From 556f06f9c94b1af2ec5186e6d917cc7c1afd4e7f Mon Sep 17 00:00:00 2001
From: pbdco <64397076+pbdco@users.noreply.github.com>
Date: Tue, 24 Dec 2024 14:32:00 +0100
Subject: [PATCH] Security checks

---
 Dockerfile       | 15 ++++++++++-----
 requirements.txt |  1 -
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c92d194..db5d040 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,15 +11,17 @@ RUN apt-get update && \
     python3-dev \
     && rm -rf /var/lib/apt/lists/*
 
-# Upgrade pip and setuptools to secure versions
-RUN pip install --no-cache-dir --upgrade \
-    pip>=23.3.2 \
-    setuptools>=70.0.0 \
-    wheel>=0.42.0
+# Upgrade pip and setuptools first, before any other package
+RUN pip install --no-cache-dir pip>=23.3.2 && \
+    pip install --no-cache-dir setuptools>=70.0.0 wheel>=0.42.0 && \
+    pip list | grep setuptools
 
 # Copy requirements file
 COPY requirements.txt .
 
+# Remove setuptools from requirements.txt if present
+RUN sed -i '/setuptools/d' requirements.txt
+
 # Install Python dependencies
 RUN pip install --no-cache-dir -r requirements.txt
 
@@ -30,5 +32,8 @@ COPY . .
 ENV PYTHONUNBUFFERED=1 \
     PYTHONDONTWRITEBYTECODE=1
 
+# Verify setuptools version
+RUN pip list | grep setuptools
+
 # Run the application
 CMD ["gunicorn", "--bind", "0.0.0.0:5001", "--workers", "4", "api:app"]
diff --git a/requirements.txt b/requirements.txt
index f8642d6..8a0c1b1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,3 @@
-setuptools>=70.0.0
 wheel>=0.42.0
 Flask>=3.0.0
 redis>=5.0.1