Update Docker SBOM generator and Dockerfile syntax version

[jkreileder]

Upgrade the Docker SBOM generator to version 1.16.1 and update the Dockerfile syntax version to 1.12.1 for improved compatibility and features.

[github-actions]

🔍 Vulnerabilities of jkreileder/cf-ips-to-hcloud-fw:pr-659

📦 Image Reference jkreileder/cf-ips-to-hcloud-fw:pr-659

digest	sha256:a3641b41260f4cc4ef41cf5eea63c3356339acb851eb1e2a5073e158575f430d
vulnerabilities
platform	linux/amd64
size	28 MB
packages	62

📦 Base Image python:3-alpine

also known as	3-alpine3.20 3.13-alpine 3.13-alpine3.20 3.13.1-alpine 3.13.1-alpine3.20 alpine alpine3.20
digest	sha256:7bc78c6d338ab35ff94c90207c8b5457185f50f1fc059089f0b0069c8184280c
vulnerabilities

[github-actions]

Recommended fixes for image jkreileder/cf-ips-to-hcloud-fw:pr-659

Base image is python:3-alpine

Name	3.13.1-alpine3.20
Digest	sha256:7bc78c6d338ab35ff94c90207c8b5457185f50f1fc059089f0b0069c8184280c
Vulnerabilities
Pushed	2 weeks ago
Size	19 MB
Packages	41
Flavor	alpine
OS	3.20
Runtime	3.13.1

The base image is also available under the supported tag(s): 3-alpine3.20, 3.13-alpine, 3.13-alpine3.20, 3.13.1-alpine, 3.13.1-alpine3.20, alpine, alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

Tag	Details	Pushed	Vulnerabilities
3-alpine Newer image for same tag Also known as: alpine alpine3.21 3.13.1-alpine 3.13.1-alpine3.21 3.13-alpine 3.13-alpine3.21 3-alpine3.21	Benefits: Same OS detected Minor runtime version update Newer image for same tag Image is smaller by 2.2 MB Tag is preferred tag Tag was pushed more recently Image has same number of vulnerabilities Image contains similar number of packages 3-alpine was pulled 51K times last month Image details: Size: 17 MB Flavor: alpine OS: 3.21 Runtime: 3.13.1	2 weeks ago

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

Overview

Image reference	jkreileder/cf-ips-to-hcloud-fw:1	quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-659
- digest	70eafa0243eb	a3641b41260f
- tag	1	pr-659
- provenance	e4eb5d1	42663d0
- vulnerabilities
- platform	linux/amd64	linux/amd64
- size	22 MB	28 MB (+6.3 MB)
- packages	64	62 (-2)
Base Image	python:3-alpine also known as: • 3-alpine3.20 • 3.13-alpine • 3.13-alpine3.20 • alpine • alpine3.20	python:3-alpine also known as: • 3-alpine3.20 • 3.13-alpine • 3.13-alpine3.20 • 3.13.1-alpine • 3.13.1-alpine3.20 • alpine • alpine3.20
- vulnerabilities

Environment Variables (2 changes)

• + 1 added
• ± 1 changed
• 4 unchanged

 GPG_KEY=7169605F62C751356D054A26A821E680E5FA6305
 PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 PYTHONDONTWRITEBYTECODE=1
 PYTHONFAULTHANDLER=1
+PYTHON_SHA256=9cf9427bee9e2242e3877dd0f6b641c1853ca461f39d6503ce260a59c80bf0d9
-PYTHON_VERSION=3.13.0
+PYTHON_VERSION=3.13.1

Labels (3 changes)

• ± 3 changed
• 5 unchanged

-org.opencontainers.image.created=2024-11-08T09:30:05.868Z
+org.opencontainers.image.created=2024-12-20T13:59:31.901Z
 org.opencontainers.image.description=Update Hetzner Cloud firewall rules with current Cloudflare IP ranges
 org.opencontainers.image.licenses=MIT
-org.opencontainers.image.revision=e4eb5d1df244d0bc3ea7f09542b95c5368fbc7ab
+org.opencontainers.image.revision=42663d072e248c6393087fcd534db09b21e0e3e4
 org.opencontainers.image.source=https://github.com/jkreileder/cf-ips-to-hcloud-fw
 org.opencontainers.image.title=cf-ips-to-hcloud-fw
 org.opencontainers.image.url=https://github.com/jkreileder/cf-ips-to-hcloud-fw
-org.opencontainers.image.version=1.0.14
+org.opencontainers.image.version=pr-659

Policies (0 improved, 1 worsened, 2 missing data)

Policy Name	jkreileder/cf-ips-to-hcloud-fw:1	quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-659	Change	Standing
Default non-root user	✅	✅		No Change
No AGPL v3 licenses	✅	✅		No Change
No fixable critical or high vulnerabilities	✅	✅		No Change
No high-profile vulnerabilities	✅	✅		No Change
No outdated base images	✅	❓ No data
No unapproved base images	✅	❓ No data
Supply chain attestations	✅	⚠️ 2	+2	Worsened

Packages and Vulnerabilities (18 package changes and 2 vulnerability changes)

• ➖ 2 packages removed
• ♾️ 16 packages changed
• 46 packages unchanged

• ✔️ 2 vulnerabilities removed

Changes for packages of type apk (10 changes)

	Package	Version jkreileder/cf-ips-to-hcloud-fw:1	Version quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-659
♾️	.python-rundeps	20241017.164351	20241205.142133
➖	expat	2.6.3-r0
		Removed vulnerabilities (1):
♾️	libcrypto3	3.3.2-r0	3.3.2-r1
➖	libexpat	2.6.3-r0
♾️	libncursesw	6.4_p20240420-r1	6.4_p20240420-r2
♾️	libpanelw	6.4_p20240420-r1	6.4_p20240420-r2
♾️	libssl3	3.3.2-r0	3.3.2-r1
♾️	ncurses	6.4_p20240420-r1	6.4_p20240420-r2
♾️	ncurses-terminfo-base	6.4_p20240420-r1	6.4_p20240420-r2
♾️	openssl	3.3.2-r0	3.3.2-r1
		Removed vulnerabilities (1):

Changes for packages of type generic (1 changes)

	Package	Version jkreileder/cf-ips-to-hcloud-fw:1	Version quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-659
♾️	python	3.13.0	3.13.1

Changes for packages of type pypi (7 changes)

	Package	Version jkreileder/cf-ips-to-hcloud-fw:1	Version quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-659
♾️	anyio	4.6.2.post1	4.7.0
♾️	certifi	2024.8.30	2024.12.14
♾️	cf-ips-to-hcloud-fw	1.0.14	1.0.15.dev0
♾️	cloudflare	3.1.0	3.1.1
♾️	httpcore	1.0.6	1.0.7
♾️	pip	24.2	24.3.1
♾️	six	1.16.0	1.17.0

[github-actions]

Test Results

  5 files  ±0    5 suites  ±0   21s ⏱️ -1s
 36 tests ±0   36 ✅ ±0  0 💤 ±0  0 ❌ ±0 
180 runs  ±0  180 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 4ae7048. ± Comparison against base commit 63edc48.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (63edc48) to head (4ae7048).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #659   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            8         8           
  Lines          151       151           
  Branches        15        15           
=========================================
  Hits           151       151           

Flag	Coverage Δ
python-3.10	100.00% <ø> (ø)
python-3.11	100.00% <ø> (ø)
python-3.12	100.00% <ø> (ø)
python-3.13	100.00% <ø> (ø)
python-3.9	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.