Dockerfile: install build deps

Copy the list of build dependencies
from base_image and install them
in the build container. This will
enable removing the build dependencies
from base_image, and that will eliminate
hundreds of complaints from Trivy,
including the current CVE-2026-23112
which is marked as high severity.

Refs #415

Author: pjonsson

Dockerfile

@@ -39,6 +39,32 @@ ENV SOURCE_DIR=$HOME/src/force
 ARG debug=disable
 ARG build=all
 
+# Refresh package list & upgrade existing packages
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+# Disable interactive frontends.
+export DEBIAN_FRONTEND=noninteractive && \
+apt-get -y update && apt-get -y upgrade && \
+# Install required tools.
+apt-get -y install --no-install-recommends \
+  build-essential \
+  ca-certificates \
+  ccache \
+  dirmngr \
+  dos2unix \
+  git \
+  gpg \
+  libgsl0-dev \
+  libjansson-dev \
+  lockfile-progs \
+  pkgconf \
+  python3-dev \
+  python-is-python3 \
+  pandoc \
+  parallel \
+  rename \
+  r-base
+
 # Copy src to SOURCE_DIR
 RUN mkdir -p $SOURCE_DIR
 WORKDIR $SOURCE_DIR