Currently, Docker images are referenced without fixed version tags, which prevents Dependabot from effectively monitoring and notifying about updates. To improve security and maintainability, update all Docker image references to use fixed version tags. This will allow Dependabot to track updates and alert us when new versions are available.
Action items:
- Identify all Docker image references in the repository
- Update references to use fixed version tags (e.g.,
nginx:1.23.4 instead of nginx:latest)
- Test to ensure no breaking changes
- Enable or update Dependabot configuration to monitor these dependencies
This change will help automate dependency updates and improve our workflow.
Currently, Docker images are referenced without fixed version tags, which prevents Dependabot from effectively monitoring and notifying about updates. To improve security and maintainability, update all Docker image references to use fixed version tags. This will allow Dependabot to track updates and alert us when new versions are available.
Action items:
nginx:1.23.4instead ofnginx:latest)This change will help automate dependency updates and improve our workflow.