diff --git a/Dockerfile b/Dockerfile index f3e7305e..4293e089 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM hmctspublic.azurecr.io/base/node:20-alpine AS base +FROM hmctsprod.azurecr.io/base/node:20-alpine AS base ENV PUPPETEER_SKIP_DOWNLOAD=true ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true @@ -28,7 +28,7 @@ COPY --chown=hmcts:hmcts package.json yarn.lock ./ # ---- Runtime Image ---- -FROM hmctspublic.azurecr.io/base/node:20-alpine AS runtime +FROM hmctsprod.azurecr.io/base/node:20-alpine AS runtime COPY --from=build $WORKDIR . EXPOSE 3460 diff --git a/charts/ccd-case-activity-api/Chart.yaml b/charts/ccd-case-activity-api/Chart.yaml index 572d1df7..cee5d73d 100644 --- a/charts/ccd-case-activity-api/Chart.yaml +++ b/charts/ccd-case-activity-api/Chart.yaml @@ -2,14 +2,14 @@ apiVersion: v2 description: Helm chart for the HMCTS CCD Case Activity name: ccd-case-activity-api home: https://github.com/hmcts/ccd-case-activity-api -version: 1.3.17 +version: 1.3.18 maintainers: - name: HMCTS CCD Dev Team email: ccd-devops@HMCTS.NET dependencies: - name: nodejs version: 3.2.0 - repository: 'oci://hmctspublic.azurecr.io/helm' + repository: 'oci://hmctsprod.azurecr.io/helm' - name: redis version: 24.1.8 repository: "oci://registry-1.docker.io/bitnamicharts" diff --git a/charts/ccd-case-activity-api/values.yaml b/charts/ccd-case-activity-api/values.yaml index c3cd72c1..cd5bd119 100644 --- a/charts/ccd-case-activity-api/values.yaml +++ b/charts/ccd-case-activity-api/values.yaml @@ -8,7 +8,7 @@ redis: enabled: false nodejs: - image: 'hmctspublic.azurecr.io/ccd/case-activity-api:latest' + image: 'hmctsprod.azurecr.io/ccd/case-activity-api:latest' applicationPort: 3460 aadIdentityName: ccd ingressHost: ccd-case-activity-api-{{ .Values.global.environment }}.service.core-compute-{{ .Values.global.environment }}.internal diff --git a/package-lock.json b/package-lock.json index 5ea1d6b5..2a85a93a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -23,6 +23,7 @@ "ioredis": "^3.1.4", "joi": "^17.2.1", "jwt-decode": "^2.2.0", + "lodash": "4.18.1", "moment": "^2.29.4", "morgan": "^1.9.1", "nocache": "^2.1.0", @@ -5503,9 +5504,9 @@ } }, "node_modules/lodash": { - "version": "4.17.23", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz", - "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==", + "version": "4.18.1", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz", + "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==", "license": "MIT" }, "node_modules/lodash.assign": { diff --git a/package.json b/package.json index 0f7f0eb8..78bcb428 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "ioredis": "^3.1.4", "joi": "^17.2.1", "jwt-decode": "^2.2.0", - "lodash": "^4.17.23", + "lodash": "4.18.1", "moment": "^2.29.4", "morgan": "^1.9.1", "nocache": "^2.1.0", @@ -85,7 +85,7 @@ }, "resolutions": { "async": "^2.6.4", - "lodash": "^4.17.21", + "lodash": "4.18.1", "lodash.pick": "3.1.0", "yargs-parser": "^18.1.2", "minimist": "^1.2.6", diff --git a/yarn-audit-known-issues b/yarn-audit-known-issues index 4cddb799..cdeb4623 100644 --- a/yarn-audit-known-issues +++ b/yarn-audit-known-issues @@ -1,5 +1,3 @@ -{"value":"lodash","children":{"ID":1115806,"Issue":"lodash vulnerable to Code Injection via `_.template` imports key names","URL":"https://github.com/advisories/GHSA-r5fr-rjxr-66jc","Severity":"high","Vulnerable Versions":">=4.0.0 <=4.17.23","Tree Versions":["4.17.23"],"Dependents":["ccd-case-activity-api@workspace:."]}} -{"value":"lodash","children":{"ID":1115810,"Issue":"lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`","URL":"https://github.com/advisories/GHSA-f23m-r3pf-42rh","Severity":"moderate","Vulnerable Versions":"<=4.17.23","Tree Versions":["4.17.23"],"Dependents":["ccd-case-activity-api@workspace:."]}} {"value":"lodash.clone","children":{"ID":"lodash.clone (deprecation)","Issue":"This package is deprecated. Use structuredClone instead.","Severity":"moderate","Vulnerable Versions":"4.5.0","Tree Versions":["4.5.0"],"Dependents":["ioredis@npm:3.2.2"]}} {"value":"lodash.pick","children":{"ID":"lodash.pick (deprecation)","Issue":"This package is deprecated. Use destructuring assignment syntax instead.","Severity":"moderate","Vulnerable Versions":"3.1.0","Tree Versions":["3.1.0"],"Dependents":["ioredis@npm:3.2.2"]}} {"value":"path-to-regexp","children":{"ID":1115573,"Issue":"path-to-regexp vulnerable to Denial of Service via sequential optional groups","URL":"https://github.com/advisories/GHSA-j3q9-mxjg-w52f","Severity":"high","Vulnerable Versions":">=8.0.0 <8.4.0","Tree Versions":["8.2.0"],"Dependents":["router@npm:2.2.0"]}} diff --git a/yarn.lock b/yarn.lock index 2e7ae466..0666e7a1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1518,7 +1518,7 @@ __metadata: jasmine-node: "npm:3" joi: "npm:^17.2.1" jwt-decode: "npm:^2.2.0" - lodash: "npm:^4.17.23" + lodash: "npm:4.18.1" mocha: "npm:7" mock-require: "npm:^3.0.3" moment: "npm:^2.29.4" @@ -4394,10 +4394,10 @@ __metadata: languageName: node linkType: hard -"lodash@npm:^4.17.21": - version: 4.17.23 - resolution: "lodash@npm:4.17.23" - checksum: 10/82504c88250f58da7a5a4289f57a4f759c44946c005dd232821c7688b5fcfbf4a6268f6a6cdde4b792c91edd2f3b5398c1d2a0998274432cff76def48735e233 +"lodash@npm:4.18.1": + version: 4.18.1 + resolution: "lodash@npm:4.18.1" + checksum: 10/306fea53dfd39dad1f03d45ba654a2405aebd35797b673077f401edb7df2543623dc44b9effbb98f69b32152295fff725a4cec99c684098947430600c6af0c3f languageName: node linkType: hard