| author | title |
|---|---|
Christian Benstein |
Setup and use this repo |
This repository contains code and documentation to get a flask instance with bootstrap running. This can be first run locally and the be packaged in to a dockercontainer.
This is easy:
- Clone the repo
- Before entering the folder, create a virutal env with python:
$ python3 -m venv venv_teamMoodPython
- Activate the
venvand install the dependancys:$ source venv_teamMoodPython/bin/activate $ pip install -r requirements.txt - Finally, start the application:
$ flask run * Debug mode: off WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead. * Running on http://127.0.0.1:5000 Press CTRL+C to quit
To run flask with the automatic reload on file change, use:
$ flask run --debugger --reloadThis is done by using docker build:
- Run
docker buildto build the image:$ docker build -t teammood
- Run the image:
$ docker run -d --name teamMoodApp -p 5001:5000 teammood
- Visit the instance on http://127.0.0.1:5001
To stop and remove the docker container, run:
docker stop teamMoodApp && docker rm teamMoodApp
teamMoodApp
teamMoodAppThis project is scaned by pip-audit and has the following issues:
$ pip-audit --desc
Found 1 known vulnerability in 1 package
Name Version ID Fix Versions Description
werkzeug 1.0.0 PYSEC-2022-203 2.1.1 ** DISPUTED ** Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project.- PYSEC-2022-203 has the status of DISPUTED