Security checks

pbdco · Dec 24, 2024 · 556f06f · 556f06f
1 parent 15e9b7a
commit 556f06f
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 6 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -11,15 +11,17 @@ RUN apt-get update && \
     python3-dev \
     && rm -rf /var/lib/apt/lists/*
 
-# Upgrade pip and setuptools to secure versions
-RUN pip install --no-cache-dir --upgrade \
-    pip>=23.3.2 \
-    setuptools>=70.0.0 \
-    wheel>=0.42.0
+# Upgrade pip and setuptools first, before any other package
+RUN pip install --no-cache-dir pip>=23.3.2 && \
+    pip install --no-cache-dir setuptools>=70.0.0 wheel>=0.42.0 && \
+    pip list | grep setuptools
 
 # Copy requirements file
 COPY requirements.txt .
 
+# Remove setuptools from requirements.txt if present
+RUN sed -i '/setuptools/d' requirements.txt
+
 # Install Python dependencies
 RUN pip install --no-cache-dir -r requirements.txt
 
@@ -30,5 +32,8 @@ COPY . .
 ENV PYTHONUNBUFFERED=1 \
     PYTHONDONTWRITEBYTECODE=1
 
+# Verify setuptools version
+RUN pip list | grep setuptools
+
 # Run the application
 CMD ["gunicorn", "--bind", "0.0.0.0:5001", "--workers", "4", "api:app"]
diff --git a/requirements.txt b/requirements.txt
@@ -1,4 +1,3 @@
-setuptools>=70.0.0
 wheel>=0.42.0
 Flask>=3.0.0
 redis>=5.0.1