Comments (5)
@gbvanrenswoude I wasn't seeing it because I was using the alpine image so thanks for pointing that out apologies about that. Github did add a way for owners to create security policies for situations like this, should they arise. There is zero problem reporting the issue; rather, it's the manner in which you report it.
from uvicorn-gunicorn-fastapi-docker.
In the image where do you see perl? Also, why would you create a Github issue for possible security findings instead of sending an email?
from uvicorn-gunicorn-fastapi-docker.
docker run --rm -it tiangolo/uvicorn-gunicorn:python3.8-slim which perl
/usr/bin/perl
Lots of Docker Images are notoriously vulnerable due to people not caring enough to deliver a clean FS and up-to-date binaries. Personally I think he is setting a good example and I fail to see why reporting this as an issue instead of a mail would be a problem.
from uvicorn-gunicorn-fastapi-docker.
Fixed it with the alpine image, thanks! I don't mind doing it via security policy but there isn't one for this repository
from uvicorn-gunicorn-fastapi-docker.
Thanks for the help here @NotoriousRebel ! 👏 🙇
The image is based on the official Python image, so it wouldn't be an issue with this image but with the base official Python image. On the other side, Perl is not used for anything, it's there just because it's a common tool to have pre-installed and could be needed while building extensions, etc. But nothing calls or uses it.
Anyway, thanks for reporting back and closing the issue @Arrrunan 👍
from uvicorn-gunicorn-fastapi-docker.
Related Issues (20)
- Application does not start up when combining this image and a database connection in Linux CentOS. HOT 4
- Upgrade from python3.8 to python3.11 fails HOT 1
- ModuleNotFoundError: No module named 'app' HOT 2
- APScheduler logs not showing in docker HOT 1
- websocket can not use
- Deploying HuggingFace model/pipeline using uvicorn-gunicorn-fastapi-docker on Google Cloud Run HOT 2
- Is --proxy-headers applied in the uvicorn CMD in the image? HOT 1
- getting timeout 504 in 1 minute
- Support for Apple sillicon
- New docker-image may be broken HOT 1
- apt-get update not working on specific version
- container build fails with pydantic-settings HOT 1
- Uvicorn -gunicorn-fastapi-docker
- Runtime Error: Can't start new thread HOT 1
- linux/arm64/v8 not supported HOT 2
- Unexpected Redirection of `/docs` Endpoint with Custom `APP_MODULE` Setup
- Current gunicorn version does not support Python 3.11
- Base Dockerfile HOT 3
- pydantic_settings package not supported
- Update fastapi to support Pydantic2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from uvicorn-gunicorn-fastapi-docker.