[Snyk] Security upgrade php from 8.0-fpm to 8.2-fpm

[tulik]

User description

Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• docker/base-images/php:8.0/Dockerfile

We recommend upgrading to php:8.2-fpm, as this image has only 71 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Resource Exhaustion SNYK-DEBIAN11-NGHTTP2-5953384	561
	Integer Overflow or Wraparound SNYK-DEBIAN11-ZLIB-6008961	264
	Cleartext Transmission of Sensitive Information SNYK-DEBIAN11-CURL-3320493	211
	Cleartext Transmission of Sensitive Information SNYK-DEBIAN11-CURL-3320493	211
	Out-of-Bounds SNYK-DEBIAN11-GLIBC-521063	182

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Resource Exhaustion

---

PR Type

Bug fix, Enhancement

---

Description

• Upgraded the PHP base image in the Dockerfile from php:8.0-fpm to php:8.2-fpm to address multiple security vulnerabilities.
• This change fixes vulnerabilities including Resource Exhaustion, Integer Overflow or Wraparound, and Cleartext Transmission of Sensitive Information.
• The new base image php:8.2-fpm has fewer known vulnerabilities, improving the security of the Docker image.

---

Changes walkthrough 📝

	Relevant files
Enhancement	Dockerfile Upgrade PHP base image to version 8.2-fpm                                docker/base-images/php:8.0/Dockerfile Upgraded base image from php:8.0-fpm to php:8.2-fpm Updated Dockerfile to use a more secure PHP version +1/-1

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[codemaker-ai-app]

Hello from @codemakerai.

CodeMaker AI GitHub App integration.

Usage:

@codemakerai [command or prompt]

Assistant

All Assistant features are supported in GitHub. Assistant can answer general questions as well as questions directly
related to code. It also has code editing capabilities.

@codemakerai assistant prompt - the assistant prompt
@codemakerai prompt - the assistant prompt. Alias to assistant command.

Commands

Pull Request Commands - commands that can be posted as comments on the pull request:

@codemakerai help - prints this help message
@codemakerai review process - process the most recent code review and all it's comments
@codemakerai generate code [codepath] - generate code for all files in pull request, or only for matching code path.
@codemakerai generate docs [codepath] - generate documentation for all files in pull request, or only for matching code path.
@codemakerai replace code [codepath] - replace code for all files in pull request, or only for matching code path.
@codemakerai replace docs [codepath] - replace documentation for all files in pull request, or only for matching code path.
@codemakerai fix syntax - fixes the syntax in all files
@codemakerai commit undo - removes the most recent commit

Pull Request Code Review Commands - commands that can be posted as comments on the code review i.e. "Files changed" tab:

@codemakerai assistant prompt - the assistant prompt
@codemakerai explain - explains the code
@codemakerai review - reviews the code

Triggers

To automatically trigger certain actions on pull requests you can create and use the following GitHub labels.

codemakerai-pull-request-generate-documentation - automatically generates comments/documentation on Pull Request creation.
codemakerai-pull-request-syntax-autocorrection - automatically corrects syntax on Pull Request creation.
codemakerai-pull-request-review-process - automatically processes code review comments on Pull Request Review submission.

For in depth explanation of the features, please consult https://docs.codemaker.ai

In case of any issues please report them to https://community.codemaker.ai

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ No key issues to review

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

PR Code Suggestions ✨

Category	Suggestion	Score
Best practice	Pin the version of external scripts to ensure stability and predictability It is recommended to pin the version of the install-php-extensions script to a specific release rather than using the latest version. This approach avoids potential issues with breaking changes or unexpected behaviors introduced in new versions of the script. docker/base-images/php:8.0/Dockerfile [3] -ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ +ADD https://github.com/mlocati/docker-php-extension-installer/releases/download/1.2.34/install-php-extensions /usr/local/bin/ Apply this suggestion Suggestion importance[1-10]: 9 Why: Pinning the version of external scripts is a best practice that ensures stability and predictability by avoiding potential issues with breaking changes or unexpected behaviors in new versions.	9