playground/docker-claude
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
docker-claude/claude/Dockerfile
docker-claude 12d75b0dc2
Some checks failed
Build images / check-docker (push) Successful in 0s
Details
Build images / scan (push) Failing after 2m18s
Details
Build images / build-and-push (push) Has been skipped
Details
fix(docker): patch picomatch 4.0.3 → 4.0.4 (CVE-2026-33671) 
npm@11.12.1 still bundles picomatch@4.0.3. Add a find-loop after the npm
upgrade to patch every occurrence in node_modules in place. Also restore
and clean up the MCP server install and CVE patch blocks that were
accidentally commented out.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-20 16:05:05 +02:00

81 lines
3.3 KiB
Docker
Raw Blame History

FROM node:24-alpine
# Upgrade npm to pull in patched bundled deps (cross-spawn, glob, minimatch, tar)
# CVEs: CVE-2024-21538, CVE-2025-64756, CVE-2026-26996/27903/27904, CVE-2026-23745/23950/24842/26960/29786/31802
RUN npm install -g npm@11.12.1
# Fix CVE-2026-33671: upgrade picomatch 4.0.3 → 4.0.4 in every location it appears
RUN find /usr/local/lib/node_modules -name "picomatch" -type d | while read dir; do \
ver=$(node -p "require('$dir/package.json').version" 2>/dev/null); \
[ "$ver" = "4.0.3" ] || continue; \
echo "Patching picomatch in $dir"; \
prefix=$(dirname "$(dirname "$dir")"); \
npm install --prefix "$prefix" picomatch@4.0.4 \
--no-save --no-audit --no-fund 2>/dev/null || true; \
done
# Install runtime dependencies
RUN apk add --no-cache \
git \
curl \
ca-certificates \
bash
# Install kubectl — architecture-aware, checksum-verified
RUN KUBECTL_VERSION=$(curl -fsSL https://dl.k8s.io/release/stable.txt) \
&& ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/') \
&& curl -fsSL "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${ARCH}/kubectl" \
-o /usr/local/bin/kubectl \
&& curl -fsSL "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${ARCH}/kubectl.sha256" \
-o /tmp/kubectl.sha256 \
&& echo "$(cat /tmp/kubectl.sha256) /usr/local/bin/kubectl" | sha256sum -c \
&& rm /tmp/kubectl.sha256 \
&& chmod +x /usr/local/bin/kubectl
# System-level Claude Code policy — owned by root, not writable by the node user.
# Restricts available models; cannot be bypassed via CLI flags or env vars.
COPY settings.json /etc/claude-code/managed-settings.json
# Install Claude Code stable release
RUN curl -fsSL https://claude.ai/install.sh | bash -s stable
# Install MCP servers globally — entry points land in /usr/local/lib/node_modules/
RUN npm install -g \
@modelcontextprotocol/server-github \
@yoda.digital/gitlab-mcp-server \
@aashari/mcp-server-atlassian-jira \
@aashari/mcp-server-atlassian-confluence
# Patch transitive CVEs bundled inside MCP server node_modules:
# CVE-2025-66414, CVE-2026-0621 — @modelcontextprotocol/sdk <1.25.2
# CVE-2026-33671 — picomatch <4.0.4 (also covers npm bundled copy above)
RUN for pkg_dir in \
/usr/local/lib/node_modules/@modelcontextprotocol/server-github \
/usr/local/lib/node_modules/@yoda.digital/gitlab-mcp-server \
/usr/local/lib/node_modules/@aashari/mcp-server-atlassian-jira \
/usr/local/lib/node_modules/@aashari/mcp-server-atlassian-confluence; do \
[ -d "$pkg_dir" ] && \
cd "$pkg_dir" && \
npm install --no-audit --no-fund \
@modelcontextprotocol/sdk@1.25.2 \
picomatch@4.0.4 \
|| true; \
done
# Workspace and Claude config dir — owned by the built-in node user (uid 1000).
# Pre-creating ~/.claude ensures the named volume is initialised with the
# correct ownership when first mounted (Docker copies image content into
# an empty named volume on first use).
RUN mkdir -p /workspace /home/node/.claude \
&& chown -R node:node /workspace /home/node/.claude
USER node
WORKDIR /workspace
# Proxy traffic through sidecar — override at runtime if needed
ENV HTTP_PROXY=http://proxy:3128
ENV HTTPS_PROXY=http://proxy:3128
ENV ALL_PROXY=http://proxy:3128
ENV NO_PROXY=localhost,127.0.0.1
ENTRYPOINT ["claude"]
Reference in a new issue View git blame Copy permalink