Hi Team,
Can you explain why we need to install python-is-python3 [1] when building the docker images? IMO, if we don't need this package, better to remove this in docker image. Otherwise,
- If any python library related vulnerabilities occurred, it'll be reported by Software composition analysis tools.
- Also, if someone get access to the container, they can take the advantage of python.
Reference:
[1]. https://github.com/wso2/docker-apim/blob/deab7cd8222c87d3c4d0cc15488ea274fcca9c12/dockerfiles/ubuntu/apim/Dockerfile#LL26C129-L26C146
Hi Team,
Can you explain why we need to install
python-is-python3[1] when building the docker images? IMO, if we don't need this package, better to remove this in docker image. Otherwise,Reference:
[1]. https://github.com/wso2/docker-apim/blob/deab7cd8222c87d3c4d0cc15488ea274fcca9c12/dockerfiles/ubuntu/apim/Dockerfile#LL26C129-L26C146