[Snyk] Security upgrade node from 22.15.1-bookworm-slim to 22.20.0-bookworm-slim

[ammar-ahmed-butt]

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• Dockerfile

We recommend upgrading to node:22.20.0-bookworm-slim, as this image has only 34 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Directory Traversal SNYK-UPSTREAM-NODE-10847885	273
	Integer Overflow or Wraparound SNYK-DEBIAN12-ZLIB-6008963	241
	Improper Certificate Validation SNYK-DEBIAN12-PERL-5489190	210
	Heap-based Buffer Overflow SNYK-DEBIAN12-GNUTLS28-10690985	189
	Double Free SNYK-DEBIAN12-GNUTLS28-10690987	189

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Directory Traversal
🦉 Double Free

[semanticdiff-com]

Review changes with  

[gitnotebooks]

Review these changes at https://app.gitnotebooks.com/ammar-knowledge/automation-app-bot/pull/409

[pr-code-reviewer]

👋 Hi there!

1. Update the FROM instruction to use a valid Node.js version like node:22.20.0-bookworm-slim, as node:22.15.1-bookworm-slim is likely incorrect.
2. Ensure that the chosen Node.js version is consistent with project requirements and compatible with dependencies.
3. Verify that the rest of the Dockerfile is up-to-date and aligns with the changes made.

_{^{Automatically generated with the help of gpt-3.5-turbo.
Feedback? Please don't hesitate to drop me an email at [email protected].}}

[mergeable]

⚠️

Please add Jira ticket id i.e. "JIRA-ID"

Check Fail Adhere to the branch naming convention described here

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-ecbfd23bae1e7d92b2064a8c3ae8ed54

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud