We evaluated changing our base image from Alpine Linux in issue #13694 in order to enhance our Python support, specifically enabling manylinux2010. We have decided to switch to Debian slim in order to make the scanner support more Python projects. You can follow the work in progress in issue #196833.

When will this happen?

Starting with the release of GitLab 12.9 on March 22, 2020 you will no longer get an Alpine-based image for Python dependency scanning. This will impact you even if you are running an older release.

What does this mean for you?

Because the base image will no longer be Alpine, you may need to make modifications if you use Alpine-specific commands such as apk add xyz:

  1. Right before the scan (only if docker-in-docker is disabled) or
  2. When building a variant of the official Docker image

Actions you need to take if you are using Alpine-specific commands


Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license