Commit graph

116 commits

Author SHA1 Message Date
Daniel Jakots
0c99c6c3df
Update Node to 16.17.1 (#19224)
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
2022-09-24 00:11:34 +02:00
zunda
113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 (#18028)
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
2022-08-15 04:39:58 +02:00
Daniel Jakots
9f61f22a3b
Update node to 16.16.0 (#18790)
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
2022-08-15 02:47:33 +02:00
Shlee
602f291da9
Update Dockerfile (#18717) 2022-06-27 09:02:48 +02:00
Daniel Jakots
8ee4fde19b Bump NODE_VER to 16.14.2 (#17825)
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
2022-03-19 09:24:26 +01:00
Yamagishi Kazutoshi
298491a816
Remove protobuf dependencies (#17539) 2022-02-14 16:08:02 +01:00
Daniel Jakots
aa45404578
Bump NODE_VER to 16.13.2, to solve security issues (#17399)
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
Jeong Arm
fad37dd1bc
Save bundle config as local (#17188)
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
2021-12-25 22:52:24 +01:00
zunda
46e62fc4b3
Upgrade Ruby to 3.0.3 (#17038)
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24 20:29:05 +01:00
Shlee
d647f6ad04
Update Dockerfile (#16939) 2021-11-18 22:00:38 +01:00
Shlee
c242c1d87a
Ruby 3.0.2 Upgrade (#16982)
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
2021-11-18 21:59:57 +01:00
Shlee
03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
2021-11-17 07:57:01 +01:00
David Sterry
f68772fd6a
add bundle flag to suppress root warning (#16557) 2021-10-14 21:00:38 +02:00
Shlee
12cb6ed461
Update Dockerfile (#16696) 2021-09-13 19:03:14 +02:00
Shlee
229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc (#16163)
* Update config.yml

* Update Dockerfile

* Update .nvmrc

* Update Dockerfile

* NodeJS 10 is EOL.

* Update package.json

* Update README.md

* Update Vagrantfile

* Update Dockerfile

* Update Dockerfile
2021-08-10 22:56:13 +02:00
Daigo 3 Dango
3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
Claire
d95128c99d
Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
Daigo 3 Dango
3f8d0de82e
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
Mashiro
e3f1107975
build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
Sandro
46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Shlee
f56cf6e9d0
Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
Daniel Jakots
b4281f5a51
Update to Node.js-12.20.1 (#15558)
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
kaiyou
1817f96578
Fix the Dockerfile in case of Kaniko build (#15510)
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
Shlee
b429d33e46
Update Dockerfile (#15232) 2020-11-29 09:20:02 +01:00
Daigo 3 Dango
541b9f8c1c
Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
Kairui Song | 宋恺睿
03b5f09ffc
Minor fix & improvement for the Dockerfile (#14686)
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
Shlee
9ea91bbf59
Update Dockerfile (#13582) 2020-06-25 12:17:53 +02:00
Shlee
e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 (#13393) 2020-04-05 12:52:07 +02:00
Shlee
51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
Sara Aimée Smiseth
250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
Shlee
71baacb49a Update Dockerfile (#12997) 2020-01-28 20:33:09 +01:00
Shlee
e7d3495874 Upgrade Node v12 in Dockerfile (#12703) 2019-12-30 07:41:40 +01:00
Shlee
6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
David Caldwell
3b609da9bd Dockerfile: put back EXPOSE directive (#12279)
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce) allows the container to be used on rkt based systems.
2019-11-04 12:56:21 +01:00
Shlee
f8a0c00920 Update nodejs in Dockerfile (#12052) 2019-10-02 17:28:31 +02:00
Shlee
ea8c781ec7 Update Ruby in Dockerfile (#12050) 2019-10-02 15:20:43 +02:00
Yamagishi Kazutoshi
d7ed697030 Use prebuilt node.js on Docker image (#11768) 2019-09-07 05:12:20 +02:00
Shlee
59b013df5f Update NodeJS source for Docker Image (#11707)
* Update Ruby/Node/jemalloc source for Docker Image

* Update Dockerfile

* Update Dockerfile
2019-08-31 20:07:29 +02:00
Shlee
33f4b6e1eb Update Dockerfile (#11710) 2019-08-31 20:06:49 +02:00
Eugen Rochko
15c7478c55
Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Sandro Jäckel
1e6a1ea075 Docker: Remove dist-upgrade (#10822) 2019-05-26 22:26:45 +02:00
Sandro Jäckel
c90f3b9865 Docker: Keep /var/lib/apt/ to keep apt working (#10830) 2019-05-25 23:20:28 +02:00
Alfie John
0852e643b7 Expand abbreviation to minimise confusion (#10826) 2019-05-25 23:20:18 +02:00
Ben Lubar
d36fcb54c4 Re-organize Dockerfile to improve incremental builds. (#10212)
- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.
2019-03-08 16:12:48 +01:00
mohemohe
16fb39cffc Fix fail health check due to missing wget (#10110) 2019-02-25 04:06:24 +01:00
Sir-Boops
1dbf993bce Switch to Ubuntu for docker (#10100) 2019-02-24 16:32:40 +01:00
J0WI
26c1aba658 Do not use apk cache and upgrade (#9966) 2019-02-05 15:13:19 +01:00
J0WI
11d1502853 Replace LibreSSL by OpenSSL (#9975) 2019-02-05 15:12:45 +01:00
ashleyhull-versent
5c873a4ed7 Update Dockerfile (#9965) 2019-02-05 05:11:51 +01:00
ashleyhull-versent
8ec539fef1 Update Dockerfile (#9796) 2019-01-17 16:18:40 +01:00