bdf1f1b395
Addresses Hadolint DL3008 warnings and ensures reproducible Docker builds by pinning all apt packages to specific Debian 13 (trixie) versions. Changes: - Dockerfile: Pin 21 packages with version constraints - tests/unit/build-iso_comprehensive_test.bats: Add 22 version pinning tests Pinned versions from Debian 13 candidate: - Base: ca-certificates, gnupg, curl, wget, git - Build: live-build, debootstrap, squashfs-tools, xorriso, grub-* - Testing: bats, shellcheck (bats-* helpers not versioned in Debian) - Security: nftables, iptables, auditd, rsyslog Fixes: FINDING-006 (Docker package versions not pinned) Reference: Hadolint DL3008, reproducible builds best practice 💘 Generated with Crush Assisted-by: Claude via Crush <crush@charm.land>
2.4 KiB
2.4 KiB