lavakush07 commented on issue #4250: URL: https://github.com/apache/incubator-devlake/issues/4250#issuecomment-1406851026
> > For the security issue, currently, we're using nginxinc/nginx-unprivileged:1.21 as base image for config-ui, as nginx is stable enough, I guess we could use nginxinc/nginx-unprivileged:latest for get latest security updates from the upstream. > > Still, use nginxinc/nginx-unprivileged:latest tag in code repo is not a good practice, maybe we could introducing a checklist in release stage to ensure we're including the latest security updates from upstream at that moment. Got it 👍 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
