d89424b62a
- Pin golang base image to sha256 digest (was golang:1.25-alpine) - Pin alpine base image to sha256 digest (was alpine:3.19) - Pin golangci-lint go install to commit SHA (was @latest) - Pin goimports go install to commit SHA (was @latest) This eliminates RCE risk from tag-based references that could be poisoned to run arbitrary code during docker build.
1015 B
1015 B