Upgrade to nodejs 16.13.1 LTS version to address security vulnerabilities
NCBI GitLab runs security scans of the bcms Docker image on every build in 'develop' branch. It currently reports 176 Critical and 1243 High vulnerabilities, mostly because of the old not supported versions of various Linux system libraries, Python and nodejs packages. NCBI DevOps / Systems are asking us to address these security issues before production deployment.
I've tried using
16.13.1-buster-slim as a base image. Here are the changes in Dockerfile I made, seems the image has been built successfully but the resulting container fails to run. Please correct / update as needed. Once a new container builds and runs successfully in 'develop' branch, we will review the vulnerability report again.
# IMAGE FOR BUILDING FROM node:16.13.1-buster-slim RUN apt-get update && apt-get install -y git python3 make g++
# IMAGE FOR RUNNING FROM node:16.13.1-buster-slim as server