mirror of
https://github.com/toeverything/AFFiNE.git
synced 2026-02-04 00:28:33 +00:00
b5ebd20314
**Context and Purpose:** This PR automatically remediates a security vulnerability: - **Description:** Service 'app' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this. - **Rule ID:** yaml.docker-compose.security.no-new-privileges.no-new-privileges - **Severity:** HIGH - **File:** .devcontainer/docker-compose.yml - **Lines Affected:** 4 - 4 This change is necessary to protect the application from potential security risks associated with this vulnerability. **Solution Implemented:** The automated remediation process has applied the necessary changes to the affected code in `.devcontainer/docker-compose.yml` to resolve the identified issue. Please review the changes to ensure they are correct and integrate as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Enhanced security configuration for the development environment. <!-- end of auto-generated comment: release notes by coderabbit.ai -->