[Snyk] Security upgrade node from lts-slim to 24.14.0-slim

[kevin-benton]

Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• Dockerfile

We recommend upgrading to node:24.14.0-slim, as this image has only 39 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Integer Overflow or Wraparound SNYK-DEBIAN12-ZLIB-6008963	244
	CVE-2005-2541 SNYK-DEBIAN12-TAR-1560620	186
	Out-of-Bounds SNYK-DEBIAN12-GLIBC-1547196	182
	Out-of-Bounds SNYK-DEBIAN12-GLIBC-1547196	182
	Improper Certificate Validation SNYK-DEBIAN12-PERL-5489184	167

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Integer Overflow or Wraparound
🦉 Out-of-Bounds

[kevin-benton]

This upgrade from a Node.js Long-Term Support (LTS) version to version 24 is a high-risk operation involving multiple major version jumps (e.g., from v22 LTS through v23 to v24). It introduces significant breaking changes that require developer action and thorough testing.

Key Breaking Changes:

• Platform Support:

  • Support for 32-bit Windows (x86) was removed in Node.js 23.0.0.
  • Support for 32-bit Linux on armv7 was removed in Node.js 24.0.0.
  • Pre-built binaries for macOS now require a minimum of macOS 13.5.

• Crypto & Security:

  • Node.js 24 ships with OpenSSL 3.5, which enforces a higher default security level.
  • RSA, DSA, and DH keys shorter than 2048 bits, and ECC keys shorter than 224 bits, are now prohibited.
  • This can break applications relying on older or weaker cryptographic keys and ciphers.

• Module Loading:

  • Node.js 23 enabled the ability to use require() for ES Modules (ESM) by default. While intended to improve interoperability, this changes module loading behavior and can cause regressions, especially if an ES module uses top-level await.

• Toolchain & Dependencies:

  • Node.js 24 ships with npm v11, which includes its own set of changes, such as removing the npm hook command.
  • The underlying V8 JavaScript engine is upgraded to v13.6, introducing new JavaScript features but also potentially subtle behavioral changes.
  • C/C++ addons may need to be updated and recompiled for the new V8 version.

Recommendation: This is a major environment upgrade. Before merging, developers must:

1. Verify Environment Compatibility: Ensure your deployment infrastructure (OS, architecture) is supported by Node.js 24.
2. Audit Cryptography: Review all cryptographic operations to ensure keys and ciphers meet the new, stricter OpenSSL security standards.
3. Test Module Loading: Thoroughly test your application's startup and module resolution, paying close attention to any mix of CommonJS and ES Modules.
4. Rebuild Native Addons: Identify and rebuild any native C/C++ addons against the new Node.js headers.

Source: Node.js v22 to v24 Migration Guide, Node.js 24 Release Notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.