username/bouncer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: switch to alpine base image and upgrade pip
All checks were successful
CI / secrets (push) Successful in 8s
Details
CI / lint (push) Successful in 11s
Details
CI / test (push) Successful in 26s
Details
CI / build (push) Successful in 31s
Details

Browse Source 
Replace python:3.12-slim (Debian) with python:3.12-alpine to reduce
image size and eliminate 68 Debian-inherited CVEs. Upgrade pip to
resolve CVE-2025-8869. Build deps installed temporarily for native
extensions (cryptography) and removed after pip install.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
user
2026-02-24 12:54:16 +01:00
parent f9f38adadc
commit 2b893969d2
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Containerfile
View File

@@ -1,9 +1,12 @@
FROM python:3.12-slim
FROM python:3.12-alpine
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
RUN apk add --no-cache --virtual .build gcc musl-dev libffi-dev openssl-dev && \
pip install --no-cache-dir --upgrade pip && \
pip install --no-cache-dir -r requirements.txt && \
apk del .build
COPY src/ /app/src/