You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Join now to unlock these features and more
I saw that the `ssh-run` bitbucket pipeline still relies on `alpine:3.9` container image.
As far as i could find the security updates for that release were stopped on 01 Jan 2021
I suspect that this old release includes many security issues which were fixed in newer versions of alpine linux.
This should definitely be fixed as this container has access to private keys used to deploy software to production systems.
The following pipelines are also affected:
python 3.10 EOL will be 2026-10, so no changes needed.
But we will update alpine image in your listed in the comments pipes.
We have more than 50 pipes to maintain, so, unfortunately, our strategy usually when no new features to be implemented is to wait for users feature request.
You could always ask us in the community to bump a pipe version or even create a pull-request by yourself since it is open-sourced.
Also keep in mind that pipes are not the same as pipelines.
Pipes provide a simple way to configure a pipeline. They are especially powerful when you want to work with third-party tools. More details here.