Skip to content

fix(migrations): upgrade atlas image to fix CVE vulnerabilities#3028

Merged
jiparis merged 2 commits into
chainloop-dev:mainfrom
jiparis:fix/upgrade-atlas-image-cves
Apr 14, 2026
Merged

fix(migrations): upgrade atlas image to fix CVE vulnerabilities#3028
jiparis merged 2 commits into
chainloop-dev:mainfrom
jiparis:fix/upgrade-atlas-image-cves

Conversation

@jiparis

@jiparis jiparis commented Apr 14, 2026

Copy link
Copy Markdown
Member

Summary

  • Upgrade atlas base image from v1.2.0 (Go 1.26.1) to latest build (Go 1.26.2) in Dockerfile.migrations
  • Update ATLAS_VERSION from v1.1.6 to v1.2.0 in common.mk and .github/workflows/test.yml
  • Fixes GHSA-78h2-9frx-2jm8 (High) in go-jose/go-jose/v4, GHSA-hfvc-g4fc-pqhx (High) in otel/sdk, GHSA-xmrv-pmrh-hhx2 (Medium) in aws-sdk-go-v2, and multiple Go stdlib CVEs
  • Docker image pinned by SHA256 digest for reproducibility
  • Grype scan of new image shows zero fixable vulnerabilities

Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

…erability skill

Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>
@jiparis jiparis merged commit 5e9a600 into chainloop-dev:main Apr 14, 2026
15 checks passed
@jiparis jiparis deleted the fix/upgrade-atlas-image-cves branch April 14, 2026 10:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants