[APIPUB-80] Fixing vulnerabilities found with Docker Scout (#84)

Update nuget packages Update System.Text.Json to version 8.0.5 Update .NET SDK alpine version to use Alpine 3.20 Update apk for openssl to use version 3.3.2 and remove vulnerability Update apk for postgres client to use version 16
Ed-Fi-Alliance-OSS · Oct 18, 2024 · f742485 · f742485
1 parent ca01994
commit f742485
Show file tree

Hide file tree

Showing 15 changed files with 68 additions and 60 deletions.
diff --git a/src/Dockerfile b/src/Dockerfile
@@ -3,8 +3,8 @@
 # The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
 # See the LICENSE and NOTICES files in the project root for more information.
 
-# Tag aspnet:8.0-alpine
-FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d
+# Tag aspnet:8.0-alpine3.20
+FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine3.20@sha256:b5b7dec8006fe016cc864f618cf60eab24fb7d7a28c8ecf4f6b90ceeaa5cf9f2
 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors <[email protected]>"
 
 ARG VERSION="1.2.1"
@@ -21,7 +21,8 @@ COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnect
 
 COPY ./Docker/run.sh /app/run.sh
 
-RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql13-client=~13 icu=~74 curl=~8 && \
+RUN apk update && \
+    apk --no-cache add --upgrade unzip=~6 dos2unix=~7 bash=~5 gettext=~0 openssl=3.3.2-r0 postgresql16-client=~16 icu=~74 curl=~8 && \
     wget -nv -O /app/ApiPublisher.zip https://pkgs.dev.azure.com/ed-fi-alliance/Ed-Fi-Alliance-OSS/_apis/packaging/feeds/EdFi/nuget/packages/EdFi.ApiPublisher/versions/${VERSION}/content && \
     unzip /app/ApiPublisher.zip 'EdFi.ApiPublisher/**' -d /app/ && \
     mv /app/EdFi.ApiPublisher/* /app/ && \

diff --git a/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj b/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj
@@ -7,20 +7,21 @@
     <NoWarn>NU5100, NU5124</NoWarn>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Autofac.Extensions.DependencyInjection" Version="9.0.0" />
-    <PackageReference Include="AWSSDK.CloudWatchLogs" Version="3.7.305.55" />
-    <PackageReference Include="AWSSDK.Core" Version="3.7.304.25" />
+    <PackageReference Include="Autofac.Extensions.DependencyInjection" Version="10.0.0" />
+    <PackageReference Include="AWSSDK.CloudWatchLogs" Version="3.7.403.21" />
+    <PackageReference Include="AWSSDK.Core" Version="3.7.400.35" />
     <PackageReference Include="Serilog.Enrichers.Thread" Version="4.0.0" />
-    <PackageReference Include="Serilog.Settings.Configuration" Version="8.0.1" />
-    <PackageReference Include="Serilog.Sinks.AwsCloudWatch" Version="4.2.29" />
+    <PackageReference Include="Serilog.Settings.Configuration" Version="8.0.4" />
+    <PackageReference Include="Serilog.Sinks.AwsCloudWatch" Version="4.3.37" />
     <PackageReference Include="Serilog.Sinks.File" Version="6.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.1" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
     <PackageReference Include="Microsoft.Extensions.Configuration.CommandLine" Version="8.0.0" />
     <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="8.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.0" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-    <PackageReference Include="System.Threading.Tasks.Dataflow" Version="8.0.0" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
+    <PackageReference Include="System.Threading.Tasks.Dataflow" Version="8.0.1" />
   </ItemGroup>
   <ItemGroup>
     <None Update="apiPublisherSettings.json">

diff --git a/...ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj b/...ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj
@@ -4,10 +4,11 @@
     <LangVersion>10</LangVersion>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Amazon.Extensions.Configuration.SystemsManager" Version="6.2.0" />
+    <PackageReference Include="Amazon.Extensions.Configuration.SystemsManager" Version="6.2.2" />
     <PackageReference Include="AWSSDK.Extensions.NETCore.Setup" Version="3.7.301" />
-    <PackageReference Include="AWSSDK.SimpleSystemsManagement" Version="3.7.305.5" />
+    <PackageReference Include="AWSSDK.SimpleSystemsManagement" Version="3.7.402.14" />
     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Connections.Api\EdFi.Tools.ApiPublisher.Connections.Api.csproj" />

diff --git a/....ConfigurationStore.Plaintext/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj b/....ConfigurationStore.Plaintext/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj
@@ -3,6 +3,9 @@
     <TargetFramework>net8.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
+  <ItemGroup>
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
+  </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Connections.Api\EdFi.Tools.ApiPublisher.Connections.Api.csproj" />
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Core\EdFi.Tools.ApiPublisher.Core.csproj" />

diff --git a/...onfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj b/...onfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj
@@ -4,9 +4,10 @@
     <LangVersion>10</LangVersion>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Npgsql" Version="8.0.3" />
+    <PackageReference Include="Npgsql" Version="8.0.5" />
     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
     <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="8.0.0" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Connections.Api\EdFi.Tools.ApiPublisher.Connections.Api.csproj" />

diff --git a/....ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj b/....ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj
@@ -4,11 +4,12 @@
     <LangVersion>10</LangVersion>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Azure.Identity" Version="1.12.0" />
-    <PackageReference Include="Microsoft.Data.SqlClient" Version="5.2.1" />
+    <PackageReference Include="Azure.Identity" Version="1.13.0" />
+    <PackageReference Include="Microsoft.Data.SqlClient" Version="5.2.2" />
     <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="8.0.0" />
-    <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="7.6.2" />
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.6.2" />
+    <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.1.2" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.1.2" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Connections.Api\EdFi.Tools.ApiPublisher.Connections.Api.csproj" />

diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj b/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj
@@ -5,18 +5,19 @@
     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Autofac" Version="8.0.0" />
-    <PackageReference Include="Microsoft.CodeAnalysis" Version="4.10.0" />
-    <PackageReference Include="Microsoft.CodeAnalysis.CSharp.CodeStyle" Version="4.10.0">
+    <PackageReference Include="Autofac" Version="8.1.1" />
+    <PackageReference Include="Microsoft.CodeAnalysis" Version="4.11.0" />
+    <PackageReference Include="Microsoft.CodeAnalysis.CSharp.CodeStyle" Version="4.11.0">
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.1" />
-    <PackageReference Include="Polly.RateLimiting" Version="8.4.1" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
+    <PackageReference Include="Polly.RateLimiting" Version="8.4.2" />
     <PackageReference Include="SonarAnalyzer.CSharp" Version="9.32.0.97167">
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Core\EdFi.Tools.ApiPublisher.Core.csproj" />

diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsSourceModule.cs b/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsSourceModule.cs
@@ -124,7 +124,7 @@ protected override void Load(ContainerBuilder builder)
         // API dependency metadata from Ed-Fi ODS API (using Source API)
         if (options.UseSourceDependencyMetadata)
         {
-            builder.RegisterType<EdFiApiGraphMLDependencyMetadataProvider>()
+            _ = builder.RegisterType<EdFiApiGraphMLDependencyMetadataProvider>()
                 .As<IGraphMLDependencyMetadataProvider>()
                 .WithParameter(
                     // Configure to use with Target API

diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsTargetModule.cs b/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsTargetModule.cs
@@ -60,7 +60,7 @@ protected override void Load(ContainerBuilder builder)
         // API dependency metadata from Ed-Fi ODS API (using Target API)
         if (!options.UseSourceDependencyMetadata)
         {
-            builder.RegisterType<EdFiApiGraphMLDependencyMetadataProvider>()
+            _ = builder.RegisterType<EdFiApiGraphMLDependencyMetadataProvider>()
                 .As<IGraphMLDependencyMetadataProvider>()
                 .WithParameter(
                     // Configure to use with Target API

diff --git a/...Connections.Api/Processing/Source/Versioning/EdFiApiSourceCurrentChangeVersionProvider.cs b/...Connections.Api/Processing/Source/Versioning/EdFiApiSourceCurrentChangeVersionProvider.cs
@@ -46,13 +46,12 @@ public EdFiApiSourceCurrentChangeVersionProvider(ISourceEdFiApiClientProvider so
 
         try
         {
-            long maxChangeVersion =
-
+            long maxChangeVersion
+            =
                 // Versions of Ed-Fi API through at least v3.4
                 (JObject.Parse(versionResponseText)["NewestChangeVersion"]
-
-                    // Enhancements/fixes applied introduced as part of API Publisher work
-                    ?? JObject.Parse(versionResponseText)["newestChangeVersion"]).Value<long>();
+               // Enhancements/fixes applied introduced as part of API Publisher work
+               ?? JObject.Parse(versionResponseText)["newestChangeVersion"]).Value<long>();
 
             return maxChangeVersion;
         }

diff --git a/...Publisher.Connections.Api/Processing/Target/Blocks/PostResourceProcessingBlocksFactory.cs b/...Publisher.Connections.Api/Processing/Target/Blocks/PostResourceProcessingBlocksFactory.cs
@@ -333,7 +333,6 @@ await HandlePostItemMessage(
                     // Gracefully handle authorization errors by using the retry action delegate
                     // (if present) to post the message to the retry "resource" queue 
                     if (apiResponse.StatusCode == HttpStatusCode.Forbidden
-
                         // Determine if current resource has an authorization retry queue
                         && postItemMessage.PostAuthorizationFailureRetry != null)
                     {
@@ -446,10 +445,9 @@ string GetResponseMessageText(HttpResponseMessage response)
             bool IsBadRequestForUnresolvedReferenceOfPrimaryRelationship(HttpResponseMessage postItemResponse, PostItemMessage msg)
             {
                 // If response is a Bad Request, check for need to explicitly fetch dependencies
-                if (postItemResponse.StatusCode == HttpStatusCode.BadRequest &&
-
+                if (postItemResponse.StatusCode == HttpStatusCode.BadRequest
                     // If resource is a "primary relationship" configured in authorization failure handling
-                    missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath))
+                    && missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath))
                 {
                     string responseMessageText = GetResponseMessageText(postItemResponse);
 
@@ -487,10 +485,9 @@ async Task<string> GetResponseMessageTextAsync(HttpResponseMessage response)
             {
                 // If response is a Bad Request (which is the API's error response for missing Staff/Student/Parent), check for need to explicitly fetch dependencies
                 // NOTE: If support is expanded for other missing dependencies, the response code from the API (currently) will be a 409 Conflict status.
-                if (postItemResponse.StatusCode == HttpStatusCode.BadRequest &&
-
+                if (postItemResponse.StatusCode == HttpStatusCode.BadRequest
                     // If resource is a "primary relationship" configured in authorization failure handling
-                    missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath))
+                    && missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath))
                 {
                     string responseMessageText = await GetResponseMessageTextAsync(postItemResponse);
 

diff --git a/...i.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj b/...i.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj
@@ -4,8 +4,9 @@
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Autofac" Version="8.0.0" />
-    <PackageReference Include="Microsoft.Data.Sqlite" Version="8.0.6" />
+    <PackageReference Include="Autofac" Version="8.1.1" />
+    <PackageReference Include="Microsoft.Data.Sqlite" Version="8.0.10" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\EdFi.Tools.ApiPublisher.Core\EdFi.Tools.ApiPublisher.Core.csproj" />

diff --git a/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj b/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj
@@ -4,22 +4,23 @@
     <LangVersion>10</LangVersion>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Autofac" Version="8.0.0" />
-    <PackageReference Include="Autofac.Extensions.DependencyInjection" Version="9.0.0" />
+    <PackageReference Include="Autofac" Version="8.1.1" />
+    <PackageReference Include="Autofac.Extensions.DependencyInjection" Version="10.0.0" />
     <PackageReference Include="Jering.Javascript.NodeJS" Version="7.0.0" />
-    <PackageReference Include="Polly" Version="8.4.1" />
+    <PackageReference Include="Polly" Version="8.4.2" />
     <PackageReference Include="Polly.Contrib.WaitAndRetry" Version="1.1.1" />
-    <PackageReference Include="Serilog" Version="4.0.0" />
+    <PackageReference Include="Serilog" Version="4.0.2" />
     <PackageReference Include="Serilog.Sinks.Console" Version="6.0.0" />
     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.1" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
     <PackageReference Include="Microsoft.Extensions.Configuration.CommandLine" Version="8.0.0" />
     <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="8.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.0" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-    <PackageReference Include="SmartFormat" Version="3.4.0" />
+    <PackageReference Include="SmartFormat" Version="3.5.1" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
     <PackageReference Include="System.Threading.RateLimiting" Version="8.0.0" />
-    <PackageReference Include="System.Threading.Tasks.Dataflow" Version="8.0.0" />
+    <PackageReference Include="System.Threading.Tasks.Dataflow" Version="8.0.1" />
   </ItemGroup>
 </Project>
diff --git a/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj b/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj
@@ -4,19 +4,20 @@
     <LangVersion>10</LangVersion>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Bogus" Version="35.5.1" />
+    <PackageReference Include="Bogus" Version="35.6.1" />
     <PackageReference Include="FakeItEasy" Version="8.3.0" />
-    <PackageReference Include="FluentAssertions" Version="6.12.0" />
+    <PackageReference Include="FluentAssertions" Version="6.12.1" />
     <PackageReference Include="Jering.Javascript.NodeJS" Version="7.0.0" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
-    <PackageReference Include="NUnit" Version="4.1.0" />
-    <PackageReference Include="NUnit3TestAdapter" Version="4.5.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
+    <PackageReference Include="NUnit" Version="4.2.2" />
+    <PackageReference Include="NUnit3TestAdapter" Version="4.6.0" />
     <PackageReference Include="Serilog.Sinks.TestCorrelator" Version="4.0.0" />
     <PackageReference Include="Shouldly" Version="4.2.1" />
     <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
     <PackageReference Include="System.DirectoryServices.Protocols" Version="8.0.0" />
-    <PackageReference Include="System.Drawing.Common" Version="8.0.6" />
-    <PackageReference Include="System.Security.Cryptography.Xml" Version="8.0.1" />
+    <PackageReference Include="System.Drawing.Common" Version="8.0.10" />
+    <PackageReference Include="System.Security.Cryptography.Xml" Version="8.0.2" />
+    <PackageReference Include="System.Text.Json" Version="8.0.5" />
     <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
   </ItemGroup>
   <ItemGroup>

diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile
@@ -5,7 +5,7 @@
 
 
 # tag sdk:8.0 alpine
-FROM mcr.microsoft.com/dotnet/sdk@sha256:91cb46b0ee207d0df53e2e38f2e4013fe2668ab52dcca13c971afbbef94c83ef AS build
+FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine3.20@sha256:07cb8622ca6c4d7600b42b2eccba968dff4b37d41b43a9bf4bd800aa02fab117 AS build
 WORKDIR /source
 
 COPY ./.editorconfig .editorconfig
@@ -37,7 +37,7 @@ RUN dotnet publish -c Release -o /app/EdFi.Tools.ApiPiblisher.Cli --no-build --n
 
 
 # Tag aspnet:8.0 alpine
-FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d
+FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine3.20@sha256:b5b7dec8006fe016cc864f618cf60eab24fb7d7a28c8ecf4f6b90ceeaa5cf9f2
 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors <[email protected]>"
 
 # Alpine image does not contain Globalization Cultures library so we need to install ICU library to get fopr LINQ expression to work
@@ -53,11 +53,11 @@ COPY ./Docker/logging.template.json /app/logging.template.json
 COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnections.template.json
 COPY ./Docker/run.sh /app/run.sh
 
-RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 icu=~74 curl=~8 && \
+RUN apk --no-cache add --upgrade unzip=~6 dos2unix=~7 bash=~5 openssl=3.3.2-r0 gettext=~0 icu=~74 curl=~8 && \
     dos2unix /app/*.json && \
     dos2unix /app/*.sh && \
     chmod 700 /app/*.sh -- ** && \
     rm -f /app/*.pdb && \
     rm -f /app/*.exe
 
-ENTRYPOINT [ "/app/run.sh" ]
+ENTRYPOINT [ "/app/run.sh" ]