Update playground frontend Dockerfile#4103
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors the Dockerfiles to transition from "yarn" to "pnpm", addressing a version error and improving dependency management by enabling Corepack. However, a potential command injection vulnerability was identified in playground/Dockerfile.cowswap due to unquoted build arguments, which could allow arbitrary command execution during the build process. It's recommended to quote these variables to mitigate this risk. Additionally, the apt cache is now cleaned for optimized Docker image size, and shell syntax in Dockerfile.cowswap has been improved with semicolons for robustness.
jmg-duarte
left a comment
jmg-duarte
left a comment
There was a problem hiding this comment.
LGTM but since you're improving the script I think we can take the chance to group some RUN statements
|
I grouped some of the RUN commands in the Docker scripts. Does this look good to merge now? Thank you. |
jmg-duarte
left a comment
jmg-duarte
left a comment
There was a problem hiding this comment.
LGTM, thanks for your contribution!
jmg-duarte
changed the title
Head branch was pushed to by a user without write access
|
Please refrain from updating this PR further. It was already in queue and the rebase was unnecessary. |
|
Sorry I did a rebase by accident. In the future I will not rebase in this GitHub repo since that cancelled the auto merge. |
2 participants
Description
Fixes Docker pnpm version error.
Changes
Enable and prepare corepack version before running pnpm install.
Fixes
#4101