- Remove chmod 777 (replaced with chown nodejs:nodejs)
- Remove hardcoded su-exec call; detect root vs non-root
- Fallback to direct exec if already running as nodejs
- Entry point is currently unused (Dockerfile uses CMD directly)
but cleaned up for correctness in case re-enabled
Ref: Issue #4 Hudson remediation
- #4: Replace su-exec with USER nodejs in Dockerfile (P0)
- #6: Add UNIQUE constraint on leads.email with migration (P1)
- #10: Consistent NULL handling for optional fields (P1)
- Hero section rewrite: B2B value proposition, prominent 8x8 badge
- Clean up .bak file left by agent
- Multi-stage Dockerfile with non-root nodejs user
- Healthcheck using Node 20 built-in fetch (no wget)
- docker-entrypoint.sh: root permission fix, then exec to nodejs
- server/db.js: deferred SQLite init for Docker volume permissions
- docker-compose.yml with named volumes for persistence
- .dockerignore and .env.example added
- README updated with Docker usage section
Security reviewed by Private Hudson. All blockers resolved.