lerkolabs/uptop
1
1
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

fix(security): remove unused openssh-client from Docker image
CI / test (pull_request) Successful in 2m25s
Details
CI / lint (pull_request) Successful in 40s
Details
CI / vulncheck (pull_request) Successful in 41s
Details

Browse Source 
openssh-client was never used — uptop uses pure Go SSH via
charmbracelet/ssh. Removing it eliminates CVE-2026-25680,
CVE-2026-35386, CVE-2026-35387, and CVE-2026-35388.
This commit is contained in:
Tyler Koenig
2026-05-29 20:19:08 -04:00
parent 13a0860dd3
commit aac8d4dd0e
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Dockerfile
+1 -2
View File
@@ -17,8 +17,7 @@ RUN --mount=type=cache,target=/go/pkg/mod \
# --- Stage 2: Runner --- # --- Stage 2: Runner ---
FROM alpine:3.23 FROM alpine:3.23
WORKDIR /app WORKDIR /app
RUN apk add --no-cache ca-certificates openssh-client RUN apk add --no-cache ca-certificates && apk upgrade --no-cache
RUN apk upgrade --no-cache
RUN mkdir /data RUN mkdir /data
COPY --from=builder /app/uptop . COPY --from=builder /app/uptop .