Rootless Docker/Optimized build by PseudoResonance · Pull...
The majority of the build should ideally be left as root, so that in the event there is a vulnerability, the user would be unable to easily overwrite the working code. I don't think there's a good solution to th