ops(deps): requirements.lock 도입 — 라이브 pip freeze 101개 완전 핀
DS 보안감사 리메디 6순위 잔재(lockfile) 종결. requirements.txt(floor 사양)는 유지, Dockerfile 설치 소스를 requirements.lock(== 핀)으로 전환 — 재빌드 시 의존성 변동 위험 제거. lock = 라이브 컨테이너 known-good freeze 스냅샷. 검증: 신규 이미지 freeze == lock 일치·import smoke·클린부팅·health 200. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
+2
-2
@@ -11,8 +11,8 @@ RUN apt-get update && \
|
||||
ffmpeg && \
|
||||
apt-get clean && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY requirements.txt .
|
||||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
COPY requirements.txt requirements.lock ./
|
||||
RUN pip install --no-cache-dir -r requirements.lock
|
||||
|
||||
COPY . .
|
||||
|
||||
|
||||
@@ -0,0 +1,104 @@
|
||||
# requirements.lock — 라이브 fastapi 컨테이너 pip freeze 스냅샷 (2026-07-02, 101 pkgs, CVE-clear known-good)
|
||||
# 재생성: docker exec hyungi_document_server-fastapi-1 pip freeze > app/requirements.lock (헤더 재부착)
|
||||
# requirements.txt = 사람이 편집하는 floor 사양(>=) / 본 lock = Dockerfile 이 실제 설치하는 정본(==)
|
||||
annotated-doc==0.0.4
|
||||
annotated-types==0.7.0
|
||||
anthropic==0.109.1
|
||||
anyio==4.13.0
|
||||
APScheduler==3.11.2
|
||||
asyncpg==0.31.0
|
||||
babel==2.18.0
|
||||
bcrypt==5.0.0
|
||||
beautifulsoup4==4.15.0
|
||||
caldav==3.2.1
|
||||
certifi==2026.5.20
|
||||
cffi==2.0.0
|
||||
chardet==7.4.3
|
||||
charset-normalizer==3.4.7
|
||||
click==8.4.1
|
||||
cobble==0.1.4
|
||||
courlan==1.4.0
|
||||
cryptography==48.0.1
|
||||
cssselect==1.4.0
|
||||
dateparser==1.4.0
|
||||
defusedxml==0.7.1
|
||||
distro==1.9.0
|
||||
dnspython==2.8.0
|
||||
docstring_parser==0.18.0
|
||||
ecdsa==0.19.2
|
||||
et_xmlfile==2.0.0
|
||||
fastapi==0.136.3
|
||||
feedparser==6.0.12
|
||||
flatbuffers==25.12.19
|
||||
greenlet==3.5.1
|
||||
h11==0.16.0
|
||||
htmldate==1.10.0
|
||||
httpcore==1.0.9
|
||||
httptools==0.8.0
|
||||
httpx==0.28.1
|
||||
icalendar==7.1.2
|
||||
icalendar-searcher==1.0.6
|
||||
idna==3.18
|
||||
jh2==5.0.13
|
||||
Jinja2==3.1.6
|
||||
jiter==0.15.0
|
||||
jusText==3.0.2
|
||||
lxml==6.1.1
|
||||
lxml_html_clean==0.4.5
|
||||
magika==0.6.3
|
||||
mammoth==1.11.0
|
||||
Markdown==3.10.2
|
||||
markdownify==1.2.2
|
||||
markitdown==0.1.6
|
||||
MarkupSafe==3.0.3
|
||||
niquests==3.19.1
|
||||
numpy==2.4.6
|
||||
olefile==0.47
|
||||
onnxruntime==1.26.0
|
||||
openpyxl==3.1.5
|
||||
packaging==26.2
|
||||
pandas==3.0.3
|
||||
pgvector==0.4.2
|
||||
pillow==12.2.0
|
||||
protobuf==7.35.0
|
||||
pyasn1==0.6.3
|
||||
pycparser==3.0
|
||||
pydantic==2.13.4
|
||||
pydantic_core==2.46.4
|
||||
pyhwp==0.1b15
|
||||
PyMuPDF==1.27.2.3
|
||||
pyotp==2.9.0
|
||||
python-dateutil==2.9.0.post0
|
||||
python-dotenv==1.2.2
|
||||
python-jose==3.5.0
|
||||
python-multipart==0.0.32
|
||||
python-pptx==1.0.2
|
||||
pytz==2026.2
|
||||
PyYAML==6.0.3
|
||||
qh3==1.9.2
|
||||
readability-lxml==0.8.4.1
|
||||
recurring-ical-events==3.8.2
|
||||
regex==2026.5.9
|
||||
requests==2.34.2
|
||||
rsa==4.9.1
|
||||
sgmllib3k==1.0.0
|
||||
six==1.17.0
|
||||
sniffio==1.3.1
|
||||
soupsieve==2.8.4
|
||||
SQLAlchemy==2.0.50
|
||||
starlette==1.2.1
|
||||
tld==0.13.2
|
||||
trafilatura==2.1.0
|
||||
typing-inspection==0.4.2
|
||||
typing_extensions==4.15.0
|
||||
tzdata==2026.2
|
||||
tzlocal==5.3.1
|
||||
urllib3==2.7.0
|
||||
urllib3-future==2.21.902
|
||||
uvicorn==0.49.0
|
||||
uvloop==0.22.1
|
||||
wassima==2.1.1
|
||||
watchfiles==1.2.0
|
||||
websockets==16.0
|
||||
x-wr-timezone==2.0.1
|
||||
xlsxwriter==3.2.9
|
||||
Reference in New Issue
Block a user