From b1d2b27ddf8574320af96d0b6a9957afd7e0904e Mon Sep 17 00:00:00 2001
From: gjarzebak95 <gerard.jarzebak@appvia.io>
Date: Wed, 14 Jan 2026 12:30:52 +0000
Subject: [PATCH] fix(SA-675): add packages write permission and fix Dockerfile
 CMD

- Add permissions block with packages:write to allow pushing to
  GitHub Packages registry
- Change Dockerfile CMD from shell form to JSON array format
  to properly handle OS signals
---
 .github/workflows/ci.yml | 3 +++
 Dockerfile               | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 4c9c2052e..2efd5319f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,6 +12,9 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
 
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
diff --git a/Dockerfile b/Dockerfile
index 83de69ed9..8e0a62cb4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,4 +5,4 @@ COPY package.json package-lock.json ./
 RUN npm install --production
 COPY . .
 
-CMD cd /app && npm start 
\ No newline at end of file
+CMD ["npm", "start"]
\ No newline at end of file