chore(deps): bump bellsoft/liberica-openjre-alpine from 17.0.12 to 23-38 in /docker-jans-fido2

[dependabot]

Bumps bellsoft/liberica-openjre-alpine from 17.0.12 to 23-38.

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
bellsoft/liberica-openjre-alpine	[>= 21.pre.37.a, < 22]
bellsoft/liberica-openjre-alpine	[>= 20.pre.37.a, < 21]
bellsoft/liberica-openjre-alpine	[>= 19.pre.37.a, < 20]
bellsoft/liberica-openjre-alpine	[>= 18.pre.37.a, < 19]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dryrunsecurity]

DryRun Security Summary

The provided code change updates the docker-jans-fido2/Dockerfile to a newer base image, upgrade Jetty and Jython versions, update the FIDO2 server to the latest version, synchronize various static files and configurations, and add Prometheus monitoring capabilities, all of which are generally positive from an application security perspective.

Expand for full summary

Summary:

The provided code change is for the docker-jans-fido2/Dockerfile file, which is used to build a Docker image for the Janssen FIDO2 server. The key changes in this pull request include updating the base image to a newer version, upgrading the Jetty and Jython versions, updating the FIDO2 server to the latest version, synchronizing various static files and configurations, and adding Prometheus monitoring capabilities. From an application security perspective, these changes are generally positive as they help address known security vulnerabilities, keep dependencies up-to-date, and focus on secure configuration and deployment options, including the handling of sensitive data through Vault and Kubernetes secrets management.

Files Changed:

• docker-jans-fido2/Dockerfile: This file has been updated to include the following changes:
  1. The base image has been updated from bellsoft/liberica-openjre-alpine:17.0.12 to bellsoft/liberica-openjre-alpine:23-38, which likely includes security and performance improvements.
  2. The Jetty version used in the image has been updated from 11.0.20 to the latest version.
  3. The Jython version used in the image has been updated from 2.7.3 to the latest version.
  4. The version of the FIDO2 server component has been updated from 1.1.6-SNAPSHOT to the latest version.
  5. Various static files, schemas, and templates have been synchronized from the jans-linux-setup repository.
  6. A Prometheus configuration file has been added to the image.
  7. A wide range of environment variables have been included for configuring the FIDO2 server's integration with Consul, Vault, LDAP, Couchbase, and other services.

These changes focus on improving the security, configurability, and monitoring capabilities of the FIDO2 server Docker image, which is a positive step from an application security perspective.

Code Analysis

We ran 9 analyzers against 1 file and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	1 finding

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[iromli]

The suggested version is incompatible.

@dependabot ignore this major version

[dependabot]

OK, I won't notify you about version 23-38.x.x again, unless you re-open this PR.