Commit Graph

148 Commits (b1dec09d203d535a3b0bc61e520e520ba7643878)

Author SHA1 Message Date
Michael Stanclift 8710bdb183
Fix mastodon user not being owner of tmp folder in Dockerfile (#28137) 1 year ago
Michael Stanclift c40cfc5d09
Fix apt cache not being properly utilized in Dockerfile (#28115) 1 year ago
Michael Stanclift 7a3b41eb54
Fix incorrect apt-get install block in Dockerfile (#28112) 1 year ago
Michael Stanclift a80530d1df
Dockerfile rewrite based on Ruby image with performance optimizations and size reduction, dedicated Streaming image (#26850)
Co-authored-by: “Michael <“mx@vmstan.com>
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
1 year ago
Tim Campbell 60f143e41f
Fixed yarn not installing node packages for streaming (#27967) 1 year ago
Renaud Chaput 757d7c73c0
Upgrade to Yarn 4, remove support for Node 16 (#27073) 1 year ago
renovate[bot] 9c34bb4d54
Update Node.js to v20.9 (#27714)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 year ago
Michael Stanclift b1885387b6
Fix missing libyaml-dev dependency in Dockerfile (#27533) 1 year ago
renovate[bot] 829be02abe
Update Node.js to v20.8 (#27240)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 year ago
renovate[bot] a4c29a4e51
Update Node.js to v20.7 (#27112)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 year ago
Renaud Chaput ef8ca2fd72
Change Dockerfile to upgrade packages when building (#26922) 1 year ago
Renaud Chaput e9b528eaee
Use NodeJS v20 by default (#26830) 1 year ago
Michael Stanclift b749de766f
Migrate Dockerfile to Bookworm (#26802) 1 year ago
Claire f39847476c
Change the pre-release versioning scheme and associated environment variables (#26653) 1 year ago
Nick Schonning 99e2e9b81f
Fix minor typos in comments and spec names (#21831) 2 years ago
Tim Campbell ac41a9712e
Fixed mastodon version injection into containers via github actions (#24858) 2 years ago
Renaud Chaput 830e6cefae
Add version suffixes to nightly & edge image builds (#24823) 2 years ago
Nick Schonning 862861069d
Update Node.js to 16.20.0 (#24316) 2 years ago
Nick Schonning 26682d4c22
Remove duplicate ca-certificates Docker install (#24231) 2 years ago
Sai f318f1ef0e
Bump ruby to 3.2.2 due to ReDoS vulnerabilities (#24320) 2 years ago
Nick Schonning e7e189fa44
Use Yarn production install for asset compile (#24232) 2 years ago
Aaron Patterson fb8503e861
Upgrade to Ruby 3.2 (#22928)
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2 years ago
Nick Schonning 841263a548
Update Ruby to 3.0.5 (#23544) 2 years ago
Nick Schonning c6b7e04120
Sync Node.js to 16.19 patch release (#23554) 2 years ago
Nick Schonning a1c0573bc6
Yarn cache cleanup right after install in Docker (#23557) 2 years ago
Moritz Heiber a0813806d6
Add hadolint as Dockerfile linter (#20993)
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile

* Use more specific version of hadolint Action

* Bumpt hadolint Action version to latest version to avoid deprecation notice

* Being _really_ specific now
2 years ago
Nick Schonning 736b4283b0
Update Node 16.18.1 for latest security release (#22019)
* Update Node 16.18.1 for latest security release

* Increase Yarn network timeout for build error
2 years ago
BtbN f343ed42ff
Add missing procps package to Dockerfile (#21028)
The new Debian-Base does not come with this by default, making the ps based health-check in the compose file fail
2 years ago
Effy Elden 231e3ec552
Remove blank line from start of Dockerfile breaking syntax declaration (#20948) 2 years ago
Moritz Heiber 1b5ed32085
Split off Dockerfile components for faster build times (#20933) 2 years ago
Kohei Ota (inductor) 92734e3df1
Use buildx functions for faster build (#20692)
* Use buildx functions for faster build

* move link

* cannot use --link with --chown
2 years ago
Yamagishi Kazutoshi 5cf056fdb0
Install python3 when building with Docker (#18072) 2 years ago
Daniel Jakots 0c99c6c3df
Update Node to 16.17.1 (#19224)
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
2 years ago
zunda 113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 (#18028)
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
2 years ago
Daniel Jakots 9f61f22a3b
Update node to 16.16.0 (#18790)
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
2 years ago
Shlee 602f291da9
Update Dockerfile (#18717) 3 years ago
Daniel Jakots 8ee4fde19b Bump NODE_VER to 16.14.2 (#17825)
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
3 years ago
Yamagishi Kazutoshi 298491a816
Remove protobuf dependencies (#17539) 3 years ago
Daniel Jakots aa45404578
Bump NODE_VER to 16.13.2, to solve security issues (#17399)
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
3 years ago
Jeong Arm fad37dd1bc
Save bundle config as local (#17188)
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
3 years ago
zunda 46e62fc4b3
Upgrade Ruby to 3.0.3 (#17038)
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
3 years ago
Shlee d647f6ad04
Update Dockerfile (#16939) 3 years ago
Shlee c242c1d87a
Ruby 3.0.2 Upgrade (#16982)
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
3 years ago
Shlee 03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
3 years ago
David Sterry f68772fd6a
add bundle flag to suppress root warning (#16557) 3 years ago
Shlee 12cb6ed461
Update Dockerfile (#16696) 3 years ago
Shlee 229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc (#16163)
* Update config.yml

* Update Dockerfile

* Update .nvmrc

* Update Dockerfile

* NodeJS 10 is EOL.

* Update package.json

* Update README.md

* Update Vagrantfile

* Update Dockerfile

* Update Dockerfile
3 years ago
Daigo 3 Dango 3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
4 years ago
Claire d95128c99d
Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
4 years ago
Daigo 3 Dango 3f8d0de82e
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
4 years ago