diff options
| author | kj_sh604 | 2026-02-15 20:16:50 -0500 |
|---|---|---|
| committer | kj_sh604 | 2026-02-15 20:16:50 -0500 |
| commit | fafc3e29832779b5ccbea8fd21dc9fd5af67de38 (patch) | |
| tree | bc366424bcaa40c3f62750031b9a6313074fe922 | |
| parent | 13cb49893347f6c60e2ff0d07a1c9bc79abbca28 (diff) | |
refactor: HIGH CVE fixes
also commit to the bigger image size and just install all the fonts
| -rw-r--r-- | Dockerfile | 297 |
1 files changed, 151 insertions, 146 deletions
| @@ -5,6 +5,8 @@ ENV PYTHONDONTWRITEBYTECODE=1 \ | |||
| 5 | PIP_NO_CACHE_DIR=1 \ | 5 | PIP_NO_CACHE_DIR=1 \ |
| 6 | PIP_DISABLE_PIP_VERSION_CHECK=1 | 6 | PIP_DISABLE_PIP_VERSION_CHECK=1 |
| 7 | 7 | ||
| 8 | ARG DEBIAN_FRONTEND=noninteractive | ||
| 9 | |||
| 8 | # system deps + libreoffice fresh ppa | 10 | # system deps + libreoffice fresh ppa |
| 9 | RUN apt-get update && \ | 11 | RUN apt-get update && \ |
| 10 | apt-get install -y --no-install-recommends \ | 12 | apt-get install -y --no-install-recommends \ |
| @@ -18,156 +20,159 @@ RUN apt-get update && \ | |||
| 18 | python3-venv \ | 20 | python3-venv \ |
| 19 | libreoffice \ | 21 | libreoffice \ |
| 20 | poppler-utils \ | 22 | poppler-utils \ |
| 21 | # fonts-liberation2 \ | 23 | fonts-liberation2 \ |
| 22 | # fonts-dejavu \ | 24 | fonts-dejavu \ |
| 23 | # fonts-dejavu-extra \ | 25 | fonts-dejavu-extra \ |
| 24 | # fonts-noto \ | 26 | fonts-noto \ |
| 25 | # fonts-noto-color-emoji \ | 27 | fonts-noto-color-emoji \ |
| 26 | # fonts-noto-core \ | 28 | fonts-noto-core \ |
| 27 | # fonts-noto-extra \ | 29 | fonts-noto-extra \ |
| 28 | # fonts-noto-ui-core \ | 30 | fonts-noto-ui-core \ |
| 29 | # fonts-noto-ui-extra \ | 31 | fonts-noto-ui-extra \ |
| 30 | # fonts-noto-cjk \ | 32 | fonts-noto-cjk \ |
| 31 | # fonts-noto-cjk-extra \ | 33 | fonts-noto-cjk-extra \ |
| 32 | # fonts-noto-hinted \ | 34 | fonts-noto-hinted \ |
| 33 | # fonts-noto-unhinted \ | 35 | fonts-noto-unhinted \ |
| 34 | # fonts-freefont-ttf \ | 36 | fonts-freefont-ttf \ |
| 35 | # fonts-urw-base35 \ | 37 | fonts-urw-base35 \ |
| 36 | # fonts-font-awesome \ | 38 | fonts-font-awesome \ |
| 37 | # fonts-powerline \ | 39 | fonts-powerline \ |
| 38 | # ttf-mscorefonts-installer \ | 40 | ttf-mscorefonts-installer \ |
| 39 | # fonts-cascadia-code \ | 41 | fonts-cascadia-code \ |
| 40 | # fonts-firacode \ | 42 | fonts-firacode \ |
| 41 | # fonts-roboto \ | 43 | fonts-roboto \ |
| 42 | # fonts-roboto-slab \ | 44 | fonts-roboto-slab \ |
| 43 | # fonts-ubuntu \ | 45 | fonts-ubuntu \ |
| 44 | # fonts-hack \ | 46 | fonts-hack \ |
| 45 | # fonts-lato \ | 47 | fonts-lato \ |
| 46 | # fonts-open-sans \ | 48 | fonts-open-sans \ |
| 47 | # fonts-inconsolata \ | 49 | fonts-inconsolata \ |
| 48 | # fonts-droid-fallback \ | 50 | fonts-droid-fallback \ |
| 49 | # fonts-symbola \ | 51 | fonts-symbola \ |
| 50 | # fonts-ancient-scripts \ | 52 | fonts-ancient-scripts \ |
| 51 | # fonts-indic \ | 53 | fonts-indic \ |
| 52 | # fonts-beng \ | 54 | fonts-beng \ |
| 53 | # fonts-deva \ | 55 | fonts-deva \ |
| 54 | # fonts-gargi \ | 56 | fonts-gargi \ |
| 55 | # fonts-gubbi \ | 57 | fonts-gubbi \ |
| 56 | # fonts-gujr \ | 58 | fonts-gujr \ |
| 57 | # fonts-guru \ | 59 | fonts-guru \ |
| 58 | # fonts-kalapi \ | 60 | fonts-kalapi \ |
| 59 | # fonts-knda \ | 61 | fonts-knda \ |
| 60 | # fonts-lohit-beng-assamese \ | 62 | fonts-lohit-beng-assamese \ |
| 61 | # fonts-lohit-beng-bengali \ | 63 | fonts-lohit-beng-bengali \ |
| 62 | # fonts-lohit-deva \ | 64 | fonts-lohit-deva \ |
| 63 | # fonts-lohit-gujr \ | 65 | fonts-lohit-gujr \ |
| 64 | # fonts-lohit-guru \ | 66 | fonts-lohit-guru \ |
| 65 | # fonts-lohit-knda \ | 67 | fonts-lohit-knda \ |
| 66 | # fonts-lohit-mlym \ | 68 | fonts-lohit-mlym \ |
| 67 | # fonts-lohit-orya \ | 69 | fonts-lohit-orya \ |
| 68 | # fonts-lohit-taml \ | 70 | fonts-lohit-taml \ |
| 69 | # fonts-lohit-taml-classical \ | 71 | fonts-lohit-taml-classical \ |
| 70 | # fonts-lohit-telu \ | 72 | fonts-lohit-telu \ |
| 71 | # fonts-mlym \ | 73 | fonts-mlym \ |
| 72 | # fonts-navilu \ | 74 | fonts-navilu \ |
| 73 | # fonts-orya \ | 75 | fonts-orya \ |
| 74 | # fonts-pagul \ | 76 | fonts-pagul \ |
| 75 | # fonts-sahadeva \ | 77 | fonts-sahadeva \ |
| 76 | # fonts-samyak-deva \ | 78 | fonts-samyak-deva \ |
| 77 | # fonts-samyak-gujr \ | 79 | fonts-samyak-gujr \ |
| 78 | # fonts-samyak-mlym \ | 80 | fonts-samyak-mlym \ |
| 79 | # fonts-samyak-taml \ | 81 | fonts-samyak-taml \ |
| 80 | # fonts-sarai \ | 82 | fonts-sarai \ |
| 81 | # fonts-smc \ | 83 | fonts-smc \ |
| 82 | # fonts-taml \ | 84 | fonts-taml \ |
| 83 | # fonts-telu \ | 85 | fonts-telu \ |
| 84 | # fonts-tlwg-garuda \ | 86 | fonts-tlwg-garuda \ |
| 85 | # fonts-tlwg-kinnari \ | 87 | fonts-tlwg-kinnari \ |
| 86 | # fonts-tlwg-loma \ | 88 | fonts-tlwg-loma \ |
| 87 | # fonts-tlwg-mono \ | 89 | fonts-tlwg-mono \ |
| 88 | # fonts-tlwg-norasi \ | 90 | fonts-tlwg-norasi \ |
| 89 | # fonts-tlwg-purisa \ | 91 | fonts-tlwg-purisa \ |
| 90 | # fonts-tlwg-sawasdee \ | 92 | fonts-tlwg-sawasdee \ |
| 91 | # fonts-tlwg-typewriter \ | 93 | fonts-tlwg-typewriter \ |
| 92 | # fonts-tlwg-typist \ | 94 | fonts-tlwg-typist \ |
| 93 | # fonts-tlwg-typo \ | 95 | fonts-tlwg-typo \ |
| 94 | # fonts-tlwg-umpush \ | 96 | fonts-tlwg-umpush \ |
| 95 | # fonts-tlwg-waree \ | 97 | fonts-tlwg-waree \ |
| 96 | # fonts-arphic-ukai \ | 98 | fonts-arphic-ukai \ |
| 97 | # fonts-arphic-uming \ | 99 | fonts-arphic-uming \ |
| 98 | # fonts-wqy-microhei \ | 100 | fonts-wqy-microhei \ |
| 99 | # fonts-wqy-zenhei \ | 101 | fonts-wqy-zenhei \ |
| 100 | # fonts-ipafont \ | 102 | fonts-ipafont \ |
| 101 | # fonts-ipafont-gothic \ | 103 | fonts-ipafont-gothic \ |
| 102 | # fonts-ipafont-mincho \ | 104 | fonts-ipafont-mincho \ |
| 103 | # fonts-ipaexfont \ | 105 | fonts-ipaexfont \ |
| 104 | # fonts-ipaexfont-gothic \ | 106 | fonts-ipaexfont-gothic \ |
| 105 | # fonts-ipaexfont-mincho \ | 107 | fonts-ipaexfont-mincho \ |
| 106 | # fonts-takao \ | 108 | fonts-takao \ |
| 107 | # fonts-takao-gothic \ | 109 | fonts-takao-gothic \ |
| 108 | # fonts-takao-mincho \ | 110 | fonts-takao-mincho \ |
| 109 | # fonts-vlgothic \ | 111 | fonts-vlgothic \ |
| 110 | # fonts-hanazono \ | 112 | fonts-hanazono \ |
| 111 | # fonts-khmeros \ | 113 | fonts-khmeros \ |
| 112 | # fonts-lao \ | 114 | fonts-lao \ |
| 113 | # fonts-sil-abyssinica \ | 115 | fonts-sil-abyssinica \ |
| 114 | # fonts-sil-ezra \ | 116 | fonts-sil-ezra \ |
| 115 | # fonts-sil-padauk \ | 117 | fonts-sil-padauk \ |
| 116 | # fonts-sil-scheherazade \ | 118 | fonts-sil-scheherazade \ |
| 117 | # fonts-thai-tlwg \ | 119 | fonts-thai-tlwg \ |
| 118 | # fonts-lklug-sinhala \ | 120 | fonts-lklug-sinhala \ |
| 119 | # fonts-kacst \ | 121 | fonts-kacst \ |
| 120 | # fonts-kacst-one \ | 122 | fonts-kacst-one \ |
| 121 | # fonts-farsiweb \ | 123 | fonts-farsiweb \ |
| 122 | # fonts-smc-anjalioldlipi \ | 124 | fonts-smc-anjalioldlipi \ |
| 123 | # fonts-smc-chilanka \ | 125 | fonts-smc-chilanka \ |
| 124 | # fonts-smc-dyuthi \ | 126 | fonts-smc-dyuthi \ |
| 125 | # fonts-smc-karumbi \ | 127 | fonts-smc-karumbi \ |
| 126 | # fonts-smc-keraleeyam \ | 128 | fonts-smc-keraleeyam \ |
| 127 | # fonts-smc-manjari \ | 129 | fonts-smc-manjari \ |
| 128 | # fonts-smc-meera \ | 130 | fonts-smc-meera \ |
| 129 | # fonts-smc-rachana \ | 131 | fonts-smc-rachana \ |
| 130 | # fonts-smc-raghumalayalamsans \ | 132 | fonts-smc-raghumalayalamsans \ |
| 131 | # fonts-smc-suruma \ | 133 | fonts-smc-suruma \ |
| 132 | # fonts-smc-uroob \ | 134 | fonts-smc-uroob \ |
| 133 | # fonts-yrsa-rasa \ | 135 | fonts-yrsa-rasa \ |
| 134 | # fonts-cantarell \ | 136 | fonts-cantarell \ |
| 135 | # fonts-comfortaa \ | 137 | fonts-comfortaa \ |
| 136 | # fonts-croscore \ | 138 | fonts-croscore \ |
| 137 | # fonts-ebgaramond \ | 139 | fonts-ebgaramond \ |
| 138 | # fonts-fantasque-sans \ | 140 | fonts-fantasque-sans \ |
| 139 | # fonts-junicode \ | 141 | fonts-junicode \ |
| 140 | # fonts-lyx \ | 142 | fonts-lyx \ |
| 141 | # fonts-mathjax \ | 143 | fonts-mathjax \ |
| 142 | # fonts-nanum \ | 144 | fonts-nanum \ |
| 143 | # fonts-nanum-coding \ | 145 | fonts-nanum-coding \ |
| 144 | # fonts-nanum-extra \ | 146 | fonts-nanum-extra \ |
| 145 | # fonts-opensymbol \ | 147 | fonts-opensymbol \ |
| 146 | # fonts-quicksand \ | 148 | fonts-quicksand \ |
| 147 | # fonts-sil-gentium \ | 149 | fonts-sil-gentium \ |
| 148 | # fonts-sil-gentiumplus \ | 150 | fonts-sil-gentiumplus \ |
| 149 | # fonts-stix \ | 151 | fonts-stix \ |
| 150 | # fonts-texgyre \ | 152 | fonts-texgyre \ |
| 151 | # fonts-terminus \ | 153 | fonts-terminus \ |
| 152 | # fonts-dejavu-mono \ | 154 | fonts-dejavu-mono \ |
| 153 | # fonts-linuxlibertine \ | 155 | fonts-linuxlibertine \ |
| 154 | # fonts-arkpandora \ | 156 | fonts-arkpandora \ |
| 155 | # fonts-beteckna \ | 157 | fonts-beteckna \ |
| 156 | # fonts-gfs-artemisia \ | 158 | fonts-gfs-artemisia \ |
| 157 | # fonts-gfs-complutum \ | 159 | fonts-gfs-complutum \ |
| 158 | # fonts-gfs-didot \ | 160 | fonts-gfs-didot \ |
| 159 | # fonts-gfs-neohellenic \ | 161 | fonts-gfs-neohellenic \ |
| 160 | # fonts-gfs-olga \ | 162 | fonts-gfs-olga \ |
| 161 | # fonts-gfs-solomos \ | 163 | fonts-gfs-solomos \ |
| 162 | # fonts-gfs-theokritos \ | 164 | fonts-gfs-theokritos \ |
| 163 | fonts-liberation \ | 165 | fonts-liberation \ |
| 164 | fonts-dejavu-core && \ | 166 | fonts-dejavu-core |
| 165 | apt-get clean && \ | ||
| 166 | rm -rf /var/lib/apt/lists/* | ||
| 167 | 167 | ||
| 168 | # python deps | 168 | # python deps |
| 169 | COPY src/requirements.txt /tmp/requirements.txt | 169 | COPY src/requirements.txt /tmp/requirements.txt |
| 170 | RUN pip3 install --no-cache-dir --no-compile --break-system-packages -r /tmp/requirements.txt | 170 | RUN pip3 install --no-cache-dir --no-compile --break-system-packages -r /tmp/requirements.txt && \ |
| 171 | pip3 install --no-cache-dir --no-compile --break-system-packages --ignore-installed setuptools>=78.1.1 wheel>=0.46.2 && \ | ||
| 172 | apt-get remove --autoremove --purge -y python3-setuptools python3-wheel software-properties-common && \ | ||
| 173 | apt-get autoremove -y && \ | ||
| 174 | apt-get clean && \ | ||
| 175 | rm -rf /var/lib/apt/lists/* | ||
| 171 | 176 | ||
| 172 | # kjandoc binary -> /usr/local/bin | 177 | # kjandoc binary -> /usr/local/bin |
| 173 | COPY src/kjandoc /usr/local/bin/kjandoc | 178 | COPY src/kjandoc /usr/local/bin/kjandoc |