Commit Graph

134 Commits (626f9cf83199b75424f09589439ac4e92d1badc6)

Author SHA1 Message Date
Nick Schonning 99e2e9b81f
Fix minor typos in comments and spec names ()
Tim Campbell ac41a9712e
Fixed mastodon version injection into containers via github actions ()
Renaud Chaput 830e6cefae
Add version suffixes to nightly & edge image builds ()
Nick Schonning 862861069d
Update Node.js to 16.20.0 ()
Nick Schonning 26682d4c22
Remove duplicate ca-certificates Docker install ()
Sai f318f1ef0e
Bump ruby to 3.2.2 due to ReDoS vulnerabilities ()
Nick Schonning e7e189fa44
Use Yarn production install for asset compile ()
Aaron Patterson fb8503e861
Upgrade to Ruby 3.2 ()
Co-authored-by: Matthew Ford <matt@bitzesty.com>
Nick Schonning 841263a548
Update Ruby to 3.0.5 ()
Nick Schonning c6b7e04120
Sync Node.js to 16.19 patch release ()
Nick Schonning a1c0573bc6
Yarn cache cleanup right after install in Docker ()
Moritz Heiber a0813806d6
Add hadolint as Dockerfile linter ()
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile

* Use more specific version of hadolint Action

* Bumpt hadolint Action version to latest version to avoid deprecation notice

* Being _really_ specific now
Nick Schonning 736b4283b0
Update Node 16.18.1 for latest security release ()
* Update Node 16.18.1 for latest security release

* Increase Yarn network timeout for build error
BtbN f343ed42ff
Add missing procps package to Dockerfile ()
The new Debian-Base does not come with this by default, making the ps based health-check in the compose file fail
Effy Elden 231e3ec552
Remove blank line from start of Dockerfile breaking syntax declaration ()
Moritz Heiber 1b5ed32085
Split off Dockerfile components for faster build times ()
Kohei Ota (inductor) 92734e3df1
Use buildx functions for faster build ()
* Use buildx functions for faster build

* move link

* cannot use --link with --chown
Yamagishi Kazutoshi 5cf056fdb0
Install python3 when building with Docker ()
Daniel Jakots 0c99c6c3df
Update Node to 16.17.1 ()
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
zunda 113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 ()
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
Daniel Jakots 9f61f22a3b
Update node to 16.16.0 ()
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
Shlee 602f291da9
Update Dockerfile ()
Daniel Jakots 8ee4fde19b Bump NODE_VER to 16.14.2 ()
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
Yamagishi Kazutoshi 298491a816
Remove protobuf dependencies ()
Daniel Jakots aa45404578
Bump NODE_VER to 16.13.2, to solve security issues ()
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
Jeong Arm fad37dd1bc
Save bundle config as local ()
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
zunda 46e62fc4b3
Upgrade Ruby to 3.0.3 ()
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
Shlee d647f6ad04
Update Dockerfile ()
Shlee c242c1d87a
Ruby 3.0.2 Upgrade ()
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
Shlee 03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. ()
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
David Sterry f68772fd6a
add bundle flag to suppress root warning ()
Shlee 12cb6ed461
Update Dockerfile ()
Shlee 229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc ()
* Update config.yml

* Update Dockerfile

* Update .nvmrc

* Update Dockerfile

* NodeJS 10 is EOL.

* Update package.json

* Update README.md

* Update Vagrantfile

* Update Dockerfile

* Update Dockerfile
Daigo 3 Dango 3d5183e99c
Use ruby-2.7.4 ()
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
Claire d95128c99d
Revert default Ruby version to 2.7.2 ()
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
Daigo 3 Dango 3f8d0de82e
Upgrade Ruby to 2.7.3 ()
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
Mashiro e3f1107975
build: install shared-mime-info in Dockerfile ()
Sandro 46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions ()
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
Shlee f56cf6e9d0
Update Dockerfile ()
Daniel Jakots b4281f5a51
Update to Node.js-12.20.1 ()
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
kaiyou 1817f96578
Fix the Dockerfile in case of Kaniko build ()
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
Shlee b429d33e46
Update Dockerfile ()
Daigo 3 Dango 541b9f8c1c
Use Ruby 2.7.2 ()
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
Kairui Song | 宋恺睿 03b5f09ffc
Minor fix & improvement for the Dockerfile ()
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
Shlee 9ea91bbf59
Update Dockerfile ()
Shlee e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 ()
Shlee 51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker ()
* Update Dockerfile

* Update Dockerfile
Sara Aimée Smiseth 250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture ()
* Use ARCH variable instead of hardcoded x64

* fix formating
Shlee 71baacb49a Update Dockerfile ()
Shlee e7d3495874 Upgrade Node v12 in Dockerfile ()