From 48540f252774aba756002f1fdd2e73e4253c4208 Mon Sep 17 00:00:00 2001
From: Znmin <84540638+Haranmes@users.noreply.github.com>
Date: Fri, 19 Dec 2025 22:51:50 +0100
Subject: [PATCH] Update Dockerfile

Runs as non-root user

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 Dockerfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 343246d..897015b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,10 +26,13 @@ RUN npm run build
 #--- STAGE 3: Production runtime environment
 FROM node:lts-alpine3.23 AS production
 WORKDIR /app
+RUN addgroup -S appuser && adduser -S appuser -G appuser
 COPY --from=build /app/.next ./.next
 COPY --from=build /app/package.json ./package.json
 COPY --from=build /app/package-lock.json ./package-lock.json
 COPY --from=build /app/public ./public
 COPY --from=build /app/node_modules ./node_modules
+RUN chown -R appuser:appuser /app
+USER appuser
 EXPOSE 3000
 CMD ["npm", "run", "start"]