From 340869c642d985f0c4799d1895f96b600abf31cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 09:20:06 +0000 Subject: [PATCH] chore(docker): bump alpine in the docker group across 1 directory Bumps the docker group with 1 update in the / directory: alpine. Updates `alpine` from 3.23 to 3.24 --- updated-dependencies: - dependency-name: alpine dependency-version: '3.24' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker ... Signed-off-by: dependabot[bot] --- github-actions-staging.Dockerfile | 4 ++-- github-actions.Dockerfile | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/github-actions-staging.Dockerfile b/github-actions-staging.Dockerfile index 49d11746..ad4ac2a9 100644 --- a/github-actions-staging.Dockerfile +++ b/github-actions-staging.Dockerfile @@ -2,7 +2,7 @@ # difference is that it consumes ./bin/github-actions (built by welder) instead # of dist/github-actions (built by CI). Keep the two files in sync. -FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 AS builder +FROM alpine:3.24@sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b AS builder RUN apk update && apk upgrade --no-cache \ && apk add --no-cache curl bash binutils upx ca-certificates tar python3 \ @@ -73,7 +73,7 @@ RUN rm -rf \ && rm -rf /tmp/* /var/tmp/* # ── runtime ───────────────────────────────────────────────────────────────── -FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 +FROM alpine:3.24@sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b # aws-cli needed by Pulumi local.Command shell-outs (e.g. `aws s3 sync` in the # static-website template at pkg/clouds/pulumi/aws/static_website.go). diff --git a/github-actions.Dockerfile b/github-actions.Dockerfile index 2863e9b6..be698d66 100644 --- a/github-actions.Dockerfile +++ b/github-actions.Dockerfile @@ -5,7 +5,7 @@ # git ops. HEALTHCHECK omitted: one-shot action, never long-running. # Refresh: docker buildx imagetools inspect alpine:3.21 -FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 AS builder +FROM alpine:3.24@sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b AS builder # python3 needed so `gcloud components install` doesn't fall back to (and recreate) the bundled Python we want to delete. RUN apk update && apk upgrade --no-cache \ @@ -84,7 +84,7 @@ RUN rm -rf \ && rm -rf /tmp/* /var/tmp/* # ── runtime ───────────────────────────────────────────────────────────────── -FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 +FROM alpine:3.24@sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b # python3 stays — gcloud invokes it. py3-pip / binutils / upx confined to builder. # aws-cli needed by Pulumi local.Command shell-outs (e.g. `aws s3 sync` in the