fix: update base image from slim-bullseye to slim-bookworm in Dockerfile#1542
fix: update base image from slim-bullseye to slim-bookworm in Dockerfile#1542FournyP wants to merge 1 commit intomicrosoft:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Updates the markitdown-mcp Docker image base from Debian bullseye to bookworm to pull a newer ExifTool version and resolve the CVE-related failure reported in #1434.
Changes:
- Switch
packages/markitdown-mcp/Dockerfilebase image frompython:3.13-slim-bullseyetopython:3.13-slim-bookworm.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| @@ -1,4 +1,4 @@ | |||
| FROM python:3.13-slim-bullseye | |||
| FROM python:3.13-slim-bookworm | |||
There was a problem hiding this comment.
This updates the MCP image base to bookworm, but the repo root Dockerfile still uses python:3.13-slim-bullseye (see Dockerfile:1). If the ExifTool/CVE issue affects the default Docker image as well, consider updating the root Dockerfile (or documenting why only the MCP image is updated) to avoid users still hitting the vulnerability when building from the repo root.
There was a problem hiding this comment.
|
gitme1-ym
left a comment
gitme1-ym
left a comment
There was a problem hiding this comment.
d794d970ebf738f94bca38be67627368f526bdc8
| @@ -1,4 +1,4 @@ | |||
| FROM python:3.13-slim-bullseye | |||
| FROM python:3.13-slim-bookworm | |||
2 participants
This PR addresses the same issue reported in #1434.
The root cause is the outdated ExifTool version shipped with the bullseye base image. By upgrading the Docker base image from bullseye to bookworm, the build pulls a significantly newer ExifTool, which resolves the problem without additional workarounds.
This keeps the Dockerfile simple while fixing the underlying dependency mismatch.