about summary refs log tree commit diff
path: root/Dockerfile
AgeCommit message (Collapse)Author
2021-05-04Revert default Ruby version to 2.7.2 (#16154)Claire
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within Mastodon: https://bugs.ruby-lang.org/issues/17781 Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem to apply to Mastodon: https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-04-09Upgrade Ruby to 2.7.3 (#16004)Daigo 3 Dango
* Upgrade Ruby to 2.7.3 https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ includes security fixes to - CVE-2021-28965: XML round-trip vulnerability in REXML - CVE-2021-28966: Path traversal in Tempfile on Windows * Update rexml to 3.2.5 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-03-30build: install shared-mime-info in Dockerfile (#15978)Mashiro
2021-03-20Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)Sandro
* Format, apply hadolint suggestions, little nitpicks * Use pre compiled jemalloc * Use tini from package repository
2021-03-12Update Dockerfile (#15869)Shlee
2021-01-28Update to Node.js-12.20.1 (#15558)Daniel Jakots
This is a security release. You can read the announce at https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-08Fix the Dockerfile in case of Kaniko build (#15510)kaiyou
Kaniko does not support looking up binaries from $PATH, so we specify the full path to the bash binary. Co-authored-by: kaiyou <dev@kaiyou.fr>
2020-11-29Update Dockerfile (#15232)Shlee
2020-11-19Use Ruby 2.7.2 (#15150)Daigo 3 Dango
thwait and e2mmap are no longer needed in Gemfile. Gems properly require those.
2020-08-30Minor fix & improvement for the Dockerfile (#14686)Kairui Song | 宋恺睿
* Dockerfile: Fix building with multiarch Tested on amd64 and arm64 * Reduce docker image size by clean up some unneeded source file
2020-06-25Update Dockerfile (#13582)Shlee
2020-04-05[Security] Update Dockerfile for Ruby 2.6.6 (#13393)Shlee
2020-03-10[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)Shlee
* Update Dockerfile * Update Dockerfile
2020-02-16Fix non-x64 architectures not being able to build Docker image because of ↵Sara Aimée Smiseth
hardcoded Node.js architecture (#13081) * Use ARCH variable instead of hardcoded x64 * fix formating
2020-01-28Update Dockerfile (#12997)Shlee
2019-12-30Upgrade Node v12 in Dockerfile (#12703)Shlee
2019-11-29Updated NodeJS in Dockerfile (#12492)Shlee
2019-11-04Dockerfile: put back EXPOSE directive (#12279)David Caldwell
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce5627e2c3fcab6e9c63b5279dff018a) allows the container to be used on rkt based systems.
2019-10-02Update nodejs in Dockerfile (#12052)Shlee
2019-10-02Update Ruby in Dockerfile (#12050)Shlee
2019-09-07Use prebuilt node.js on Docker image (#11768)Yamagishi Kazutoshi
2019-08-31Update NodeJS source for Docker Image (#11707)Shlee
* Update Ruby/Node/jemalloc source for Docker Image * Update Dockerfile * Update Dockerfile
2019-08-31Update Dockerfile (#11710)Shlee
2019-07-18Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351)Eugen Rochko
2019-05-26Docker: Remove dist-upgrade (#10822)Sandro Jäckel
2019-05-25Docker: Keep /var/lib/apt/ to keep apt working (#10830)Sandro Jäckel
2019-05-25Expand abbreviation to minimise confusion (#10826)Alfie John
2019-03-08Re-organize Dockerfile to improve incremental builds. (#10212)Ben Lubar
- Always run apt update before any other apt command. (This fixes incremental builds failing if a remote package is updated.) - Only copy dependency lists before installing dependencies. (This means editing code doesn't force all dependencies to be re-downloaded.) - Delete cache in the same layer that it is created. (Otherwise, deleting cache *increases* the size of the image on non-squashed builds.) - Move the installation of some static dependencies to *before* Mastodon code is imported to Docker.
2019-02-25Fix fail health check due to missing wget (#10110)mohemohe
2019-02-24Switch to Ubuntu for docker (#10100)Sir-Boops
2019-02-05Do not use apk cache and upgrade (#9966)J0WI
2019-02-05Replace LibreSSL by OpenSSL (#9975)J0WI
2019-02-05Update Dockerfile (#9965)ashleyhull-versent
2019-01-17Update Dockerfile (#9796)ashleyhull-versent
2019-01-01Installing libxml2 and libxslt on Docker (#9680)Yamagishi Kazutoshi
2018-12-16Dockerfile: Nodejs 8.12 -> 8.14 (#9532)Isatis
2018-10-23Update Dockerfile (#9026)ashleyhull-versent
2018-10-04Dockerfile: update Node to 8.12.0 and put Ruby on Alpine 3.7 for build ↵Isatis
system memory help (#8842)
2018-09-17Revert "Updated ruby/node images" (#8712)ashleyhull-versent
* Revert "update vagrant configs (#8706)" This reverts commit 8971bb8cf29ce940345cf306725dd3f71e8ffded. * Revert "Updated ruby/node images (#8700)" This reverts commit 5aae71cf60ba436579e61a330d9cb5d9807ccdd2.
2018-09-15Updated ruby/node images (#8700)ashleyhull-versent
2018-07-15Dockerfile: run asset precompilation as a build step (#7780)Kevin Liu
* Dockerfile: run asset precompilation as a build step * Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
2018-07-14Upgrade Node.js to v8.x on Docker image (#8019)Yamagishi Kazutoshi
2018-07-14Upgrade webpack to version v4.x (#6655)Yamagishi Kazutoshi
2018-06-26Add symbolic link for yarnpkg (#7894)Yamagishi Kazutoshi
2018-06-25Add /mastodon/bin to $PATH (#7889)Yamagishi Kazutoshi
2018-04-01Update Ruby to version 2.4.4 (#6964)Yamagishi Kazutoshi
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/ > This release includes some bug fixes and some security fixes. > > - CVE-2017-17742: HTTP response splitting in WEBrick > - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir > - CVE-2018-8777: DoS by large request in WEBrick > - CVE-2018-8778: Buffer under-read in String#unpack > - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket > - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir > - Multiple vulnerabilities in RubyGems
2018-03-17Re-add git and nodejs-npm to Dockerfile (#6810)Eugen Rochko
Fix #6809 I don't know why, either
2018-03-17Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)Eugen Rochko
Fix 6734
2018-03-10Use Alpine Linux yarn package in Docker (#6725)Akihiko Odaki
Yarn was manually installed to meet the Yarn version requirement of webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
2018-03-10Remove su-exec from Docker image (#6722)Akihiko Odaki
It is no longer necessary since commit be9bab171dc2b1fe43bc742decb71f64541ca347.