Update deb repo in Chromium Dockerfile

[VietND96]

User description

Thanks for contributing to the Docker-Selenium project!
A PR well described will help maintainers to quickly review and merge it

Before submitting your PR, please check our contributing guidelines, applied for this repository.
Avoid large PRs, help reviewers by making them as simple and short as possible.

Description

stable channel with Chromium v131 only, meanwhile latest should be v133, so switching back sid channel.

Motivation and Context

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist

• I have read the contributing document.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.

---

PR Type

Enhancement

---

Description

• Updated the Debian repository in Chromium Dockerfile to use the 'sid' release.

• Ensured compatibility with updated Debian archive keyrings.

---

Changes walkthrough 📝

	Relevant files
Enhancement	Dockerfile Update Debian repository and keyrings in Dockerfile            NodeChromium/Dockerfile Changed Debian repository from 'stable' to 'sid'. Updated commands to append the new repository to sources.list. Ensured Debian archive keyrings are correctly downloaded and configured. +1/-1

---

Need help?

Type /help how to ... in the comments thread for any questions about Qodo Merge usage.

Check out the documentation for more information.

[qodo-merge-pro]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Stability Concern Changing from 'stable' to 'sid' Debian repository might introduce instability as 'sid' is Debian's unstable branch. This could potentially affect the reliability of the Docker image in production environments. RUN echo "deb ${CHROMIUM_DEB_SITE}/ sid main" >> /etc/apt/sources.list \

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Security	Add key verification checks Add error handling to verify that the GPG key downloads and imports succeed. The current implementation will continue even if key verification fails, which could lead to security issues. Adding checks ensures the build fails if security steps can't be completed. NodeChromium/Dockerfile [13-15] RUN echo "deb ${CHROMIUM_DEB_SITE}/ sid main" >> /etc/apt/sources.list \ && wget -qO- https://ftp-master.debian.org/keys/archive-key-12.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/debian-archive-keyring.gpg \ + && [ -s /etc/apt/trusted.gpg.d/debian-archive-keyring.gpg ] \ && wget -qO- https://ftp-master.debian.org/keys/archive-key-12-security.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/debian-archive-security-keyring.gpg \ + && [ -s /etc/apt/trusted.gpg.d/debian-archive-security-keyring.gpg ] \ Apply this suggestion Suggestion importance[1-10]: 8 __ Why: This suggestion addresses an important security concern by adding verification that GPG keys were properly downloaded and imported. Without these checks, the build would continue even if key verification failed, potentially leading to security vulnerabilities.	Medium
General	Improve error visibility Consider using the --no-verbose flag instead of -q with wget to ensure proper error reporting while still keeping output minimal. The current -q flag completely suppresses all output including error messages, which could make debugging difficult if downloads fail. NodeChromium/Dockerfile [13-15] RUN echo "deb ${CHROMIUM_DEB_SITE}/ sid main" >> /etc/apt/sources.list \ - && wget -qO- https://ftp-master.debian.org/keys/archive-key-12.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/debian-archive-keyring.gpg \ - && wget -qO- https://ftp-master.debian.org/keys/archive-key-12-security.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/debian-archive-security-keyring.gpg \ + && wget --no-verbose -O- https://ftp-master.debian.org/keys/archive-key-12.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/debian-archive-keyring.gpg \ + && wget --no-verbose -O- https://ftp-master.debian.org/keys/archive-key-12-security.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/debian-archive-security-keyring.gpg \ Apply this suggestion Suggestion importance[1-10]: 5 __ Why: Using --no-verbose instead of -q is a reasonable improvement that allows error messages to be displayed while still keeping output minimal. This makes debugging easier if downloads fail, though it's a moderate enhancement rather than fixing a critical issue.	Low
More

[qodo-merge-pro]

CI Feedback 🧐

(Feedback updated until commit b4eddc0)

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Rerun workflow when failure

Failed stage: Authenticate GitHub CLI for PR [❌]

Failure summary: The GitHub action failed because the provided token (GH_CLI_TOKEN_PR) lacks the required permission scope. Specifically: The GitHub CLI (gh) authentication failed with error: "missing required scope 'read:org'" The token being used for authentication needs the 'read:org' permission scope, but it doesn't have it This caused the workflow to exit with code 1, preventing further execution

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 28: SecurityEvents: write 29: Statuses: write 30: ##[endgroup] 31: Secret source: Actions 32: Prepare workflow directory 33: Prepare all required actions 34: Getting action download info 35: Download action repository 'actions/checkout@main' (SHA:85e6279cec87321a52edac9c87bce653a07cf6c2) 36: Complete job name: Rerun workflow when failure ... 48: show-progress: true 49: lfs: false 50: submodules: false 51: set-safe-directory: true 52: env: 53: GH_CLI_TOKEN: *** 54: GH_CLI_TOKEN_PR: *** 55: RUN_ID: 13689609826 56: RERUN_FAILED_ONLY: true ... 119: ##[group]Run sudo apt update 120: �[36;1msudo apt update�[0m 121: �[36;1msudo apt install gh�[0m 122: shell: /usr/bin/bash -e {0} 123: env: 124: GH_CLI_TOKEN: *** 125: GH_CLI_TOKEN_PR: *** 126: RUN_ID: 13689609826 127: RERUN_FAILED_ONLY: true ... 166: 0 upgraded, 0 newly installed, 0 to remove and 38 not upgraded. 167: ##[group]Run echo "$GH_CLI_TOKEN_PR" | gh auth login --with-token 168: �[36;1mecho "$GH_CLI_TOKEN_PR" | gh auth login --with-token�[0m 169: shell: /usr/bin/bash -e {0} 170: env: 171: GH_CLI_TOKEN: *** 172: GH_CLI_TOKEN_PR: *** 173: RUN_ID: 13689609826 174: RERUN_FAILED_ONLY: true 175: RUN_ATTEMPT: 1 176: ##[endgroup] 177: error validating token: missing required scope 'read:org' 178: ##[error]Process completed with exit code 1.