version: '3.8'

services:
  vulnerable:
    build:
      context: ./app
      dockerfile: Dockerfile
    ports:
      - "3000:3000"
    environment:
      - PORT=3000
      - MODE=vulnerable
    container_name: cve-2026-39866-vulnerable

  patched:
    build:
      context: ./app
      dockerfile: Dockerfile
    ports:
      - "3001:3000"
    environment:
      - PORT=3000
      - MODE=patched
    container_name: cve-2026-39866-patched