fix: dockerfile copy vs add

[ceholden]

What type of PR is this? (check all applicable)

• 🐛 Bug Fix

Related Issue

This PR fixes a release time issue with #206,
https://github.com/hotosm/OpenAerialMap/actions/runs/16059563354/job/45322169917

Describe this PR

This PR changes the Dockerfile to use COPY instead of ADD (as was used in the uv docs) since ADD is possibly less secure as it can interact with remote files.

Screenshots

N/A

Alternative Approaches Considered

N/A

Review Guide

Should we add Checkov to the CI/CD and perhaps also to the pre-commit setup? I checked that this passed,

checkov -f **/Dockerfile --skip-check CKV_DOCKER_8 --skip-check CKV_DOCKER_2 --skip-check CKV_DOCKER_3 --skip-check CKV_DOCKER_5

based on how the image publishing workflow uses checkov.

I also added Checkov to the pre-commit hook setup using the default "skip CVE" arguments.

edit - I reverted this because pre-commit.ci refused to clone the Checkov repo as it was too large

Checklist before requesting a review

• 📖 Read the OAM Contributing Guide: https://github.com/hotosm/openaerialmap/blob/main/CONTRIBUTING.md
• 📖 Read the HOT Code of Conduct: https://docs.hotosm.org/code-of-conduct
• 👷‍♀️ Create small PRs. In most cases, this will be possible.
• ✅ Provide tests for your changes.
• 📝 Use descriptive commit messages.
• 📗 Update any related documentation and include any relevant screenshots.

[optional] What gif best describes this PR or how it makes you feel?

🚀

[spwoodcock]

Surprised this is in the uv docs 😅