diff --git a/Dockerfile b/Dockerfile index 56a7453..a2ff6e3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,9 @@ WORKDIR /app COPY package.json package-lock.json* ./ RUN npm install --no-audit --no-fund +# Security: npm audit для HIGH/CRITICAL CVE в зависимостях (warning-only). +RUN npm audit --audit-level=high --omit=dev 2>&1 | tee /tmp/npm-audit.log || true + COPY . . RUN npm run build