Skip to content

Dockerfile: only install runtime pkgs#25

Merged
davidfrantz merged 1 commit into
davidfrantz:mainfrom
pjonsson:dockerfile-only-runtime-pkgs
May 29, 2026
Merged

Dockerfile: only install runtime pkgs#25
davidfrantz merged 1 commit into
davidfrantz:mainfrom
pjonsson:dockerfile-only-runtime-pkgs

Conversation

@pjonsson
Copy link
Copy Markdown
Contributor

@pjonsson pjonsson commented May 26, 2026

Depends on:

Install the dev dependencies
in the dev container, so security
issues in the dev dependencies
do not affect the runtime
container of FORCE.

This makes the FORCE image shrink
from 552MB to 477MB, and a Trivy
scan goes from:

Total: 1107 (MEDIUM: 1107, HIGH: 0, CRITICAL: 0)

security issues to:

Total: 33 (MEDIUM: 33, HIGH: 0, CRITICAL: 0)

Refs davidfrantz/force#415

@pjonsson
Dockerfile: only install runtime pkgs
043f34e 
Install the dev dependencies
in the dev container, so security
issues in the dev dependencies
do not affect the runtime
container of FORCE.

This makes the FORCE image shrink
from 552MB to 477MB, and a Trivy
scan goes from:

Total: 1107 (MEDIUM: 1107, HIGH: 0, CRITICAL: 0)

security issues to:

Total: 33 (MEDIUM: 33, HIGH: 0, CRITICAL: 0)

Refs davidfrantz/force#415
@pjonsson pjonsson force-pushed the dockerfile-only-runtime-pkgs branch from 489c1f7 to 043f34e Compare May 28, 2026 13:13
@davidfrantz davidfrantz merged commit 0793d3c into davidfrantz:main May 29, 2026
@pjonsson pjonsson deleted the dockerfile-only-runtime-pkgs branch May 29, 2026 13:35
@pjonsson pjonsson mentioned this pull request May 29, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pjonsson @davidfrantz