diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 632cd6ddc4e..727438b8d6c 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -14,6 +14,14 @@ permissions:
   contents: write
 
 jobs:
+  docker-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: hadolint/hadolint-action@v3
+        with:
+          verbose: true
   lint:
     runs-on: ubuntu-latest
     steps:
diff --git a/Dockerfile b/Dockerfile
index 7bec3bd4b79..ef6fc129057 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,2 +1,17 @@
-FROM node:20.12.2-alpine3.19 AS base
-RUN wget -qO- https://get.pnpm.io/install.sh | ENV="$HOME/.shrc" SHELL="$(which sh)" sh -
+FROM node:20.12.2-alpine3.19
+
+USER 0:0
+
+RUN npm install -g pnpm \
+    && addgroup -g 1001 mermaid \
+    && adduser -u 1001 -G mermaid -h /home/mermaid -D mermaid \
+    && mkdir -p /workspaces/mermaid \
+    && chown mermaid:mermaid /workspaces/mermaid
+
+ENV NODE_OPTIONS="--max_old_space_size=8192"
+
+USER 1000:1000
+
+WORKDIR /workspaces/mermaid
+
+EXPOSE 9000 3333
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 841f07ff9fc..ab9a348b560 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,16 +5,13 @@ services:
       dockerfile: Dockerfile
     stdin_open: true
     tty: true
-    working_dir: /mermaid
+    working_dir: /workspaces/mermaid
     mem_limit: '8G'
-    entrypoint: ./docker-entrypoint.sh
-    environment:
-      - NODE_OPTIONS=--max_old_space_size=8192
     volumes:
-      - ./:/mermaid
-      - root_cache:/root/.cache
-      - root_local:/root/.local
-      - root_npm:/root/.npm
+      - ./:/workspaces/mermaid
+      - user_cache:/home/mermaid/.cache
+      - user_local:/home/mermaid/.local
+      - user_npm:/home/mermaid/.npm
       - /tmp:/tmp
     ports:
       - 9000:9000
@@ -23,17 +20,17 @@ services:
     image: cypress/included:13.7.3
     stdin_open: true
     tty: true
-    working_dir: /mermaid
+    working_dir: /workspaces/mermaid
     mem_limit: '2G'
     entrypoint: cypress
     environment:
       - DISPLAY
     volumes:
-      - ./:/mermaid
+      - ./:/workspaces/mermaid
       - /tmp/.X11-unix:/tmp/.X11-unix
     network_mode: host
 
 volumes:
-  root_cache:
-  root_local:
-  root_npm:
+  user_cache:
+  user_local:
+  user_npm:
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
deleted file mode 100755
index c222b7fd506..00000000000
--- a/docker-entrypoint.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-source /root/.shrc
-exec "$@"