mirror of
https://github.com/qaiu/netdisk-fast-download.git
synced 2026-06-10 15:37:28 +00:00
17460ff271
- 升级 Vert.x 4.5.24 → 4.5.27, postgresql 42.7.3 → 42.7.11, logback 1.5.18 → 1.5.32, axios 1.13.5 → 1.16.1 - 修复 JWT 签名验证和密码比较的时序攻击漏洞 (MessageDigest.isEqual) - 修复 AESUtils 使用不安全 Random 改为 SecureRandom - 修复登录用户枚举和异常信息泄露,统一错误提示 - 修复 RateLimiter count++ 非原子操作 (AtomicInteger) - 修复 JsParserExecutor DCL 模式缺少 volatile - 修复 Token 日志泄露,仅打印前8字符 - 修复 Playground 密码时序攻击和堆栈泄露 - 所有 window.open 添加 noopener,noreferrer - LocalConstant 改用 ConcurrentHashMap 保证线程安全 - Dockerfile 添加非 root 用户运行,secret.yml 加入 .gitignore
23 lines
583 B
Docker
23 lines
583 B
Docker
FROM eclipse-temurin:17-jre
|
|
|
|
WORKDIR /app
|
|
|
|
# 安装 unzip
|
|
RUN apt-get update && apt-get install -y unzip && rm -rf /var/lib/apt/lists/*
|
|
|
|
COPY ./web-service/target/netdisk-fast-download-bin.zip .
|
|
|
|
RUN unzip netdisk-fast-download-bin.zip && \
|
|
mv netdisk-fast-download/* ./ && \
|
|
rm netdisk-fast-download-bin.zip && \
|
|
chmod +x run.sh && \
|
|
mkdir -p db logs
|
|
|
|
COPY ./docker-entrypoint.sh /docker-entrypoint.sh
|
|
RUN chmod +x /docker-entrypoint.sh
|
|
|
|
EXPOSE 6401
|
|
|
|
RUN addgroup --system appgroup && adduser --system --ingroup appgroup appuser
|
|
ENTRYPOINT ["/docker-entrypoint.sh"]
|