github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-08 23:18:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: resolve high/critical CVE's

Browse Source
This commit is contained in:
Daniel Hougaard
2025-10-06 23:04:17 +04:00
parent 3887fbc6a2
commit e79a81b689
12 changed files with 525 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile.fips.standalone-infisical
View File

@@ -3,7 +3,10 @@ ARG POSTHOG_API_KEY=posthog-api-key
ARG INTERCOM_ID=intercom-id
ARG CAPTCHA_SITE_KEY=captcha-site-key
FROM node:20-slim AS base
FROM node:20.19.5-trixie-slim AS base
# Fixes NPM vulnerability: https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
RUN npm install -g npm@11
FROM base AS frontend-dependencies
WORKDIR /app
@@ -155,7 +158,7 @@ RUN wget https://www.openssl.org/source/openssl-3.1.2.tar.gz \
# Install Infisical CLI
RUN curl -1sLf 'https://artifacts-cli.infisical.com/setup.deb.sh' | bash \
&& apt-get update && apt-get install -y infisical=0.41.89 \
&& apt-get update && apt-get install -y infisical=0.42.6 \
&& rm -rf /var/lib/apt/lists/*
RUN groupadd -r -g 1001 nodejs && useradd -r -u 1001 -g nodejs non-root-user