A NodeJS 24 runtime environment with the NodeJS interpreter and npm, suitable for running and developing NodeJS 24 applications.
Getting Started
To pull the image:
docker pull registry.hardened.eu/library/nodejs24:latest
Verifying Image Signatures
All Hardened B.V. images are signed using cosign. You can verify the signature using the following steps:
Save the public key:
cat >hardened.pub <<EOL
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbxhUFlXkIIbDzdRAR9rc6kDPNb+k
J48lhqqlOMyiq3jkbKXNj2sEFMduFlNh63MrZA59PKf4TjS1AiCrvaFXNA==
-----END PUBLIC KEY-----
EOL
Verify the image signature:
cosign verify --key hardened.pub registry.hardened.eu/library/nodejs24:latest
The verification will show the signature details and confirm the image’s authenticity.
To verify the SBOM, run the following command:
cosign verify-attestation --type spdxjson --key hardened.pub registry.hardened.eu/library/nodejs24:latest
To download the SBOM, run the same command and decode it:
cosign verify-attestation --type spdxjson --key hardened.pub registry.hardened.eu/library/nodejs24:latest | jq -r .payload | base64 -d | jq -r .predicate > nodejs24-spdx.json
Trademarks
This software is packaged by Hardened B.V. All trademarks are property of their respective owners. Use of these images does not imply any affiliation or endorsement.
The latest tag is only public. Contact us for detailed information.
Hash | Tag | Size (compressed) | Last updated | Actions |
---|---|---|---|---|
sha256:a053de45770b1... |
latest
x86_64
|
36.59 MB | 22:02:24 21/08/2025 UTC (Calculating...) | |
•••••••••••• | •••••••••••• | •••••••••••• | •••••••••••• | Contact Hardened |
Package | Version | License |
---|---|---|
@isaacs/cliui | 8.0.2 | ISC |
@isaacs/fs-minipass | 4.0.1 | ISC |
@isaacs/string-locale-compare | 1.1.0 | ISC |
@npmcli/agent | 3.0.0 | ISC |
@npmcli/arborist | 9.0.2 | ISC |
@npmcli/config | 10.2.0 | ISC |
@npmcli/fs | 4.0.0 | ISC |
@npmcli/git | 6.0.3 | ISC |
@npmcli/installed-package-contents | 3.0.0 | ISC |
@npmcli/map-workspaces | 4.0.2 | ISC |
@npmcli/metavuln-calculator | 9.0.0 | ISC |
@npmcli/name-from-folder | 3.0.0 | ISC |
@npmcli/node-gyp | 4.0.0 | ISC |
@npmcli/package-json | 6.1.1 | ISC |
@npmcli/promise-spawn | 8.0.2 | ISC |
@npmcli/query | 4.0.0 | ISC |
@npmcli/redact | 3.1.1 | ISC |
@npmcli/run-script | 9.1.0 | ISC |
@pkgjs/parseargs | 0.11.0 | MIT |
@sigstore/bundle | 3.1.0 | Apache-2.0 |
@sigstore/core | 2.0.0 | Apache-2.0 |
@sigstore/protobuf-specs | 0.4.0 | Apache-2.0 |
@sigstore/sign | 3.1.0 | Apache-2.0 |
@sigstore/tuf | 3.1.0 | Apache-2.0 |
@sigstore/verify | 2.1.0 | Apache-2.0 |
@tufjs/canonical-json | 2.0.0 | MIT |
@tufjs/models | 3.0.1 | MIT |
abbrev | 3.0.0 | ISC |
agent-base | 7.1.3 | MIT |
alpine-os-release | 3.22-r2 | MIT |
ansi-regex | 5.0.1 | MIT |
ansi-regex | 6.1.0 | MIT |
ansi-styles | 4.3.0 | MIT |
ansi-styles | 6.2.1 | MIT |
aproba | 2.0.0 | ISC |
archy | 1.0.0 | MIT |
balanced-match | 1.0.2 | MIT |
bin-links | 5.0.0 | ISC |
binary-extensions | 3.0.0 | MIT |
brace-expansion | 2.0.1 | MIT |
brotli-libs | 1.1.0-r2 | MIT |
busybox | 10.0.0-r0 | GPL-2.0-only |
c-ares | 1.34.5-r0 | MIT |
cacache | 19.0.1 | ISC |
chalk | 5.4.1 | MIT |
chownr | 2.0.0 | ISC |
chownr | 3.0.0 | BlueOak-1.0.0 |
ci-info | 4.2.0 | MIT |
cidr-regex | 4.1.3 | BSD-2-Clause |
cli-columns | 4.0.0 | MIT |
cmd-shim | 7.0.0 | ISC |
color-convert | 2.0.1 | MIT |
color-name | 1.1.4 | MIT |
common-ancestor-path | 1.0.1 | ISC |
cross-spawn | 7.0.6 | MIT |
cssesc | 3.0.0 | MIT |
dash | 0.5.12-r3 | (BSD-3-Clause AND GPL-2.0-or-later) |
dash-binsh | 0.5.12-r3 | (BSD-3-Clause AND GPL-2.0-or-later) |
debug | 4.4.0 | MIT |
diff | 7.0.0 | BSD-3-Clause |
eastasianwidth | 0.2.0 | MIT |
emoji-regex | 8.0.0 | MIT |
emoji-regex | 9.2.2 | MIT |
encoding | 0.1.13 | MIT |
env-paths | 2.2.1 | MIT |
err-code | 2.0.3 | MIT |
exponential-backoff | 3.1.2 | Apache-2.0 |
fastest-levenshtein | 1.0.16 | MIT |
fdir | 6.4.3 | MIT |
foreground-child | 3.3.1 | ISC |
fs-minipass | 2.1.0 | ISC |
fs-minipass | 3.0.3 | ISC |
glob | 10.4.5 | ISC |
graceful-fs | 4.2.11 | ISC |
hosted-git-info | 8.0.2 | ISC |
http-cache-semantics | 4.1.1 | BSD-2-Clause |
http-proxy-agent | 7.0.2 | MIT |
https-proxy-agent | 7.0.6 | MIT |
iconv-lite | 0.6.3 | MIT |
icu-data-en | 76.1-r1 | ICU |
icu-libs | 76.1-r1 | ICU |
ignore-walk | 7.0.0 | ISC |
imurmurhash | 0.1.4 | MIT |
ini | 5.0.0 | ISC |
init-package-json | 8.0.0 | ISC |
ip-address | 9.0.5 | MIT |
ip-regex | 5.0.0 | MIT |
is-cidr | 5.1.1 | BSD-2-Clause |
is-fullwidth-code-point | 3.0.0 | MIT |
isexe | 2.0.0 | ISC |
isexe | 3.1.1 | ISC |
jackspeak | 3.4.3 | BlueOak-1.0.0 |
jsbn | 1.1.0 | MIT |
json-parse-even-better-errors | 4.0.0 | MIT |
json-stringify-nice | 1.1.4 | ISC |
jsonparse | 1.3.1 | MIT |
just-diff | 6.0.2 | MIT |
just-diff-apply | 5.5.0 | MIT |
libcrypto3 | 3.5.2-r0 | Apache-2.0 |
libgcc | 14.2.0-r6 | (GPL-2.0-or-later AND LGPL-2.1-or-later) |
libnpmaccess | 10.0.0 | ISC |
libnpmdiff | 8.0.2 | ISC |
libnpmexec | 10.1.1 | ISC |
libnpmfund | 7.0.2 | ISC |
libnpmorg | 8.0.0 | ISC |
libnpmpack | 9.0.2 | ISC |
libnpmpublish | 11.0.0 | ISC |
libnpmsearch | 9.0.0 | ISC |
libnpmteam | 8.0.0 | ISC |
libnpmversion | 8.0.0 | ISC |
libssl3 | 3.5.2-r0 | Apache-2.0 |
libstdc++ | 14.2.0-r6 | (GPL-2.0-or-later AND LGPL-2.1-or-later) |
libuv | 1.51.0-r0 | MIT |
lru-cache | 10.4.3 | ISC |
make-fetch-happen | 14.0.3 | ISC |
minimatch | 9.0.5 | ISC |
minipass | 3.3.6 | ISC |
minipass | 5.0.0 | ISC |
minipass | 7.1.2 | ISC |
minipass-collect | 2.0.1 | ISC |
minipass-fetch | 4.0.1 | MIT |
minipass-flush | 1.0.5 | ISC |
minipass-pipeline | 1.2.4 | ISC |
minipass-sized | 1.0.3 | ISC |
minizlib | 2.1.2 | MIT |
minizlib | 3.0.2 | MIT |
mkdirp | 1.0.4 | MIT |
mkdirp | 3.0.1 | MIT |
ms | 2.1.3 | MIT |
musl | 1.2.5-r10 | MIT |
mute-stream | 2.0.0 | ISC |
negotiator | 1.0.0 | MIT |
nghttp2-libs | 1.65.0-r0 | MIT |
node-gyp | 11.2.0 | MIT |
nodejs-24 | 24.6.0-r0 | MIT |
nopt | 8.1.0 | ISC |
normalize-package-data | 7.0.0 | BSD-2-Clause |
npm | 11.3.0 | Artistic-2.0 |
npm | 11.3.0-r1 | Artistic-2.0 |
npm-audit-report | 6.0.0 | ISC |
npm-bundled | 4.0.0 | ISC |
npm-install-checks | 7.1.1 | BSD-2-Clause |
npm-normalize-package-bin | 4.0.0 | ISC |
npm-package-arg | 12.0.2 | ISC |
npm-packlist | 10.0.0 | ISC |
npm-pick-manifest | 10.0.0 | ISC |
npm-profile | 11.0.1 | ISC |
npm-registry-fetch | 18.0.2 | ISC |
npm-user-validate | 3.0.0 | BSD-2-Clause |
p-map | 7.0.3 | MIT |
package-json-from-dist | 1.0.1 | BlueOak-1.0.0 |
pacote | 21.0.0 | ISC |
parse-conflict-json | 4.0.0 | ISC |
path-key | 3.1.1 | MIT |
path-scurry | 1.11.1 | BlueOak-1.0.0 |
picomatch | 4.0.2 | MIT |
postcss-selector-parser | 6.1.2 | MIT |
proc-log | 5.0.0 | ISC |
proggy | 3.0.0 | ISC |
promise-all-reject-late | 1.0.1 | ISC |
promise-call-limit | 3.0.2 | ISC |
promise-retry | 2.0.1 | MIT |
promzard | 2.0.0 | ISC |
qrcode-terminal | 0.12.0 | LicenseRef-Apache-2.0 |
read | 4.1.0 | ISC |
read-cmd-shim | 5.0.0 | ISC |
read-package-json-fast | 4.0.0 | ISC |
retry | 0.12.0 | MIT |
safer-buffer | 2.1.2 | MIT |
semver | 7.7.1 | ISC |
shebang-command | 2.0.0 | MIT |
shebang-regex | 3.0.0 | MIT |
signal-exit | 4.1.0 | ISC |
sigstore | 3.1.0 | Apache-2.0 |
smart-buffer | 4.2.0 | MIT |
socks | 2.8.4 | MIT |
socks-proxy-agent | 8.0.5 | MIT |
spdx-correct | 3.2.0 | Apache-2.0 |
spdx-exceptions | 2.5.0 | CC-BY-3.0 |
spdx-expression-parse | 3.0.1 | MIT |
spdx-expression-parse | 4.0.0 | MIT |
spdx-license-ids | 3.0.21 | CC0-1.0 |
sprintf-js | 1.1.3 | BSD-3-Clause |
ssri | 12.0.0 | ISC |
string-width | 4.2.3 | MIT |
string-width | 5.1.2 | MIT |
strip-ansi | 6.0.1 | MIT |
strip-ansi | 7.1.0 | MIT |
supports-color | 10.0.0 | MIT |
tar | 6.2.1 | ISC |
tar | 7.4.3 | ISC |
text-table | 0.2.0 | MIT |
tiny-relative-date | 1.3.0 | MIT |
tinyglobby | 0.2.12 | MIT |
treeverse | 3.0.0 | ISC |
tuf-js | 3.0.1 | MIT |
unique-filename | 4.0.0 | ISC |
unique-slug | 5.0.0 | ISC |
util-deprecate | 1.0.2 | MIT |
validate-npm-package-license | 3.0.4 | Apache-2.0 |
validate-npm-package-name | 6.0.0 | ISC |
walk-up-path | 4.0.0 | ISC |
which | 2.0.2 | ISC |
which | 5.0.0 | ISC |
wrap-ansi | 7.0.0 | MIT |
wrap-ansi | 8.1.0 | MIT |
write-file-atomic | 6.0.0 | ISC |
yallist | 4.0.0 | ISC |
yallist | 5.0.0 | BlueOak-1.0.0 |
zlib | 1.3.1-r2 | Zlib |
The Apache License 2.0 is also a permissive license, similar to the MIT License, but with additional protections related... Show more
The Artistic License 2.0 is a permissive free software license, used by Perl and others, allowing modification and redis... Show more
The Blue Oak Model License 1.0.0 is a permissive open source license designed to be simple and clear, allowing nearly un... Show more
The BSD 2-Clause License is a permissive license originating from the Berkeley Software Distribution (BSD). It allows fo... Show more
The BSD 3-Clause License is another permissive license originating from the Berkeley Software Distribution (BSD). It all... Show more
Creative Commons Attribution 3.0 (CC BY 3.0) allows for redistribution, commercial and non-commercial, as long as credit... Show more
Creative Commons Zero v1.0 Universal (CC0 1.0) is a public domain dedication, allowing anyone to use the work for any pu... Show more
The GNU General Public License version 2 (GPL-2.0) is a strict copyleft license. If you modify and distribute software l... Show more
The ISC License is functionally similar to the MIT and BSD licenses but written in simpler language. It's favored for it... Show more
The MIT License is a highly permissive open-source license. It allows users to do almost anything with a project, includ... Show more
The zlib License is a permissive license that allows users to use, modify, and distribute the software freely. It's simi... Show more
CVE | Severity | Package | Version | Fixed In | |
---|---|---|---|---|---|
GHSA-v6h2-p8h4-qcjw | Low | brace-expansion | 2.0.1 | 2.0.2 | |
brace-expansion Regular Expression Denial of Service vulnerability
|
Image comparison functionality will be implemented in a future release.