Age | Commit message (Collapse) | Author |
|
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
|
|
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.
Co-authored-by: kaiyou <dev@kaiyou.fr>
|
|
|
|
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
|
|
* Dockerfile: Fix building with multiarch
Tested on amd64 and arm64
* Reduce docker image size by clean up some unneeded source file
|
|
|
|
|
|
* Update Dockerfile
* Update Dockerfile
|
|
hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64
* fix formating
|
|
|
|
|
|
|
|
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce5627e2c3fcab6e9c63b5279dff018a) allows the container to be used on rkt based systems.
|
|
|
|
|
|
|
|
* Update Ruby/Node/jemalloc source for Docker Image
* Update Dockerfile
* Update Dockerfile
|
|
|
|
|
|
|
|
|
|
|
|
- Always run apt update before any other apt command. (This fixes
incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
deleting cache *increases* the size of the image on non-squashed
builds.)
- Move the installation of some static dependencies to *before* Mastodon
code is imported to Docker.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
system memory help (#8842)
|
|
* Revert "update vagrant configs (#8706)"
This reverts commit 8971bb8cf29ce940345cf306725dd3f71e8ffded.
* Revert "Updated ruby/node images (#8700)"
This reverts commit 5aae71cf60ba436579e61a330d9cb5d9807ccdd2.
|
|
|
|
* Dockerfile: run asset precompilation as a build step
* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
|
|
|
|
|
|
|
|
|
|
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/
> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
|
|
Fix #6809
I don't know why, either
|
|
Fix 6734
|
|
Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
|
|
It is no longer necessary since commit
be9bab171dc2b1fe43bc742decb71f64541ca347.
|
|
|
|
|
|
Fix #6605
|
|
Both of yarn and npm are used in Mastodon, but the combined usage requires
a redundant dependency and may lead to data inconsistency.
Considering that yarn has autoclean feature which npm does not have,
this change replaces all npm usage with yarn.
This change requires documentation update. Most notably, the following
command must be executed before assets precompilation if any system
dependency of node-sass has changed:
yarn install --force --pure-lockfile
|
|
When volumes are declared, but the corresponding directories don't exist, permissions for those directories will be root:root instead of mastodon:mastodon..
This changes makes sure the permissions of the volume directories are as expected.
|