Skip to content

[Snyk] Security upgrade postgres from 14.18-alpine3.22 to 14.19-alpine3.22#9196

Merged
mpbrown merged 1 commit into
mainfrom
snyk-fix-7cac0fb44a150786e417521e378df170
Nov 6, 2025
Merged

[Snyk] Security upgrade postgres from 14.18-alpine3.22 to 14.19-alpine3.22#9196
mpbrown merged 1 commit into
mainfrom
snyk-fix-7cac0fb44a150786e417521e378df170

Conversation

@rin-skylight
Copy link
Copy Markdown
Contributor

@rin-skylight rin-skylight commented Oct 2, 2025

snyk-top-banner

Snyk has created this PR to fix 0 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • backend/db-setup/Dockerfile

We recommend upgrading to postgres:14.19-alpine3.22, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@rin-skylight rin-skylight requested review from a team as code owners October 2, 2025 03:20
@rin-skylight rin-skylight requested review from DanielSass, DavidMcClatchey and arinkulshi-skylight and removed request for a team October 2, 2025 03:20
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Oct 2, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@DanielSass DanielSass requested review from kevinfiol, mpbrown and schreiaj and removed request for arinkulshi-skylight October 2, 2025 19:07
@kevinfiol
Copy link
Copy Markdown
Collaborator

kevinfiol commented Oct 16, 2025

Does this require sign-off from DevOps @shanice-skylight ?

mpbrown
mpbrown approved these changes Nov 6, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@mpbrown mpbrown left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, @kevinfiol regarding your question about sign off, I think with the reduced dev ops bandwidth that we'll be handling these snyk PRs

@mpbrown mpbrown added this pull request to the merge queue Nov 6, 2025
Merged via the queue into main with commit 3461429 Nov 6, 2025
46 of 47 checks passed
@mpbrown mpbrown deleted the snyk-fix-7cac0fb44a150786e417521e378df170 branch November 6, 2025 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kevinfiol kevinfiol kevinfiol approved these changes

@mpbrown mpbrown mpbrown approved these changes

@DanielSass DanielSass Awaiting requested review from DanielSass DanielSass is a code owner automatically assigned from CDCgov/simplereport-dependencyreviews

@DavidMcClatchey DavidMcClatchey Awaiting requested review from DavidMcClatchey DavidMcClatchey is a code owner automatically assigned from CDCgov/simplereport-dependencyreviews

@schreiaj schreiaj Awaiting requested review from schreiaj

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rin-skylight @kevinfiol @mpbrown @snyk-bot