diff --git a/.kosli.yml b/.kosli.yml
index c8e15216c..90ed6d0b3 100644
--- a/.kosli.yml
+++ b/.kosli.yml
@@ -8,5 +8,9 @@ trail:
   artifacts:
     - name: web
       attestations:
-        - name: snyk-code-test
-          type: snyk
\ No newline at end of file
+        - name: snyk-container-test
+          type: snyk
+        - name: provenance-attestation
+          type: generic
+        - name: sbom
+          type: generic
diff --git a/Dockerfile b/Dockerfile
index ed588f7d9..bcdda4ac8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,14 +2,6 @@ FROM cyberdojo/web-base:8a409cd@sha256:d8fda7714933d9312720f01244c8de8bce8fdfbf4
 # The FROM statement above is typically set via an automated pull-request from the web-base repo
 LABEL maintainer=jon@jaggersoft.com
 
-#RUN apk add --upgrade c-ares=1.34.6-r0        # https://security.snyk.io/vuln/SNYK-ALPINE322-CARES-14409293
-#RUN apk add --upgrade libexpat=2.7.4-r0       # https://security.snyk.io/vuln/SNYK-ALPINE321-EXPAT-13003711
-#RUN apk upgrade musl                          # https://security.snyk.io/vuln/SNYK-ALPINE320-MUSL-8720638
-#RUN apk upgrade libcrypto3 libssl3            # https://security.snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174133
-#RUN apk upgrade busybox                       # https://security.snyk.io/vuln/SNYK-ALPINE321-BUSYBOX-14102399
-#RUN apk upgrade git                           # https://security.snyk.io/vuln/SNYK-ALPINE320-GIT-10669667
-#RUN apk upgrade curl                          # https://security.snyk.io/vuln/SNYK-ALPINE321-CURL-13277278
-
 ARG COMMIT_SHA
 ENV SHA=${COMMIT_SHA}