and when scanning the docker image with Snyk I’m getting up to 114 security issues, as well as 8 critical vulnerabilities.
Are you guys planning on fixing them in the base docker image?
k
Kevin Kho
03/07/2022, 9:22 PM
Hi @Jean-Michel Provencher, I’ll need to check with the team on that
j
Jean-Michel Provencher
03/07/2022, 9:24 PM
Updating some c++ libraries used in the image would probably do most of the job, but it would probably better if it’s done on your side than on mine
z
Zanie
03/07/2022, 9:32 PM
Historically, the vast majority of vulnerabilities are not actually applicable when audited by an engineer. We are not pinning our apt requirements and should be getting the latest with each release. We’re basing our image from the official Python image (https://github.com/PrefectHQ/prefect/blob/master/Dockerfile).
Bring your towel and join one of the fastest growing data communities. Welcome to our second-generation open source orchestration platform, a completely rethought approach to dataflow automation.