ISSUE_NUMBER: GH-35
Description
The final Docker image includes build-essential and potentially curl, which are likely not required at runtime. Removing these packages will reduce the image size and improve security.
File: repositories/jobflowapi/Dockerfile
Lines: 34-40, 43-47
Severity: medium
Current Behavior
The final image contains development tools that are not needed for running the application.
Expected Behavior
The final image should only contain the packages required to run the application.
Suggested Fix
Remove build-essential and curl from the second stage of the Dockerfile. Verify that the application still functions correctly after removing these packages.
Code Context
# Stage 2: Final Image
FROM python:3.9.18-slim
# Install runtime dependencies for PyMuPDF
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
curl \
libmupdf-dev \
&& rm -rf /var/lib/apt/lists/*
Additional Notes
Reducing the image size improves deployment speed and reduces the attack surface.
ISSUE_NUMBER: GH-35
Description
The final Docker image includes
build-essentialand potentiallycurl, which are likely not required at runtime. Removing these packages will reduce the image size and improve security.File:
repositories/jobflowapi/DockerfileLines: 34-40, 43-47
Severity: medium
Current Behavior
The final image contains development tools that are not needed for running the application.
Expected Behavior
The final image should only contain the packages required to run the application.
Suggested Fix
Remove
build-essentialandcurlfrom the second stage of the Dockerfile. Verify that the application still functions correctly after removing these packages.Code Context
Additional Notes
Reducing the image size improves deployment speed and reduces the attack surface.