From dac4a72838d90bccdbd443d4ee65fc46551e15ea Mon Sep 17 00:00:00 2001
From: lebaudantoine <lebaud.antoine131@gmail.com>
Date: Thu, 19 Feb 2026 15:51:27 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=EF=B8=8F(backend)=20uninstall=20pi?=
 =?UTF-8?q?p=20in=20the=20production=20image?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Reduce surface area and keep the runtime image minimal.
---
 Dockerfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 6151f15f..97db272c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -127,6 +127,9 @@ ARG MEET_STATIC_ROOT=/data/static
 RUN mkdir -p /usr/local/etc/gunicorn
 COPY docker/files/usr/local/etc/gunicorn/meet.py /usr/local/etc/gunicorn/meet.py
 
+# Remove pip to reduce attack surface in production
+RUN pip uninstall -y pip
+
 # Un-privileged user running the application
 ARG DOCKER_USER
 USER ${DOCKER_USER}