diff --git a/docker/images/n8n-base/Dockerfile b/docker/images/n8n-base/Dockerfile index 7162cf9c90..77fe0b798e 100644 --- a/docker/images/n8n-base/Dockerfile +++ b/docker/images/n8n-base/Dockerfile @@ -13,24 +13,22 @@ RUN \ apk del .build-deps-fonts && \ find /usr/share/fonts/truetype/msttcorefonts/ -type l -exec unlink {} \; -# Install essential OS dependencies with pinned versions -RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \ +# Install essential OS dependencies +RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.22/main" >> /etc/apk/repositories && echo "https://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories && \ apk update && \ - apk upgrade && \ apk add --no-cache \ - git=2.50.1-r0 \ - openssh=10.0_p1-r7 \ - openssl=3.5.1-r0 \ - graphicsmagick=1.3.45-r0 \ - tini=0.19.0-r3 \ - tzdata=2025b-r0 \ - ca-certificates=20241121-r2 \ - libc6-compat=1.1.0-r4 \ - jq=1.8.0-r0 + git \ + openssh \ + openssl \ + graphicsmagick \ + tini \ + tzdata \ + ca-certificates \ + libc6-compat \ + jq -# Update npm, install full-icu and npm@11.4.2 to fix brace-expansion vulnerability -# Remove npm update after vulnerability is fixed in in node image -RUN npm install -g full-icu@1.5.0 npm@11.4.2 +# Install full-icu +RUN npm install -g full-icu@1.5.0 RUN rm -rf /tmp/* /root/.npm /root/.cache/node /opt/yarn* && \ apk del apk-tools diff --git a/docker/images/n8n/Dockerfile b/docker/images/n8n/Dockerfile index 90c086b61d..7b2080c9e0 100644 --- a/docker/images/n8n/Dockerfile +++ b/docker/images/n8n/Dockerfile @@ -62,8 +62,6 @@ RUN cd /usr/local/lib/node_modules/n8n && \ mkdir -p /home/node/.n8n && \ chown -R node:node /home/node -# Install npm@11.4.2 to fix brace-expansion vulnerability, remove after vulnerability is fixed in node image -RUN npm install -g npm@11.4.2 RUN cd /usr/local/lib/node_modules/n8n/node_modules/pdfjs-dist && npm install @napi-rs/canvas EXPOSE 5678/tcp