From abdac245126a2a0960445d96792da5412cf8834d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Such=C3=A1nek?= <marek.suchanek@gmail.com>
Date: Mon, 8 Jan 2024 09:17:12 +0100
Subject: [PATCH] WIP: Fix security audit

---
 3.11-basic/Dockerfile     | 6 ++----
 3.11-docworker/Dockerfile | 8 +-------
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/3.11-basic/Dockerfile b/3.11-basic/Dockerfile
index 433717f..72d76be 100644
--- a/3.11-basic/Dockerfile
+++ b/3.11-basic/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.18.5
+FROM alpine:3.19.0
 
 ARG TARGETARCH
 
@@ -17,11 +17,9 @@ ENV PIP_NO_COMPILE=1 \
 
 RUN chmod +x /bin/clean \
     && mkdir "$PIP_CACHE_DIR" && chmod a+rwx "$PIP_CACHE_DIR" \
-    && apk add python3 python3-dev libffi-dev libpq-dev openssl-dev \
+    && apk add python3 python3-dev py3-wheel py3-setuptools py3-pip libffi-dev libpq-dev openssl-dev \
     && apk add sqlite-libs --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community \
-    && ln -s /usr/bin/pip3 /usr/bin/pip \
     && python3 -m ensurepip --upgrade \
-    && pip install -U pip setuptools wheel \
     && addgroup -g 10001 user \
     && adduser -u 10000 -S -s /bin/sh -G user user \
     && echo "user:password" | chpasswd 2>/dev/null \
diff --git a/3.11-docworker/Dockerfile b/3.11-docworker/Dockerfile
index 93e0ed7..0744300 100644
--- a/3.11-docworker/Dockerfile
+++ b/3.11-docworker/Dockerfile
@@ -17,7 +17,7 @@ ENV PIP_NO_COMPILE=1 \
 RUN chmod +x /bin/clean \
     && mkdir "$PIP_CACHE_DIR" && chmod a+rwx "$PIP_CACHE_DIR" \
     && apk add sqlite-libs --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community \
-    && apk add -u python3 python3-dev libpq-dev libffi-dev openssl-dev gettext \
+    && apk add -u python3 python3-dev py3-wheel py3-setuptools py3-pip libpq-dev libffi-dev openssl-dev gettext \
     && apk add -u cairo cairo-gobject pango gdk-pixbuf py3-brotli py3-lxml py3-cffi py3-pillow msttcorefonts-installer fontconfig zopfli \
     && apk add -u lua lua-dev lua-penlight zip \
     && apk add -u libstdc++ libx11 libxrender libxext libssl1.1 ca-certificates dbus fontconfig freetype ttf-dejavu ttf-droid ttf-freefont ttf-liberation font-noto-emoji \
@@ -26,9 +26,7 @@ RUN chmod +x /bin/clean \
     && wget -O /bin/wait-for https://raw.githubusercontent.com/eficode/wait-for/v2.2.3/wait-for && chmod a+x /bin/wait-for \
     && update-ms-fonts \
     && fc-cache -f \
-    && ln -s /usr/bin/pip3 /usr/bin/pip \
     && python3 -m ensurepip --upgrade \
-    && pip install -U pip setuptools wheel \
     && addgroup -g 10001 user \
     && adduser -u 10000 -S -s /bin/sh -G user user \
     && echo "user:password" | chpasswd 2>/dev/null \
@@ -65,7 +63,3 @@ RUN mkdir -p /pandoc/filters \
     && wget -O /pandoc/filters/logging.lua https://raw.githubusercontent.com/wlupton/pandoc-lua-logging/main/logging.lua \
     && chown -R user:user /pandoc \
     && clean
-
-# WeasyPrint
-RUN pip install weasyprint==60.1 \
-    && clean