deps: bump node from d415caa to 9f6d597 in /internal/isolation/assets#162
Conversation
dependabot
Bot
added
dependencies
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
LGTM, straightforward Dependabot digest bump for node:22-bookworm-slim.
Extended reasoning...
Overview
This PR updates a single line in internal/isolation/assets/Dockerfile — the pinned SHA256 digest for the node:22-bookworm-slim base image used to build the isolation image. The tag (22-bookworm-slim) is unchanged; only the digest is rotated to the latest publication of that tag.
Security risks
None substantive. Pinning by digest and updating to the latest published digest of the same tag is the recommended way to consume base image security updates. If anything, this reduces security risk by picking up upstream patches in Debian/Node.js. The digest is sourced from Dependabot, which fetches from the canonical Docker Hub registry.
Level of scrutiny
Very low. This is a mechanical, single-line dependency bump produced by Dependabot. The image is used only for sandboxed isolation builds (not a runtime production dependency) and the surrounding Dockerfile logic is unchanged.
Other factors
No bugs were flagged by the bug hunting system, no prior reviewer comments on this PR, and no functional code changes accompany the digest bump.
|
@dependabot rebase |
|
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
dangtony98
left a comment
dangtony98
left a comment
There was a problem hiding this comment.
LGTM — routine Dependabot digest pin update for node:22-bookworm-slim base image used by the isolation container. assetsHash test constant updated to match, CI green.
Bumps node from `d415caa` to `9f6d597`. --- updated-dependencies: - dependency-name: node dependency-version: 22-bookworm-slim dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dangtony98
force-pushed
the
dependabot/docker/internal/isolation/assets/node-9f6d597
branch
from
96c2db3 to
52b437b
Compare
dangtony98
deleted the
dependabot/docker/internal/isolation/assets/node-9f6d597
branch
1 participant
Bumps node from
d415caato9f6d597.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)