[security][trivy-fs] HIGH DS-0017 in Dockerfile #5

New Issue

2026-05-13T10:50:37-05:00

gitea-actions bot commented

2026-05-13 10:50:37 -05:00

Security scanner: trivy-fs
Summary: 'RUN update' instruction alone
Repository: kelly/donetick-notifier
Branch/ref: fresh-copy
Commit: ef66b632b5558ba2d88318bcc5d6f33a8f0fd211
Action run: https://git.ktr32.org/kelly/donetick-notifier/actions/runs/28

Details:

Type: Misconfiguration
Severity: HIGH
Target: Dockerfile
ID: DS-0017
Message: The instruction 'RUN update' should always be followed by ' install' in the same RUN statement.
Resolution: Combine ' update' and ' install' instructions to single one

Security scanner: `trivy-fs` Summary: 'RUN <package-manager> update' instruction alone Repository: `kelly/donetick-notifier` Branch/ref: `fresh-copy` Commit: `ef66b632b5558ba2d88318bcc5d6f33a8f0fd211` Action run: https://git.ktr32.org/kelly/donetick-notifier/actions/runs/28 Details: - Type: Misconfiguration - Severity: HIGH - Target: Dockerfile - ID: DS-0017 - Message: The instruction 'RUN <package-manager> update' should always be followed by '<package-manager> install' in the same RUN statement. - Resolution: Combine '<package-manager> update' and '<package-manager> install' instructions to single one

kelly referenced a pull request that will close this issue

2026-05-13 11:15:14 -05:00

adding security tool stack, pre-commit steps, and gitignore additions #6

kelly closed this issue

2026-05-13 11:15:47 -05:00

kelly added the vulnerability label 2026-05-26 21:27:10 -05:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: kelly/donetick-notifier#5