curo/Business-Management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Run pre-commit security check as non-root (UID 1001)

Browse Source 
docker run was using python:3.12-slim's default root user, causing pip
to warn about running as root. Fix: add -u 1001:1001, set HOME=/tmp so
pip --user has a writable install location, and pass --user to pip.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
curo1305
2026-04-13 23:04:32 +02:00
parent e2c55556ac
commit fd95459fc9
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.githooks/pre-commit
+3 -1
View File
@@ -19,8 +19,10 @@ docker run --rm \
-v "$REPO_ROOT":/repo \ -v "$REPO_ROOT":/repo \
-w /repo \ -w /repo \
-e STAGED_FILES="$STAGED" \ -e STAGED_FILES="$STAGED" \
-u 1001:1001 \
-e HOME=/tmp \
python:3.12-slim \ python:3.12-slim \
sh -c "pip install --quiet bandit && python scripts/security_check.py" sh -c "pip install --quiet --user bandit && python scripts/security_check.py"
EXIT_CODE=$? EXIT_CODE=$?