--- title: "12.9 Alpine Linux image deprecation for Python Dependency Scans" author: Nicole Schwartz author_gitlab: NicoleSchwartz author_twitter: gitlab categories: releases description: "We're excited to announce that we will be making Debian slim the base image for our Python Dependency Scans." tags: releases ee_cta: false # install_cta: false # --- We evaluated changing our base image from [Alpine Linux](https://www.alpinelinux.org/) in [issue #13694](https://gitlab.com/gitlab-org/gitlab/issues/13694#conclusion) in order to enhance our Python support, specifically enabling [manylinux2010](https://www.python.org/dev/peps/pep-0571/#the-manylinux2010-policy). We have decided to switch to [Debian slim](https://www.debian.org) in order to make the scanner support more Python projects. You can follow the work in progress in [issue #196833](https://gitlab.com/gitlab-org/gitlab/issues/196833). ## When will this happen? Starting with the release of GitLab 12.9 on March 22, 2020 you will no longer get an Alpine-based image for Python dependency scanning. **This will impact you even if you are running an older release**. ## What does this mean for you? Because the base image will no longer be Alpine, you may need to make modifications if you use Alpine-specific commands such as `apk add xyz`: 1. Right before the scan (only if docker-in-docker is disabled) or 1. When building a variant of the official Docker image ## Actions you need to take if you are using Alpine-specific commands * If you regularly build your own Docker image on top of [gemnasium-python:2](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-python), and rely on [CI variables](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#available-variables) like `DS_ANALYZER_IMAGES`, this will break the next time you try to build the image on top of `gemnasium-python:2`. It won't break at run-time though. You can build your image on top of `gemnasium-python:2.6.0` to work around that. * If you have [disabled Docker in Docker](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#disabling-docker-in-docker-for-dependency-scanning), and you've set the `before_script` of the `gemnasium-python-dependency_scanning` job definition, this will break at run-time when executing the job, *unless* you [override the job definition](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#overriding-the-dependency-scanning-template) to explicitly use a `gemnasium-python` image that was built before switching to Debian, like `gemnasium-python:2.6.0`. ----