From 4181a1260484045ddc93e3973b6e36d2a158d17d Mon Sep 17 00:00:00 2001
From: Nikola Irinchev <irinchev@me.com>
Date: Fri, 5 Sep 2025 10:22:19 +0300
Subject: [PATCH 1/3] chore: update smithery dockerfile to be closer to the
 official one

---
 .smithery/Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.smithery/Dockerfile b/.smithery/Dockerfile
index a2f4aed9c..e444c2a16 100644
--- a/.smithery/Dockerfile
+++ b/.smithery/Dockerfile
@@ -2,10 +2,10 @@
 # ----- Build Stage -----
 FROM node:lts-alpine AS builder
 
-RUN adduser -D mcpuser
-USER mcpuser
+RUN addgroup -S mcp && adduser -S mcp -G mcp
+USER mcp
 
-WORKDIR /app
+WORKDIR /home/mcp
 
 # Copy package and configuration
 COPY ../package.json ../package-lock.json ../tsconfig.json ../tsconfig.build.json ./
@@ -20,7 +20,7 @@ RUN npm ci && npm run build
 FROM node:lts-alpine
 
 # Copy built artifacts
-COPY --from=builder /app/dist ./dist
+COPY --from=builder /home/mcp/dist ./dist
 
 # Copy package.json for production install
 COPY ../package.json ../package-lock.json ./

From ef0b4a9f3e0fbb1827b44dc04b8b8b01198ede58 Mon Sep 17 00:00:00 2001
From: Nikola Irinchev <irinchev@me.com>
Date: Mon, 8 Sep 2025 19:28:54 +0300
Subject: [PATCH 2/3] address copilot suggestions

---
 .smithery/Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.smithery/Dockerfile b/.smithery/Dockerfile
index e444c2a16..4634438a0 100644
--- a/.smithery/Dockerfile
+++ b/.smithery/Dockerfile
@@ -2,7 +2,8 @@
 # ----- Build Stage -----
 FROM node:lts-alpine AS builder
 
-RUN addgroup -S mcp && adduser -S mcp -G mcp
+RUN addgroup -S mcp && adduser -S mcp -G mcp -s /sbin/nologin
+RUN chown -R mcp:mcp /home/mcp
 USER mcp
 
 WORKDIR /home/mcp

From 7617674d0a33efd98580977b4ce0990791a9aecc Mon Sep 17 00:00:00 2001
From: Nikola Irinchev <irinchev@me.com>
Date: Fri, 12 Sep 2025 00:37:08 +0300
Subject: [PATCH 3/3] Add mcp user to runner container

---
 .smithery/Dockerfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.smithery/Dockerfile b/.smithery/Dockerfile
index 4634438a0..d6db33d6c 100644
--- a/.smithery/Dockerfile
+++ b/.smithery/Dockerfile
@@ -19,6 +19,9 @@ RUN npm ci && npm run build
 
 # ----- Production Stage -----
 FROM node:lts-alpine
+RUN addgroup -S mcp && adduser -S mcp -G mcp -s /sbin/nologin
+RUN chown -R mcp:mcp /dist
+USER mcp
 
 # Copy built artifacts
 COPY --from=builder /home/mcp/dist ./dist