\n@end\n````\n\n## Deployment\n\n### Heroku\n\nChange the Dockerfile to:\n\n``` yaml\n...\n# EXPOSE 8000\n\n# ENTRYPOINT python3 -m server\nCMD python3 -m server --host 0.0.0.0 --port $PORT\n```\n\nThe host has to be set to `0.0.0.0` and the port is set by heroku itself.\n\nAfterwards repeat the following steps:\n\n``` bash\n$ heroku container:login\n ...\n Login Succeeded\n\n$ heroku create\n Creating app... done, \u2b22 XXXXXX-XXXXXXX-XXXXXX\n https://XXXXXX-XXXXXXX-XXXXXX.herokuapp.com/ | https://git.heroku.com/XXXXXX-XXXXXXX-XXXXXX.git\n\n$ heroku container:push web\n === Building web (.../CodeRunner/Dockerfile)\n Sending build context to Docker daemon 4.633MB\n Step 1/35 : FROM ubuntu:kinetic\n ---> d6547859cd2f\n Step 2/35 : RUN DEBIAN_FRONTEND=noninteractive apt-get update --fix-missing\n ---> Using cache\n ...\n\n Step 35/35 : CMD python3 -m server --host 0.0.0.0 --port $PORT\n ---> Running in bde2634a12ba\n ...\n\n Successfully built 50ec74c6e81f\n Successfully tagged registry.heroku.com/XXXXXX-XXXXXXX-XXXXXX/web:latest\n === Pushing web (.../CodeRunner/Dockerfile)\n Using default tag: latest\n The push refers to repository [registry.heroku.com/XXXXXX-XXXXXXX-XXXXXX/web]\n ...\n Your image has been successfully pushed. You can now release it with the 'container:release' command.\n\n$ heroku container:release web\n Releasing images web to XXXXXX-XXXXXXX-XXXXXX... done\n```",
"installation_instructions": null,
"categories": [
"Everything"
],
"owners": [],
"owner": null,
"code_snippets": {},
"evaluation_results": [],
"found_via_ownership_request": false,
"security_scans": [
{
"repo_url": "https://github.com/LiaScript/CodeRunner",
"repo_name": "CodeRunner",
"score": 95,
"risk_level": "low",
"score_explanation": "Score starts at 100, deducts points for security issues, and adds points for security best practices",
"scan_id": "5791b24f-ee4d-4ba5-8319-2a7abaa59d3e",
"mcp_app_id": "b73b76fb-26cd-401c-ad59-40288bd4576b",
"scan_time": "2025-06-19T14:57:08.816926+00:00",
"created_at": "2025-06-19T14:57:08.817724+00:00",
"updated_at": "2025-06-19T14:57:08.817724+00:00",
"findings": [
{
"finding_id": "2c07b254-66f8-4e5e-80c0-1832e2279970",
"message": "Use of subprocess with shell=True detected. This can be dangerous if used with untrusted input.",
"line": 62,
"created_at": "2025-06-19T14:57:08.817724+00:00",
"rule_id": "security-validator.scanner.rules.semgrep.dangerous-shell-true",
"scan_id": "5791b24f-ee4d-4ba5-8319-2a7abaa59d3e",
"type": "semgrep",
"severity": "ERROR",
"path": "compiler/helper.py",
"meta_info": {
"lines": " out = subprocess.run(cmd,\n cwd=cwd,\n capture_output=True,\n text=True,\n shell=True)",
"pattern": "",
"rule_name": "dangerous_code"
}
}
],
"vulnerabilities": []
}
]
}
}
Coderunner
A development server for running LiaScript code snippets