[Snyk] Security upgrade node from 22.21-alpine to 22.22.0-alpine

[snyk-io]

Snyk has created this PR to fix 0 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• Dockerfile

We recommend upgrading to node:22.22.0-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[what-the-diff]

PR Summary

• Backend Build Image Update
  The version of the base image used for constructing the backend of our program has been updated. From node:22.21-alpine, it has been upgraded to node:22.22.0-alpine. This implies an enhancement in our backend construction, potentially leading to better performance and security.

[greptile-apps]

Greptile Summary

Updated Node.js Alpine base image from version 22.21 to 22.22.0 to address security vulnerabilities.

Changes Made:

• Updated backend-build stage base image (line 27)
• Updated production stage base image (line 52)

Impact:

• Minor version bump within Node.js 22.x - no breaking changes expected
• Both build and runtime stages use the same updated image for consistency
• Security patches included in Node.js 22.22.0 are now applied
• No application code or configuration changes required

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• Minor version update within Node.js 22.x releases maintains API compatibility. Both build and runtime stages are consistently updated. No application code changes required.
• No files require special attention

Important Files Changed

Filename	Overview
Dockerfile	Updated Node.js base image from 22.21-alpine to 22.22.0-alpine for security patches

Sequence Diagram

sequenceDiagram
    participant Snyk
    participant Dockerfile
    participant Node22.21 as node:22.21-alpine
    participant Node22.22 as node:22.22.0-alpine
    participant Build as Build Process
    participant Runtime as Runtime Container

    Snyk->>Dockerfile: Detect outdated base image
    Snyk->>Dockerfile: Update base image version
    
    Note over Dockerfile: backend-build stage
    Dockerfile->>Node22.22: FROM node:22.22.0-alpine
    Node22.22->>Build: Install dependencies (npm ci)
    Build->>Build: Generate Prisma client
    Build->>Build: Build NestJS application
    Build->>Build: Prune dev dependencies
    
    Note over Dockerfile: Production stage
    Dockerfile->>Node22.22: FROM node:22.22.0-alpine
    Node22.22->>Runtime: Install mimalloc allocator
    Build->>Runtime: Copy built artifacts
    Runtime->>Runtime: Install PM2 globally
    Runtime->>Runtime: Start application with PM2

Loading