Merge pull request #179 from sir-gon/develop

[CONFIG] Docker Alpine-based images updated to Alpine 3.20

Author: sir-gon

.github/workflows/docker-image.yml

@@ -25,3 +25,20 @@ jobs:
     - name: Tag Docker image
       run: docker tag algorithm-exercises-java:latest algorithm-exercises-java:${{ github.sha }}
 
+    - name: Run Snyk to check Docker image for vulnerabilities
+      # Snyk can be used to break the build when it detects vulnerabilities.
+      # In this case we want to upload the issues to GitHub Code Scanning
+      continue-on-error: true
+      uses: snyk/actions/docker@master
+      env:
+        # In order to use the Snyk Action you will need to have a Snyk API token.
+        # See https://docs.snyk.io/integrations/ci-cd-integrations/github-actions-integration#getting-your-snyk-token
+        # or you can sign up for free at https://snyk.io/login
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        image: algorithm-exercises-java:latest
+        args: --file=Dockerfile
+    # - name: Upload result to GitHub Code Scanning
+    #   uses: github/codeql-action/upload-sarif@v2
+    #   with:
+    #     sarif_file: snyk.sarif

Dockerfile

@@ -6,7 +6,7 @@ RUN apk add --update --no-cache make
 WORKDIR /app
 
 ###############################################################################
-FROM node:22.2.0-alpine3.19 AS lint
+FROM node:20.14.0-alpine3.20 AS lint
 
 ENV WORKDIR=/app
 WORKDIR ${WORKDIR}