Skip to content

Commit

Permalink
Update protobufjs to 7.0.5 to avoid CVE-2023-36665, remove dev depend…
Browse files Browse the repository at this point in the history 
…encies to fix CVE-2022-35177, make production container non root
  • Loading branch information
Андрей Лалаев committed Jan 16, 2024
1 parent 526991a commit ea1f59b
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 10,383 deletions.
6 changes: 5 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,11 @@ FROM node:20-slim

COPY . /app
WORKDIR /app
RUN npm install

RUN groupadd -r qryn && useradd -r -g qryn -m qryn && chown -R qryn:qryn /app
USER qryn

RUN npm install --omit=dev

# Expose Ports
EXPOSE 3100
Expand Down
Loading

0 comments on commit ea1f59b

Please sign in to comment.