From ce3109c2ee348d0e87d4515652c441d81dedcf22 Mon Sep 17 00:00:00 2001 From: Ralf Vogler Date: Thu, 5 Jun 2025 22:20:40 +0200 Subject: [PATCH] SonarQube: fix curl -L: only allow https redirects --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 27d9074..363786f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,10 +16,10 @@ RUN apt-get update \ && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \ && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list \ # TurboVNC & VirtualGL instead of Xvfb+X11vnc - && curl -fsSL https://packagecloud.io/dcommander/virtualgl/gpgkey | gpg --dearmor -o /etc/apt/trusted.gpg.d/VirtualGL.gpg \ - && curl -fsSL https://packagecloud.io/dcommander/turbovnc/gpgkey | gpg --dearmor -o /etc/apt/trusted.gpg.d/TurboVNC.gpg \ - && curl -fssl https://raw.githubusercontent.com/VirtualGL/repo/main/VirtualGL.list > /etc/apt/sources.list.d/VirtualGL.list \ - && curl -fssl https://raw.githubusercontent.com/TurboVNC/repo/main/TurboVNC.list > /etc/apt/sources.list.d/TurboVNC.list \ + && curl -fsSL --proto "=https" https://packagecloud.io/dcommander/virtualgl/gpgkey | gpg --dearmor -o /etc/apt/trusted.gpg.d/VirtualGL.gpg \ + && curl -fsSL --proto "=https" https://packagecloud.io/dcommander/turbovnc/gpgkey | gpg --dearmor -o /etc/apt/trusted.gpg.d/TurboVNC.gpg \ + && curl -fsSL --proto "=https" https://raw.githubusercontent.com/VirtualGL/repo/main/VirtualGL.list > /etc/apt/sources.list.d/VirtualGL.list \ + && curl -fsSL --proto "=https" https://raw.githubusercontent.com/TurboVNC/repo/main/TurboVNC.list > /etc/apt/sources.list.d/TurboVNC.list \ # update lists and install && apt-get update \ && apt-get install --no-install-recommends -y \