janhoy opened a new pull request, #4273: URL: https://github.com/apache/solr/pull/4273
https://issues.apache.org/jira/browse/SOLR-17353 A majority of flagged security issues in our docker image stems from "go", which again stems from the bundled go version in the `gosu` binary that we provide for advanced users of docker images. <img width="842" height="48" alt="Skjermbilde 2026-04-09 kl 09 31 28" src="https://github.com/user-attachments/assets/e7565a30-f763-4f6c-a45f-ded7bc9ec541"; /> <img width="921" height="114" alt="Skjermbilde 2026-04-09 kl 09 33 00" src="https://github.com/user-attachments/assets/7adc74e4-6da6-41fc-a6d0-e1372d683a71"; /> Earlier we installed gosu with apt, but Canonical is slow to patch (re-build on newer go), so it is better to install latest binary from github which is newer. In addition to installing from github releases, this PR also tries to add a mechanism for which RenovateBot / SolrBot can watch new versions and file a PR for bumping the version in our dockerfile template. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
