Bump frankenphp

[ildyria]

Summary by CodeRabbit

• Chores
  • Updated the base container image to a newer digest for improved security and performance.
• Security
  • Added a vulnerability-ignore configuration to document and suppress a known scanner false positive (references a specific CVE) while awaiting upstream dependency updates.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated the Dockerfile Stage 3 base image digest for dunglas/frankenphp:php8.5-trixie and added a new .trivyignore file containing comments and the CVE-2026-25793 identifier; no functional code or public API changes.

Changes

Cohort / File(s)	Summary
Docker Configuration Dockerfile	Updated Stage 3 base image digest from sha256:7a696b697a8a16ce19f9488485d2f3b613ef590d3a3391d98f835292da191419 to sha256:a7d406a6227987e83bde778d81f72be787cacb6ad3d96aade85bd5e463a89732 for dunglas/frankenphp:php8.5-trixie.
Security Scan Ignore .trivyignore	Added a new .trivyignore file with comments about an expected true positive and pending FrankenPHP Go dependency update, and includes CVE-2026-25793.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

I nibbled a digest, crisp and neat,
One hash swapped out to keep builds sweet,
A tiny ignore for a scanner's song,
Hop, hop—config steady, nothing wrong,
Rabbit cheers as CI hums along! 🐇✨

🚥 Pre-merge checks | ✅ 1

✅ Passed checks (1 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

No actionable comments were generated in the recent review. 🎉

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}