Spaces:
Running
Running
| # 🦅 PatchHawk: Isolated Python Sandbox | |
| # Used for the EXECUTE_SANDBOX (Stage 1) and SUBMIT_PATCH (Stage 3) validation. | |
| FROM python:3.11-slim | |
| # System dependencies for unit testing | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| gcc \ | |
| python3-dev \ | |
| && rm -rf /var/lib/apt/lists/* | |
| WORKDIR /app | |
| # Pre-install pytest for the validator | |
| RUN pip install --no-cache-dir pytest | |
| # Create a non-privileged user for security | |
| RUN useradd -m sandbox | |
| USER sandbox | |
| # The environment mounts the code into /app at runtime | |
| CMD ["python3"] | |