From a603c78a6bc0fb4813e98ab71f75815814561015 Mon Sep 17 00:00:00 2001
From: Krisztian Gacsal <chrisgacsal@users.noreply.github.com>
Date: Thu, 22 Feb 2024 00:00:16 +0100
Subject: [PATCH] fix: pin version of tools

Make sure that the version of clamav an yara are pinned to avoid
compatibility issues.
---
 Dockerfile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ee54b34..f2b41b6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1
+# syntax=docker/dockerfile:1@sha256:ac85f380a63b13dfcefa89046420e1781752bab202122f8f50032edf31be0021
 
 # Download gitleaks
 FROM --platform=$BUILDPLATFORM alpine:3.19@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b AS gitleaks
@@ -88,8 +88,8 @@ FROM alpine:3.19@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761
 WORKDIR /opt
 
 RUN apk upgrade --no-cache --quiet
-RUN apk add --no-cache clamav
-RUN apk add --no-cache yara --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing
+RUN apk add --no-cache clamav=1.2.2-r0
+RUN apk add --no-cache --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community yara=4.5.0-r0
 RUN apk add --no-cache openssh
 RUN apk add --no-cache git  # required by gitleaks
 RUN apk add --no-cache grep # required by lynis