Skip to content

chore: bump base docker image version to 0.10.6 to fix vulnerabilities#10924

Merged
stnguyen90 merged 1 commit into1.8.xfrom
chore-bump-docker-base
Dec 9, 2025
Merged

chore: bump base docker image version to 0.10.6 to fix vulnerabilities#10924
stnguyen90 merged 1 commit into1.8.xfrom
chore-bump-docker-base

Conversation

@stnguyen90
Copy link
Copy Markdown
Contributor

@stnguyen90 stnguyen90 commented Dec 8, 2025
edited
Loading

What does this PR do?

Our security scans reported several packages we used were out of date and required updates to patch security vulnerabilities.

This PR bumps our docker base image to fix the vulnerabilities

Test Plan

Automated tests should pass

Related PRs and Issues

Checklist

  • Have you read the Contributing Guidelines on issues?
  • If the PR includes a change to an API's metadata (desc, label, params, etc.), does it also include updated API specs and example docs?

@stnguyen90
chore: bump base docker image version to 0.10.6 to fix vulnerabilities
cb3b22c 
Our security scans reported several packages we used were out of date and required updates to patch security vulnerabilities.
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Dec 8, 2025
edited
Loading

📝 Walkthrough

Walkthrough

The Dockerfile's final stage base image is updated from version 0.10.5 to version 0.10.6 of the appwrite/base image. This is a patch-level version increment with no other modifications to the build configuration or logic.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

  • Single-line change updating a base image version tag
  • No functional logic modifications
  • Minimal risk; verify the new image version is compatible and available

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely summarizes the main change: bumping the Docker base image version to fix vulnerabilities, which matches the Dockerfile modification.
Description check ✅ Passed The description is directly related to the changeset, explaining the security motivation and linking to related PRs, with a clear test plan.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch chore-bump-docker-base
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 689e61c and cb3b22c.

📒 Files selected for processing (1)
  • Dockerfile (1 hunks)
🔇 Additional comments (1)
Dockerfile (1)

15-15: This is an isolated patch-level version bump with no other code updates needed.

The base image version increment from 0.10.5 to 0.10.6 is the only reference to this dependency in the codebase, confirming this is a straightforward security update.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Dec 8, 2025

Security Scan Results for PR

Docker Image Scan Results

🎉 No vulnerabilities found!

Source Code Scan Results

🎉 No vulnerabilities found!

@stnguyen90 stnguyen90 self-assigned this Dec 8, 2025
@github-actions
Copy link
Copy Markdown

github-actions bot commented Dec 8, 2025

✨ Benchmark results

  • Requests per second: 1,191
  • Requests with 200 status code: 214,422
  • P99 latency: 0.16323212

⚡ Benchmark Comparison

Metric This PR Latest version
RPS 1,191 1,271
200 214,422 228,826
P99 0.16323212 0.159980792

@stnguyen90 stnguyen90 marked this pull request as ready for review December 8, 2025 21:31
@stnguyen90 stnguyen90 merged commit bdfb9e3 into 1.8.x Dec 9, 2025
43 checks passed
@stnguyen90 stnguyen90 deleted the chore-bump-docker-base branch December 9, 2025 20:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abnegate abnegate Awaiting requested review from abnegate

1 more reviewer

@EVDOG4LIFE EVDOG4LIFE EVDOG4LIFE approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@stnguyen90 stnguyen90

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stnguyen90 @EVDOG4LIFE