From 5bd1db56522dbe0abe4d02071173b93240494dc5 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 6 Apr 2022 02:30:28 +0000
Subject: [PATCH] fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE315-BUSYBOX-2440607
- https://snyk.io/vuln/SNYK-ALPINE315-BUSYBOX-2440607
---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b7c0a17..3f9198d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -40,7 +40,7 @@ RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-w -s" -o /go/bin/s
 #################################
 # STEP 3 create permissioned user
 #################################
-FROM alpine AS user
+FROM alpine:3.15.4 AS user
 # Install git + SSL ca certificates.
 # Git is required for fetching the dependencies.
 # Ca-certificates is required to call HTTPS endpoints.
@@ -65,7 +65,7 @@ RUN adduser \
 # STEP 4 build a small image
 ############################
 # Can't run from sratch, need to be able to `chmod`
-FROM alpine
+FROM alpine:3.15.4
 
 # Install curl
 RUN apk update && apk --no-cache add curl