chore(deps): update public.ecr.aws/lambda/python:3.14 docker digest to 1238927#517
chore(deps): update public.ecr.aws/lambda/python:3.14 docker digest to 1238927#517renovate[bot] wants to merge 1 commit into
Conversation
Wiz Scan Summary
To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension. Pull Request Developer GuidanceIf the link to the Wiz scan details doesn't work, please ensure you are using the right role in Wiz and that the repository is assigned to the correct project within our Wiz Terraform. Or, you can ask for help in #tna-cloud-security on Slack. |
6fa2cab to
66583a7
Compare
66583a7 to
bbd0e06
Compare
a83f199 to
8f5808b
Compare
d8eb4b2 to
511318f
Compare
07d5a2a to
7d4d5d9
Compare
7d4d5d9 to
2f74575
Compare
2f74575 to
ebb5571
Compare
ebb5571 to
67ddcda
Compare
67ddcda to
7fefa2e
Compare
| @@ -1,5 +1,5 @@ | |||
| # Base stage - common setup | |||
| FROM public.ecr.aws/lambda/python:3.14@sha256:10caad75cac688d8a8773f2ea2ec0aa6a3940a3d7d5716b8a3ccb5c2bc636c88 AS base | |||
| FROM public.ecr.aws/lambda/python:3.14@sha256:12389272ad28512f684231b35534ef91bad755ffe27e3f1582b5e455d0b449a4 AS base | |||
There was a problem hiding this comment.
Missing Version Specification In dnf install
on resource FROM public.ecr.aws/lambda/python:3.14@sha256:12389272ad28512f684231b35534ef91bad755ffe27e3f1582b5e455d0b449a4 AS base.RUN microdnf install -y tar-2:1.34-1.amzn2023.0.4 gzip-1.12-1.amzn2023.0.1 wget-1.21.3-1.amzn2023.0.4 poppler-utils-22.08.0-3.amzn2023.0.1 libXinerama-1.1.5-6.amzn2023.0.1 cups-libs-2.4.14-1.amzn2023.0.2 dbus-glib-0.110-11.amzn2023.0.2 libxslt-1.1.43-1.amzn2023.0.3 openssl nss-3.90.0-6.amzn2023.0.1 cairo-1.18.0-4.amzn2023.0.2 libX11-xcb-1.8.10-2.amzn2023.0.1 perl-4:5.32.1-477.amzn2023.0.7 make-1:4.3-5.amzn2023.0.2 golang-1.25.10-1.amzn2023.0.1 qpdf-10.6.3-4.amzn2023.0.5 && microdnf clean all
More Details
Specifying a package version allows to reduce failures due to unanticipated changes in required packages.
Expected
Package version should be specified when using 'dnf install'
Found
Package version should be pinned when running ´dnf install´
Rule ID: 6d81147f-c854-4867-8046-264c78136942
To ignore this finding as an exception, reply to this conversation with #wiz_ignore reason
If you'd like to ignore this finding in all future scans, add an exception in the .wiz file (learn more) or create an Ignore Rule (learn more).
To get more details on how to remediate this issue using AI, reply to this conversation with #wiz remediate
7fefa2e to
f35b8a7
Compare
f35b8a7 to
8f3fabd
Compare
This PR contains the following updates:
10caad7→1238927Configuration
📅 Schedule: (in timezone Europe/London)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.