Skip to content

Update redis Docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) #10651

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

Update redis Docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) #10651

wants to merge 1 commit into from
+1 −1

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 30, 2024
edited
Loading

This PR contains the following updates:

Package Update Change
redis minor 7.2.10-alpine -> 7.4.5-alpine

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jul 30, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 30, 2024
edited
Loading

DryRun Security Summary

The Redis service image is being updated from 7.2.5 to 7.4.2, while security concerns were identified regarding hardcoded sensitive environment variables including database credentials and secret keys in docker-compose.yml.

Expand for full summary

The PR updates the Redis service image version from 7.2.5 to 7.4.2 in docker-compose.yml, with potential version-specific security patches. Security findings include:

  1. Hardcoded sensitive environment variables in docker-compose.yml:
    • Database credentials (DD_DATABASE_USER, DD_DATABASE_PASSWORD)
    • Secret keys (DD_SECRET_KEY, DD_CREDENTIAL_AES_256_KEY)
      These default credentials pose a significant security risk if not changed in production environments.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@renovate renovate bot force-pushed the renovate/redis-7.x branch from 6566fce to 2b696b5 Compare July 30, 2024 06:17
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

mtesauro
mtesauro previously approved these changes Jul 30, 2024
View reviewed changes
@mtesauro mtesauro self-requested a review July 30, 2024 16:56
cneill
cneill suggested changes Jul 30, 2024
View reviewed changes
Copy link
Contributor

@cneill cneill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're going to hold off on this one while we determine any implications of the change to Redis' licensing

@mtesauro mtesauro dismissed their stale review July 30, 2024 16:59

Reviewing license change

@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 2, 2024
@renovate renovate bot force-pushed the renovate/redis-7.x branch from 2b696b5 to d607bfa Compare August 3, 2024 01:44
@cneill cneill mentioned this pull request Aug 12, 2024
Closed
1 task
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 13, 2024
@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 14, 2024
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 14, 2024
@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 19, 2024
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 29, 2024
@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 30, 2024
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Aug 30, 2024
@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Sep 1, 2024
@renovate renovate bot force-pushed the renovate/redis-7.x branch 6 times, most recently from effef4a to 6e06773 Compare September 9, 2024 14:23
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Sep 16, 2024
@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Sep 17, 2024
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Sep 17, 2024
@renovate renovate bot changed the title Update redis Docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.5 to v7.4.0 (docker-compose.yml) Sep 19, 2024
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 6, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 12, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 14, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 16, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 16, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 20, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 23, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 25, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 26, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 26, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 27, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jun 30, 2025
Maffooch
Maffooch requested changes Jun 30, 2025
View reviewed changes
Copy link
Contributor

@Maffooch Maffooch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

blocking

@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jul 1, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jul 3, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jul 4, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) Jul 7, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.4 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.9 to v7.4.5 (docker-compose.yml) Jul 7, 2025
@renovate renovate bot force-pushed the renovate/redis-7.x branch from 73794a9 to bcc2c8d Compare July 7, 2025 21:40
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 7, 2025

DryRun Security

No security concerns detected in this pull request.

All finding details can be found in the DryRun Security Dashboard.

@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.9 to v7.4.5 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) Jul 8, 2025
@renovate renovate bot force-pushed the renovate/redis-7.x branch from bcc2c8d to beb326d Compare July 8, 2025 18:22
@renovate renovate bot force-pushed the renovate/redis-7.x branch 3 times, most recently from 6904e0a to 1760d4c Compare July 17, 2025 22:25
@renovate renovate bot force-pushed the renovate/redis-7.x branch from 1760d4c to a3ea2ac Compare July 21, 2025 15:23
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) Update redis Docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) Jul 22, 2025
@renovate renovate bot changed the title Update redis Docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) chore(deps): update redis docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) Jul 22, 2025
@renovate renovate bot changed the title chore(deps): update redis docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) Update redis Docker tag from 7.2.10 to v7.4.5 (docker-compose.yml) Jul 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cneill cneill cneill requested changes

@mtesauro mtesauro mtesauro requested changes

@Maffooch Maffooch Maffooch requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file docker
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cneill @mtesauro @Maffooch