openclaw-mission-control

Author	SHA1	Message	Date
0xjjjjjj	9396be6fc0	fix: chown /app directory after user creation Ensure the /app WORKDIR itself is owned by appuser (not just copied files), preventing runtime failures if the app writes to /app directly. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 20:45:25 -08:00
0xjjjjjj	42368f84bf	perf: replace chown -R with COPY --chown in both Dockerfiles Move user/group creation before COPY statements so --chown flag can set ownership at copy time, avoiding the slow recursive chown on overlay2 filesystems (docker/for-linux#388). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 20:38:09 -08:00
Hugh Brown	ebe148e537	fix: use Alpine-compatible flags for addgroup/adduser in frontend Dockerfile node:20-alpine uses BusyBox which does not support GNU-style --system/--ingroup flags. Switch to -S/-G equivalents. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:35:10 +05:30
Hugh Brown	c7f8578f38	security: run Docker containers as non-root user Both backend and frontend Dockerfiles ran all processes as root. Add a dedicated appuser in each runtime stage so container processes run with minimal privileges, limiting blast radius of any container escape. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:35:10 +05:30
Abhimanyu Saharan	0fe61e3e08	refactor(env): update NEXT_PUBLIC_API_URL to use 'auto' for better flexibility	2026-03-03 02:40:28 +05:30
Abhimanyu Saharan	06ff1a9720	feat: implement local authentication mode and update related components	2026-02-11 19:40:33 +05:30
Arjun (OpenClaw)	c65b225ba7	fix: dockerfiles build in compose context - backend: copy dependency lockfiles from backend/ when build context is repo root - frontend: don't copy public/ when it doesn't exist	2026-02-07 15:57:25 +00:00
Ishaan (OpenClaw)	8c0e9b1931	Add Dockerfiles and compose quickstart	2026-02-06 23:33:25 +00:00

8 Commits