99e2e9b81f
Fix minor typos in comments and spec names ( #21831 )
2023-05-19 17:13:29 +02:00
ac41a9712e
Fixed mastodon version injection into containers via github actions ( #24858 )
2023-05-04 21:33:32 +02:00
830e6cefae
Add version suffixes to nightly & edge image builds ( #24823 )
2023-05-04 13:45:39 +02:00
862861069d
Update Node.js to 16.20.0 ( #24316 )
2023-04-07 14:26:11 +02:00
26682d4c22
Remove duplicate ca-certificates Docker install ( #24231 )
2023-04-07 14:10:12 +02:00
f318f1ef0e
Bump ruby to 3.2.2 due to ReDoS vulnerabilities ( #24320 )
2023-03-31 18:28:40 +02:00
e7e189fa44
Use Yarn production install for asset compile ( #24232 )
2023-03-23 22:49:47 +01:00
fb8503e861
Upgrade to Ruby 3.2 ( #22928 )
...
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
841263a548
Update Ruby to 3.0.5 ( #23544 )
2023-02-13 14:39:24 +01:00
c6b7e04120
Sync Node.js to 16.19 patch release ( #23554 )
2023-02-13 04:58:37 +01:00
a1c0573bc6
Yarn cache cleanup right after install in Docker ( #23557 )
2023-02-13 04:57:51 +01:00
a0813806d6
Add hadolint as Dockerfile linter ( #20993 )
...
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile
* Use more specific version of hadolint Action
* Bumpt hadolint Action version to latest version to avoid deprecation notice
* Being _really_ specific now
2022-12-15 15:57:17 +01:00
736b4283b0
Update Node 16.18.1 for latest security release ( #22019 )
...
* Update Node 16.18.1 for latest security release
* Increase Yarn network timeout for build error
2022-12-11 07:37:00 +01:00
f343ed42ff
Add missing procps package to Dockerfile ( #21028 )
...
The new Debian-Base does not come with this by default, making the ps based health-check in the compose file fail
2022-11-22 05:52:18 +01:00
231e3ec552
Remove blank line from start of Dockerfile breaking syntax declaration ( #20948 )
2022-11-17 10:25:07 -05:00
1b5ed32085
Split off Dockerfile components for faster build times ( #20933 )
2022-11-17 12:56:14 +01:00
92734e3df1
Use buildx functions for faster build ( #20692 )
...
* Use buildx functions for faster build
* move link
* cannot use --link with --chown
2022-11-17 11:01:16 +01:00
5cf056fdb0
Install python3 when building with Docker ( #18072 )
2022-09-29 16:36:14 +02:00
0c99c6c3df
Update Node to 16.17.1 ( #19224 )
...
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
2022-09-24 00:11:34 +02:00
113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 ( #18028 )
...
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
2022-08-15 04:39:58 +02:00
9f61f22a3b
Update node to 16.16.0 ( #18790 )
...
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
2022-08-15 02:47:33 +02:00
602f291da9
Update Dockerfile ( #18717 )
2022-06-27 09:02:48 +02:00
8ee4fde19b
Bump NODE_VER to 16.14.2 ( #17825 )
...
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
2022-03-19 09:24:26 +01:00
298491a816
Remove protobuf dependencies ( #17539 )
2022-02-14 16:08:02 +01:00
aa45404578
Bump NODE_VER to 16.13.2, to solve security issues ( #17399 )
...
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
fad37dd1bc
Save bundle config as local ( #17188 )
...
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
2021-12-25 22:52:24 +01:00
46e62fc4b3
Upgrade Ruby to 3.0.3 ( #17038 )
...
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24 20:29:05 +01:00
d647f6ad04
Update Dockerfile ( #16939 )
2021-11-18 22:00:38 +01:00
c242c1d87a
Ruby 3.0.2 Upgrade ( #16982 )
...
* Update .ruby-version
* Update Gemfile
* Update Gemfile.lock
* Update Dockerfile
* Update check-i18n.yml
* Update config.yml
* Update config.yml
2021-11-18 21:59:57 +01:00
03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. ( #16856 )
...
* [Security] Update NodeJS on docker.
https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/
* Update Dockerfile
* Upgrade npm package
* Update Dockerfile
2021-11-17 07:57:01 +01:00
f68772fd6a
add bundle flag to suppress root warning ( #16557 )
2021-10-14 21:00:38 +02:00
12cb6ed461
Update Dockerfile ( #16696 )
2021-09-13 19:03:14 +02:00
229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc ( #16163 )
...
* Update config.yml
* Update Dockerfile
* Update .nvmrc
* Update Dockerfile
* NodeJS 10 is EOL.
* Update package.json
* Update README.md
* Update Vagrantfile
* Update Dockerfile
* Update Dockerfile
2021-08-10 22:56:13 +02:00
3d5183e99c
Use ruby-2.7.4 ( #16481 )
...
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
d95128c99d
Revert default Ruby version to 2.7.2 ( #16154 )
...
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781
Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
3f8d0de82e
Upgrade Ruby to 2.7.3 ( #16004 )
...
* Upgrade Ruby to 2.7.3
https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows
* Update rexml to 3.2.5
https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
e3f1107975
build: install shared-mime-info in Dockerfile ( #15978 )
2021-03-30 10:10:04 +02:00
46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions ( #10823 )
...
* Format, apply hadolint suggestions, little nitpicks
* Use pre compiled jemalloc
* Use tini from package repository
2021-03-20 21:21:57 +01:00
f56cf6e9d0
Update Dockerfile ( #15869 )
2021-03-12 05:33:35 +01:00
b4281f5a51
Update to Node.js-12.20.1 ( #15558 )
...
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
1817f96578
Fix the Dockerfile in case of Kaniko build ( #15510 )
...
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.
Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
b429d33e46
Update Dockerfile ( #15232 )
2020-11-29 09:20:02 +01:00
541b9f8c1c
Use Ruby 2.7.2 ( #15150 )
...
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
03b5f09ffc
Minor fix & improvement for the Dockerfile ( #14686 )
...
* Dockerfile: Fix building with multiarch
Tested on amd64 and arm64
* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
9ea91bbf59
Update Dockerfile ( #13582 )
2020-06-25 12:17:53 +02:00
e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 ( #13393 )
2020-04-05 12:52:07 +02:00
51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker ( #13235 )
...
* Update Dockerfile
* Update Dockerfile
2020-03-10 12:00:55 +01:00
250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture ( #13081 )
...
* Use ARCH variable instead of hardcoded x64
* fix formating
2020-02-16 12:54:57 +01:00
71baacb49a
Update Dockerfile ( #12997 )
2020-01-28 20:33:09 +01:00
e7d3495874
Upgrade Node v12 in Dockerfile ( #12703 )
2019-12-30 07:41:40 +01:00
Nick Schonning
Tim Campbell
Renaud Chaput
Sai
Aaron Patterson
Moritz Heiber
BtbN
Effy Elden
Kohei Ota (inductor)
Yamagishi Kazutoshi
Daniel Jakots
zunda
Shlee
Jeong Arm
zunda
David Sterry
Claire
Mashiro
Sandro
kaiyou
Kairui Song | 宋恺睿
Sara Aimée Smiseth