From 8eee27e80d48dab4cfaa602be5828c21e30e6a1e Mon Sep 17 00:00:00 2001 From: Miguel Martinez Date: Sun, 17 May 2026 22:33:22 +0200 Subject: [PATCH] fix(migrations): bump atlas image to clear Go stdlib CVEs Updates the atlas base image from v1.2.1-29c7cc3-canary (go1.26.2, 11 fixable Go stdlib CVEs including CVE-2026-42501) to the current v1.2.1-3ca392d-canary tagged as :latest. Verified with grype against the new digest: no fixable vulnerabilities reported. Assisted-by: Claude Code Signed-off-by: Miguel Martinez Chainloop-Trace-Sessions: f286dba9-20ad-4039-8d7c-7677510fec29 --- app/controlplane/Dockerfile.migrations | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controlplane/Dockerfile.migrations b/app/controlplane/Dockerfile.migrations index 0150efc3f..4ab9fb0d6 100644 --- a/app/controlplane/Dockerfile.migrations +++ b/app/controlplane/Dockerfile.migrations @@ -1,9 +1,9 @@ # Container image built by go-releaser that's used to run migrations against the database during deployment # See https://atlasgo.io/guides/deploying/image -# from: arigaio/atlas:latest (v1.2.1-29c7cc3-canary) -# docker run arigaio/atlas@sha256:c9a0e6135c1f9c2761f5ef08b1db7a033ee37eb23a68173fd3909e231fdc2919 version -# atlas version v1.2.1-29c7cc3-canary -FROM arigaio/atlas@sha256:c9a0e6135c1f9c2761f5ef08b1db7a033ee37eb23a68173fd3909e231fdc2919 as base +# from: arigaio/atlas:latest (v1.2.1-3ca392d-canary) +# docker run arigaio/atlas@sha256:29668819bfe510e06ccf84cfbf795ad504a0b310a9edbb695c1cd277edac11cb version +# atlas version v1.2.1-3ca392d-canary +FROM arigaio/atlas@sha256:29668819bfe510e06ccf84cfbf795ad504a0b310a9edbb695c1cd277edac11cb as base FROM scratch # Update permissions to make it readable by the user