Apache Airflow version:

1.10.11, 2.0.0

What happened:

Yarn.lock and package.json file are present in Production image. This make for example security scanners to find vulnerabilities even if they are not really "present".

What you expected to happen:

Yarn.lock and package.json should not be present in the image.

How to reproduce it:

Run docker run -it <AIRFLOW_IMAGE> bash

ls /home/airflow/.local/lib/python*/site-packages/airflow/www_/package.json /home/airflow/.local/lib/python/site-packages/airflow/www_*/yarn.lock

Both files are present.

They should not be.