Skip to content

feat: Use depot.dev runners#724

Merged
ausias-armesto merged 1 commit into
mainfrom
ausias/use-depot-runners
Apr 30, 2026
Merged

feat: Use depot.dev runners#724
ausias-armesto merged 1 commit into
mainfrom
ausias/use-depot-runners

Conversation

@ausias-armesto
Copy link
Copy Markdown
Contributor

@ausias-armesto ausias-armesto commented Apr 30, 2026
edited by coderabbitai Bot
Loading

Use depot.dev runners instead of self hosted

Summary by CodeRabbit

  • Chores
    • Updated CI/CD workflow runner environments for improved performance and stability.
    • Upgraded workflow action versions across multiple deployment pipelines to latest compatible releases.

@ausias-armesto ausias-armesto self-assigned this Apr 30, 2026
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 30, 2026
edited
Loading

📝 Walkthrough

Walkthrough

Migrated GitHub Actions workflows from self-hosted infrastructure runners to cloud-based depot runners across four workflow files. Additionally, updated referenced reusable workflows and actions to newer versions: build-docker from v1 to v2, release-version from v2 to v3, and setup-node-js action reference from commit SHA to version tag.

Changes

Cohort / File(s) Summary
Runner Infrastructure Migration
.github/workflows/checks-zizmor.yaml, .github/workflows/merge.yaml, .github/workflows/pr.yaml, .github/workflows/release.yaml		 Replaced self-hosted runners (self-hosted-hoprnet-bigger, self-hosted-hoprnet-small) with cloud-based depot runners (depot-ubuntu-24.04, depot-ubuntu-24.04-4) across all workflow job configurations.
Reusable Workflow & Action Version Upgrades
.github/workflows/merge.yaml, .github/workflows/pr.yaml, .github/workflows/release.yaml		 Upgraded build-docker reusable workflow from v1 to v2, release-version action from v2 to v3, and replaced setup-node-js action commit SHA reference with versioned setup-node-js-v1 tag.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'feat: Use depot.dev runners' directly and clearly summarizes the main change across all modified workflow files, which consistently replace self-hosted runners with depot.dev runners.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch ausias/use-depot-runners

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
Review rate limit: 0/1 reviews remaining, refill in 60 minutes.

Comment @coderabbitai help to get the list of available commands and usage tips.

@ausias-armesto ausias-armesto enabled auto-merge (squash) April 30, 2026 11:42
github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 30, 2026
View reviewed changes
Comment thread .github/workflows/merge.yaml Dismissed
Comment thread .github/workflows/pr.yaml Dismissed
Comment thread .github/workflows/pr.yaml Dismissed
Comment thread .github/workflows/release.yaml Dismissed
Comment thread .github/workflows/release.yaml Dismissed
coderabbitai[bot]
coderabbitai Bot requested changes Apr 30, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/pr.yaml:
- Line 91: Replace the mutable action reference
"hoprnet/hopr-workflows/actions/setup-node-js@setup-node-js-v1" with the
repository action pinned to a specific commit SHA (e.g.
"hoprnet/hopr-workflows/actions/setup-node-js@<commit-sha>"); locate the uses
line that contains setup-node-js and substitute the tag with the resolved
immutable commit SHA from the action repository (obtainable via the action repo
commit history or the GitHub Actions Marketplace), then commit the updated
workflow so the action is pinned to that specific SHA.

In @.github/workflows/release.yaml:
- Line 50: Add an actionlint configuration to whitelist the custom Depot runner
labels so actionlint won’t flag the usage of "depot-ubuntu-24.04" (and similar
labels) in workflows; create a file named .actionlintrc.yaml containing a
runner-label-whitelist entry that includes "depot-ubuntu-24.04" and
"depot-ubuntu-24.04-4" (or update your existing actionlint config) so workflows
referencing that label (e.g., the runs-on: depot-ubuntu-24.04 line in
release.yaml and similar occurrences) are allowed by the linter.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: cb17dc90-20b4-455f-bbc0-15c2c108ce01

📥 Commits

Reviewing files that changed from the base of the PR and between 19edb2a and 1ee32e9.

📒 Files selected for processing (4)
  • .github/workflows/checks-zizmor.yaml
  • .github/workflows/merge.yaml
  • .github/workflows/pr.yaml
  • .github/workflows/release.yaml

Comment thread .github/workflows/pr.yaml
Comment thread .github/workflows/release.yaml
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2026

🔎 Trivy Security Report

Target Package Installed Severity CVE
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) curl 7.74.0-1.3+deb11u7 CRITICAL CVE-2023-38545
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) curl 7.74.0-1.3+deb11u7 HIGH CVE-2023-27533
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) curl 7.74.0-1.3+deb11u7 HIGH CVE-2023-27534
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) curl 7.74.0-1.3+deb11u7 HIGH CVE-2024-2398
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) e2fsprogs 1.46.2-2 HIGH CVE-2022-1304
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) gpgv 2.2.27-2+deb11u2 HIGH CVE-2025-68973
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc-bin 2.31-13+deb11u6 HIGH CVE-2023-4911
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc-bin 2.31-13+deb11u6 HIGH CVE-2024-2961
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc-bin 2.31-13+deb11u6 HIGH CVE-2024-33599
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc-bin 2.31-13+deb11u6 HIGH CVE-2025-4802
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc6 2.31-13+deb11u6 HIGH CVE-2023-4911
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc6 2.31-13+deb11u6 HIGH CVE-2024-2961
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc6 2.31-13+deb11u6 HIGH CVE-2024-33599
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libc6 2.31-13+deb11u6 HIGH CVE-2025-4802
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libcom-err2 1.46.2-2 HIGH CVE-2022-1304
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libcurl4 7.74.0-1.3+deb11u7 CRITICAL CVE-2023-38545
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libcurl4 7.74.0-1.3+deb11u7 HIGH CVE-2023-27533
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libcurl4 7.74.0-1.3+deb11u7 HIGH CVE-2023-27534
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libcurl4 7.74.0-1.3+deb11u7 HIGH CVE-2024-2398
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libexpat1 2.2.10-2+deb11u5 CRITICAL CVE-2024-45491
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libexpat1 2.2.10-2+deb11u5 CRITICAL CVE-2024-45492
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libexpat1 2.2.10-2+deb11u5 HIGH CVE-2023-52425
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libexpat1 2.2.10-2+deb11u5 HIGH CVE-2024-45490
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libext2fs2 1.46.2-2 HIGH CVE-2022-1304
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libfreetype6 2.10.4+dfsg-1+deb11u1 HIGH CVE-2025-27363
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgd3 2.3.0-2 HIGH CVE-2021-40145
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgnutls30 3.7.1-5+deb11u3 HIGH CVE-2024-0553
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgnutls30 3.7.1-5+deb11u3 HIGH CVE-2024-0567
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgnutls30 3.7.1-5+deb11u3 HIGH CVE-2025-32988
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgnutls30 3.7.1-5+deb11u3 HIGH CVE-2025-32990
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgssapi-krb5-2 1.18.3-6+deb11u3 CRITICAL CVE-2024-37371
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libgssapi-krb5-2 1.18.3-6+deb11u3 HIGH CVE-2024-37370
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libicu67 67.1-7 HIGH CVE-2025-5222
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libk5crypto3 1.18.3-6+deb11u3 CRITICAL CVE-2024-37371
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libk5crypto3 1.18.3-6+deb11u3 HIGH CVE-2024-37370
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libkrb5-3 1.18.3-6+deb11u3 CRITICAL CVE-2024-37371
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libkrb5-3 1.18.3-6+deb11u3 HIGH CVE-2024-37370
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libkrb5support0 1.18.3-6+deb11u3 CRITICAL CVE-2024-37371
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libkrb5support0 1.18.3-6+deb11u3 HIGH CVE-2024-37370
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libnghttp2-14 1.43.0-1 HIGH CVE-2023-44487
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpam-modules 1.4.0-9+deb11u1 HIGH CVE-2025-6020
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpam-modules-bin 1.4.0-9+deb11u1 HIGH CVE-2025-6020
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpam-runtime 1.4.0-9+deb11u1 HIGH CVE-2025-6020
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpam0g 1.4.0-9+deb11u1 HIGH CVE-2025-6020
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2025-64720
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2025-65018
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2025-66293
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2026-22695
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2026-22801
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2026-25646
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2026-33416
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libpng16-16 1.6.37-3 HIGH CVE-2026-33636
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libss2 1.46.2-2 HIGH CVE-2022-1304
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libssh2-1 1.9.0-2 HIGH CVE-2020-22218
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libssl1.1 1.1.1n-0+deb11u5 HIGH CVE-2025-69419
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libssl1.1 1.1.1n-0+deb11u5 HIGH CVE-2025-69421
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libsystemd0 247.3-7+deb11u4 HIGH CVE-2023-50387
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libsystemd0 247.3-7+deb11u4 HIGH CVE-2023-50868
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libsystemd0 247.3-7+deb11u4 HIGH CVE-2026-29111
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libtiff5 4.2.0-1+deb11u4 HIGH CVE-2023-52356
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libtiff5 4.2.0-1+deb11u4 HIGH CVE-2024-7006
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libtiff5 4.2.0-1+deb11u4 HIGH CVE-2025-9900
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libtiff5 4.2.0-1+deb11u4 HIGH CVE-2026-4775
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libtinfo6 6.2+20201114-2+deb11u1 HIGH CVE-2023-29491
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libudev1 247.3-7+deb11u4 HIGH CVE-2023-50387
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libudev1 247.3-7+deb11u4 HIGH CVE-2023-50868
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libudev1 247.3-7+deb11u4 HIGH CVE-2026-29111
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libx11-6 2:1.7.2-1+deb11u1 HIGH CVE-2023-43787
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libx11-data 2:1.7.2-1+deb11u1 HIGH CVE-2023-43787
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 CRITICAL CVE-2024-56171
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 CRITICAL CVE-2025-49794
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 CRITICAL CVE-2025-49796
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2022-2309
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2022-49043
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2024-25062
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2025-24928
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2025-27113
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2025-32414
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2025-32415
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxml2 2.9.10+dfsg-6.7+deb11u4 HIGH CVE-2025-6021
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxslt1.1 1.1.34-4+deb11u1 HIGH CVE-2024-55549
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxslt1.1 1.1.34-4+deb11u1 HIGH CVE-2025-24855
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) libxslt1.1 1.1.34-4+deb11u1 HIGH CVE-2025-7424
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) logsave 1.46.2-2 HIGH CVE-2022-1304
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) ncurses-base 6.2+20201114-2+deb11u1 HIGH CVE-2023-29491
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) ncurses-bin 6.2+20201114-2+deb11u1 HIGH CVE-2023-29491
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) openssl 1.1.1n-0+deb11u5 HIGH CVE-2025-69419
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) openssl 1.1.1n-0+deb11u5 HIGH CVE-2025-69421
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) perl-base 5.32.1-4+deb11u2 HIGH CVE-2020-16156
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) perl-base 5.32.1-4+deb11u2 HIGH CVE-2023-31484
europe-west3-docker.pkg.dev/hoprassociation/docker-images/hopr-admin:3.0.6-commit.1ee32e9-linux-amd64 (debian 11.7) perl-base 5.32.1-4+deb11u2 HIGH CVE-2023-47038

@ausias-armesto
Copy link
Copy Markdown
Contributor Author

ausias-armesto commented Apr 30, 2026

@mjadach-iv It's worth to upgrade the docker image and it's dependencies in a future PR

@ausias-armesto ausias-armesto merged commit c8bce26 into main Apr 30, 2026
12 checks passed
@ausias-armesto ausias-armesto deleted the ausias/use-depot-runners branch April 30, 2026 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@ausias-armesto ausias-armesto

Labels

toolchain

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ausias-armesto @github-advanced-security