5.10.3(@sveltejs/kit@2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(rollup@4.59.0)':
|
||||
'@sveltejs/adapter-vercel@5.10.3(@sveltejs/kit@2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15)))(rollup@4.59.0)':
|
||||
dependencies:
|
||||
'@sveltejs/kit': 2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))
|
||||
'@sveltejs/kit': 2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15))
|
||||
'@vercel/nft': 0.30.4(rollup@4.59.0)
|
||||
esbuild: 0.26.0
|
||||
transitivePeerDependencies:
|
||||
@@ -2285,22 +2303,25 @@ snapshots:
|
||||
- rollup
|
||||
- supports-color
|
||||
|
||||
'@sveltejs/kit@2.20.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))':
|
||||
'@sveltejs/kit@2.53.4(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(typescript@5.9.3)(vite@5.4.21(@types/node@22.19.15))':
|
||||
dependencies:
|
||||
'@standard-schema/spec': 1.1.0
|
||||
'@sveltejs/acorn-typescript': 1.0.9(acorn@8.16.0)
|
||||
'@sveltejs/vite-plugin-svelte': 3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))
|
||||
'@types/cookie': 0.6.0
|
||||
acorn: 8.16.0
|
||||
cookie: 1.1.1
|
||||
devalue: 5.6.3
|
||||
esm-env: 1.2.2
|
||||
import-meta-resolve: 4.2.0
|
||||
kleur: 4.1.5
|
||||
magic-string: 0.30.21
|
||||
mrmime: 2.0.1
|
||||
sade: 1.8.1
|
||||
set-cookie-parser: 2.7.2
|
||||
set-cookie-parser: 3.0.1
|
||||
sirv: 3.0.2
|
||||
svelte: 4.2.20
|
||||
vite: 5.4.21(@types/node@22.19.15)
|
||||
optionalDependencies:
|
||||
typescript: 5.9.3
|
||||
|
||||
'@sveltejs/vite-plugin-svelte-inspector@2.1.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15)))(svelte@4.2.20)(vite@5.4.21(@types/node@22.19.15))':
|
||||
dependencies:
|
||||
@@ -2798,8 +2819,6 @@ snapshots:
|
||||
|
||||
ieee754@1.2.1: {}
|
||||
|
||||
import-meta-resolve@4.2.0: {}
|
||||
|
||||
inflight@1.0.6:
|
||||
dependencies:
|
||||
once: 1.4.0
|
||||
@@ -3251,7 +3270,7 @@ snapshots:
|
||||
|
||||
set-blocking@2.0.0: {}
|
||||
|
||||
set-cookie-parser@2.7.2: {}
|
||||
set-cookie-parser@3.0.1: {}
|
||||
|
||||
shebang-command@2.0.0:
|
||||
dependencies:
|
||||
|
||||
Reference in New Issue
Block a user