fix: image scan error (#477)

mojaloop · Jun 7, 2024 · 395c3ba · 395c3ba
1 parent 7a806a3
commit 395c3ba
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 21 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -533,14 +533,14 @@ jobs:
       - run:
           name: Pull base image locally
           command: |
-            echo "Pulling docker image: node:$NVMRC_VERSION-alpine"
-            docker pull node:$NVMRC_VERSION-alpine
+            echo "Pulling docker image: node:$NVMRC_VERSION-alpine3.19"
+            docker pull node:$NVMRC_VERSION-alpine3.19
       ## Analyze the base and derived image
       ## Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
       - anchore/analyze_local_image:
           # Force the older version, version 0.7.0 was just published, and is broken
           anchore_version: v0.6.1
-          image_name: "docker.io/node:$NVMRC_VERSION-alpine ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local"
+          image_name: "docker.io/node:$NVMRC_VERSION-alpine3.19 ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local"
           policy_failure: false
           timeout: '500'
           # Note: if the generated policy is invalid, this will fallback to the default policy, which we don't want!
@@ -553,7 +553,7 @@ jobs:
             aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive
       - run:
           name: Evaluate failures
-          command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_${NVMRC_VERSION}-alpine-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
+          command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_${NVMRC_VERSION}-alpine3.19-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
       - store_artifacts:
           path: anchore-reports
       - slack/notify:

diff --git a/audit-ci.jsonc b/audit-ci.jsonc
@@ -5,6 +5,7 @@
   "moderate": true,
   "allowlist": [ // NOTE: Please add as much information as possible to any items added to the allowList
     // Currently no fixes available for the following
+    "GHSA-2p57-rm9w-gvfp", // socks>ip
     "GHSA-v88g-cgmw-v5xw",
     "GHSA-phwq-j96m-2c2q",
     "GHSA-282f-qqgm-c34q",

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -103,7 +103,7 @@
     "@mojaloop/event-sdk": "14.1.0",
     "@mojaloop/sdk-standard-components": "18.1.0",
     "@now-ims/hapi-now-auth": "2.1.0",
-    "ajv": "8.14.0",
+    "ajv": "8.16.0",
     "ajv-keywords": "5.1.0",
     "blipp": "4.0.2",
     "commander": "12.1.0",
@@ -120,14 +120,14 @@
   },
   "devDependencies": {
     "@types/jest": "29.5.12",
-    "audit-ci": "^6.6.1",
+    "audit-ci": "^7.0.1",
     "axios": "1.7.2",
     "docdash": "2.0.2",
     "get-port": "5.1.1",
     "jest": "29.7.0",
     "jest-junit": "16.0.0",
     "jsdoc": "4.0.3",
-    "nodemon": "3.1.1",
+    "nodemon": "3.1.3",
     "npm-audit-resolver": "3.0.0-RC.0",
     "npm-check-updates": "16.14.20",
     "nyc": "15.1.0",