v1.0.6-beta.007 - Resolve Docker Hub vulnerabilities via Debian migration and strict NPM overrides
- Migrated Docker base image from Alpine to Debian Slim (
ode:22-bookworm-slim) to permanently eradicate the unpatched BusyBox vulnerability (CVE-2025-60876). - Overrode picomatch to 4.0.4 and brace-expansion to 5.0.5 in package.json to resolve NPM vulnerabilities (CVE-2026-33671, CVE-2026-33672, CVE-2026-33750).
- Regenerated a clean package-lock.json to ensure a flat, secure dependency tree without causing secondary audit failures.
- Optimized the Dockerfile runner stage to copy Prisma directly from the builder instead of running
pm install, preventing the injection of unpatched dependencies during the final build step.