Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update internal-dependencies #243

Merged
merged 1 commit into from
Jan 21, 2025
Merged

Update internal-dependencies #243

merged 1 commit into from
Jan 21, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 21, 2025

This PR contains the following updates:

Package Update Change
ghcr.io/blockjoy/base-op-reth minor v20250121.21 -> v20250121.22
ghcr.io/blockjoy/ethereum-erigon minor v20250121.10 -> v20250121.11

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge (squash) January 21, 2025 15:46
@github-actions GitHub Actions
Copy link

🔍 Trivy Dockerfile Scan Results for protocols/base/base-op-reth/Dockerfile

Click to view findings 

Dockerfile (dockerfile)
=======================
Tests: 21 (SUCCESSES: 18, FAILURES: 3)
Failures: 3 (HIGH: 1, CRITICAL: 2)

AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds002
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ARG
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:11
────────────────────────────────────────
  11 [ ARG CLOUDFLARE_API_KEY
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ENV
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:15
────────────────────────────────────────
  15 [ ENV CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
────────────────────────────────────────

Please review these findings and make necessary fixes to improve the security of your Dockerfile.

@github-actions GitHub Actions
Copy link

🔍 Trivy Dockerfile Scan Results for protocols/ethereum/ethereum-erigon/Dockerfile

Click to view findings 

Dockerfile (dockerfile)
=======================
Tests: 21 (SUCCESSES: 18, FAILURES: 3)
Failures: 3 (HIGH: 1, CRITICAL: 2)

AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds002
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ARG
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:11
────────────────────────────────────────
  11 [ ARG CLOUDFLARE_API_KEY
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ENV
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:15
────────────────────────────────────────
  15 [ ENV CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
────────────────────────────────────────

Please review these findings and make necessary fixes to improve the security of your Dockerfile.

@github-actions GitHub Actions
Copy link

The following nodes have been deployed on fra02.dev.blockjoy.com:

  • perfectly-engaging-troll, running variant base-op-reth-mainnet-full
  • properly-actual-catfish, running variant base-op-reth-mainnet-archive

These nodes will be cleaned up on PR merge or close and replaced on PR update.

@github-actions GitHub Actions
Copy link

The following nodes have been deployed on fra02.dev.blockjoy.com:

  • carefully-relaxed-mouse, running variant erigon-mainnet-full
  • daily-intense-kiwi, running variant erigon-sepolia-full
  • socially-fast-silkworm, running variant erigon-mainnet-archive
  • globally-perfect-skink, running variant erigon-sepolia-archive

These nodes will be cleaned up on PR merge or close and replaced on PR update.

@renovate renovate bot merged commit bc22f63 into main Jan 21, 2025
15 checks passed
@github-actions GitHub Actions
Copy link

All nodes have been cleaned up after merge

@renovate renovate bot deleted the renovate/internal-dependencies branch January 21, 2025 15:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants