[Snyk] Security upgrade golang from 1.12.4-alpine to 1.25.3-alpine

[heratech]

Snyk has created this PR to fix 3 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• hydra/Dockerfile-e2e

We recommend upgrading to golang:1.25.3-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	NULL Pointer Dereference SNYK-ALPINE39-OPENSSL-588029	721
	NULL Pointer Dereference SNYK-ALPINE39-OPENSSL-588029	721
	Out-of-bounds Write SNYK-ALPINE39-MUSL-458529	714
	Out-of-bounds Write SNYK-ALPINE39-MUSL-458529	714
	NULL Pointer Dereference SNYK-ALPINE39-OPENSSL-1089231	621

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 NULL Pointer Dereference

[macroscopeapp]

Upgrade the hydra end-to-end test Docker image base from golang:1.12.4-alpine to golang:1.25.3-alpine for security

This change updates the base image used by the end-to-end test Dockerfile to a newer Go Alpine image. It modifies the hydra e2e build configuration to use golang:1.25.3-alpine instead of golang:1.12.4-alpine.

• Update the base image tag in [Dockerfile-e2e] to golang:1.25.3-alpine (https://github.com/parkhub/auth/pull/45/files#diff-0463839cca91793029757f68cb23ed2148e2141529a6ed76e42a9ca97166ae65)

📍Where to Start

Start with the base image declaration in Dockerfile-e2e to verify the tag change and any downstream build effects.

---

📊 Macroscope summarized 709e414. 0 files reviewed, 0 issues evaluated, 0 issues filtered, 0 comments posted

🗂️ Filtered Issues

No issues evaluated.

[gitstream-cm]

Please mark whether you used AI to assist coding in this PR

• AI Assisted
• Not AI Assisted

[gitstream-cm]

✨ PR Review

This security upgrade attempts to update the Golang base image, but the target version appears to be invalid and would likely cause build failures.

1 issues detected:

🐞 Bug - The Docker image tag golang:1.25.3-alpine does not exist and will cause build failures.

Details: The specified Golang version 1.25.3-alpine does not exist as a valid Docker image tag. Go versions currently range up to approximately 1.21-1.22, making 1.25.3 a non-existent future version that will cause Docker build failures.
File: hydra/Dockerfile-e2e (1-1)

Generated by LinearB AI and added by gitStream.
_{AI-generated content may contain inaccuracies. Please verify before using. We'd love your feedback! 🚀}

[gitstream-cm]

🐞 Bug - Invalid Docker Image: Verify the correct latest stable Golang version and update to a valid tag such as golang:1.21-alpine or golang:1.22-alpine instead of the non-existent 1.25.3-alpine.

Suggested change

	FROM golang:1.25.3-alpine
	FROM golang:1.21-alpine