epistemophiliac/frappe_docker
1
0
Fork 0
mirror of https://github.com/frappe/frappe_docker.git synced 2026-06-17 13:55:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
frappe_docker/images
History
OmarElaraby26 ae275df161 fix(security): replace APPS_JSON_BASE64 build-arg with BuildKit secret mount 
APPS_JSON_BASE64 is stored in image layer metadata, permanently exposing
private repo tokens (GitHub PATs) to anyone with image pull access.

Replace --build-arg with --mount=type=secret so that apps.json is only
available during the RUN step and never committed to any layer.

Refs: https://docs.docker.com/reference/build-checks/secrets-used-in-arg-or-env/
2026-04-05 22:24:53 +02:00
..
bench feat: add chromium pdf generator support 2026-02-19 09:10:18 -08:00
custom fix(security): replace APPS_JSON_BASE64 build-arg with BuildKit secret mount 2026-04-05 22:24:53 +02:00
layered fix(security): replace APPS_JSON_BASE64 build-arg with BuildKit secret mount 2026-04-05 22:24:53 +02:00
production build(docker images): add nginx security headers snippet in production and custom images 2026-03-17 15:54:01 +01:00