Releases: jonasbn/docker-cheatset
0.17.0
What's Changed
- Bump rojopolis/spellcheck-github-actions from 0.38.0 to 0.40.0 by @dependabot in #98
- Bump rojopolis/spellcheck-github-actions from 0.40.0 to 0.41.0 by @dependabot in #101
- Bump rojopolis/spellcheck-github-actions from 0.41.0 to 0.42.0 by @dependabot in #104
- Bump rojopolis/spellcheck-github-actions from 0.42.0 to 0.43.0 by @dependabot in #105
- Bump rojopolis/spellcheck-github-actions from 0.43.0 to 0.43.1 by @dependabot in #106
- Bump rojopolis/spellcheck-github-actions from 0.43.1 to 0.44.0 by @dependabot in #107
- Bumped based image to 3.2.6 from 3.2.3 by @jonasbn in #108
Full Changelog: 0.16.0...0.17.0
0.16.0
What's Changed
- Bump rojopolis/spellcheck-github-actions from 0.33.0 to 0.33.1 by @dependabot in #64
- Bump actions/checkout from 3 to 4 by @dependabot in #65
- Bump docker/build-push-action from 4 to 5 by @dependabot in #66
- Bump docker/login-action from 2 to 3 by @dependabot in #67
- Bump docker/setup-qemu-action from 2 to 3 by @dependabot in #69
- Bump docker/setup-buildx-action from 2 to 3 by @dependabot in #68
- Bump rojopolis/spellcheck-github-actions from 0.33.1 to 0.34.0 by @dependabot in #70
- Bump cheatset from 1.4.6 to 1.4.8 by @dependabot in #71
- Bump rojopolis/spellcheck-github-actions from 0.34.0 to 0.35.0 by @dependabot in #74
- Bump peter-evans/dockerhub-description from 3 to 4 by @dependabot in #76
- Bump nokogiri from 1.15.4 to 1.16.2 by @dependabot in #77
- Bump rojopolis/spellcheck-github-actions from 0.35.0 to 0.36.0 by @dependabot in #78
- Bump nokogiri from 1.16.2 to 1.16.5 by @dependabot in #85
- Bump rojopolis/spellcheck-github-actions from 0.36.0 to 0.37.0 by @dependabot in #87
- Bump docker/build-push-action from 5 to 6 by @dependabot in #90
- Bump rojopolis/spellcheck-github-actions from 0.37.0 to 0.38.0 by @dependabot in #91
- Stabilizing the build by @jonasbn in #94
- [Snyk] Security upgrade ruby from 3.2.2-slim-bullseye to 3.2.3-slim-bullseye by @jonasbn in #82
- More clean up to deps by @jonasbn in #95
- Preparing release 0.16.0 by @jonasbn in #96
Full Changelog: 0.15.0...0.16.0
0.15.0
0.15.0 2023-07-10 Maintenance release
-
Bumped dependencies:
- sanitize from version 6.0.1 to 6.0.2
- nokogiri to 1.15.3
- racc to 1.7.1
- mini_portile2 to 2.8.2
- All via PR #63 from @dependabot
-
Bumped dependency: nokogiri from version 1.14.0 to 1.14.3, via PR #60 from @dependabot
0.14.0
0.13.0
0.13.0 2023-04-06 Maintenance release
-
Bumped from Ruby 3.2.0-slim-bullseye to 3.2.1-slim-bullseye, via PR #56 from @dependabot
-
Bumped dependency: sanitize from version 6.0.0 to 6.0.1, via PR #55 from @dependabot
0.12.0
0.12.0 2023-01-04 Maintenance release
-
Bumped from Ruby 3.1.3-slim-bullseye to 3.2.0-slim-bullseye, via PR #52 from @dependabot
-
Added
Gemfile.lock
to Docker image generation -
Bumped Bundler version in
Gemfile.lock
-
Renamed example file from
samble.rb
tosample.rb
, thanks to @suredream who patched cheatset via PR #39, I believe I am the one who introduced this spelling error, both in my own repository and in the cheatset repository
0.11.0
What's Changed
- Bump nokogiri from 1.13.1 to 1.13.3 by @dependabot in #33
- Bump rojopolis/spellcheck-github-actions from 0.21.1 to 0.22.1 by @dependabot in #34
- Bump actions/checkout from 2 to 3 by @dependabot in #35
- Bump rojopolis/spellcheck-github-actions from 0.22.1 to 0.23.0 by @dependabot in #36
- Bump nokogiri from 1.13.3 to 1.13.4 by @dependabot in #37
- Bump ruby from 3.1.1-slim-bullseye to 3.1.2-slim-bullseye by @dependabot in #38
- Bump github/codeql-action from 1 to 2 by @dependabot in #39
- Bump rojopolis/spellcheck-github-actions from 0.23.0 to 0.23.2 by @dependabot in #40
- Bump nokogiri from 1.13.4 to 1.13.6 by @dependabot in #41
- Bump rojopolis/spellcheck-github-actions from 0.23.2 to 0.24.0 by @dependabot in #42
- Bump nosborn/github-action-markdown-cli from 3.0.1 to 3.1.0 by @dependabot in #43
- Bump rojopolis/spellcheck-github-actions from 0.24.0 to 0.25.0 by @dependabot in #44
- Bump rojopolis/spellcheck-github-actions from 0.25.0 to 0.26.0 by @dependabot in #45
- Bump rojopolis/spellcheck-github-actions from 0.26.0 to 0.27.0 by @dependabot in #46
- Bump nosborn/github-action-markdown-cli from 3.1.0 to 3.2.0 by @dependabot in #47
- Bump nokogiri from 1.13.6 to 1.13.9 by @dependabot in #48
- Bump rojopolis/spellcheck-github-actions from 0.27.0 to 0.28.0 by @dependabot in #50
- Bump ruby from 3.1.2-slim-bullseye to 3.1.3-slim-bullseye by @dependabot in #49
Full Changelog: 0.10.0...0.11.0
0.10.0
0.9.0
0.9.0 2022-02-02 Maintenance release
-
cheatset
has been updated with a bug fix release: 1.4.6 for details please see the GitHub repository - thanks @dependabot -
The Docker base image has been changed to a slim variation, which minimizes the image size significantly
0.8.0
0.8.0 2022-01-26 Maintenance release
cheatset
has been updated with a bug fix release: 1.4.5 for details please see the GitHub repository - thanks @dependabot
- Changed Docker base image from from Ruby 3.1.0-buster to 3.1.0-bullseye. Meaning we are changing from Debian 10 to Debian 11. This aims to decrease the exposure to number of known vulnerabilities.
Data from Snyk
- ruby.3.1.0-buster (388 vulnerabilities), by severity
- 6 critical
- 42 high
- 68 medium
- 272 low
Report from Snyk, 29 days old at the time of writing
- ruby:3.1.0-bullseye (196), by severity
- 29 high
- 35 medium
- 132 low
Manual scan:
- ruby:3.1.0-bullseye (196), by severity
- 11 critical
- 18 high
- 35 medium
- 132 low
This does increase the number of critical issues, but it decreases the total of vulnerabilities.