fix(deps): update to node.js 20.18.0 #1224
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue
Concerning
12.6
20.17.0
12.7
node-20.17.0-chrome-129.0.6668.70-1-ff-130.0.1-edge-129.0.2792.52-1
12.7
13.15.0
reports critical fixed issues not yet installed, for example with
cypress/base:latest
:Change
In factory/.env, bump environment variables:
FACTORY_VERSION
from4.2.1
to4.2.2
FACTORY_DEFAULT_NODE_VERSION
from20.17.0
to20.18.0
(see https://nodejs.org/en/download/releases/)
CHROME_VERSION
from129.0.6668.70-1
to129.0.6668.89-1
(see https://www.ubuntuupdates.org/package/google_chrome/stable/main/base/google-chrome-stable)
EDGE_VERSION
from129.0.2792.52-1
to129.0.2792.65-1
(see https://packages.microsoft.com/repos/edge/pool/main/m/microsoft-edge-stable/)
FIREFOX_VERSION
from130.0.1
to131.0
(see https://download-installer.cdn.mozilla.net/pub/firefox/releases/)
to rebuild all images including latest Debian
12.x
published fixes from the Debian repository.Verify
cd factory docker compose build factory trivy image --ignore-unfixed --pkg-types os --scanners vuln --severity CRITICAL cypress/factory docker compose build base trivy image --ignore-unfixed --pkg-types os --scanners vuln --severity CRITICAL cypress/base docker compose build browsers trivy image --ignore-unfixed --pkg-types os --scanners vuln --severity CRITICAL cypress/browsers docker compose build included trivy image --ignore-unfixed --pkg-types os --scanners vuln --severity CRITICAL cypress/included:latest
should show for each image variant that there are no longer any (critical) vulnerabilities: