From 8cee5ef02f411f9f1f0ea2480dd4f7f3cd7e66d0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 23 May 2024 03:39:58 +0000
Subject: [PATCH 1/2] Bump alpine from 3.19.1 to 3.20.0

Bumps alpine from 3.19.1 to 3.20.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index dd8b2aa..ea69454 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.19.1@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
+FROM alpine:3.20.0@sha256:77726ef6b57ddf65bb551896826ec38bc3e53f75cdde31354fbffb4f25238ebd
 
 USER root
 

From 90f508a71c93a3a6b2ad754a7c90c15b33315d2a Mon Sep 17 00:00:00 2001
From: Jonathan Harden <jonathan.harden@digital.cabinet-office.gov.uk>
Date: Thu, 23 May 2024 10:59:38 +0100
Subject: [PATCH 2/2] Update naxsi packages

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ea69454..46ea7bf 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,8 +11,8 @@ RUN ["apk", "--no-cache", "add", \
   "curl", \
   "dnsmasq", \
   # If you update these nginx packages you MUST update the software components list: https://manual.payments.service.gov.uk/manual/policies-and-procedures/software-components-list.html
-  "nginx-mod-http-naxsi=1.24.0-r15", \
-  "nginx-mod-http-xslt-filter=1.24.0-r15", \
+  "nginx-mod-http-naxsi=1.26.0-r1", \
+  "nginx-mod-http-xslt-filter=1.26.0-r1", \
   "openssl", \
   "tini" \
 ]