Tim Campbell 
							
						 
					 
					
						
						
							
						
						ac41a9712e 
					 
					
						
						
							
							Fixed mastodon version injection into containers via github actions ( #24858 )  
						
						
						
						
					 
					
						2023-05-04 21:33:32 +02:00 
						 
				 
			
				
					
						
							
							
								Renaud Chaput 
							
						 
					 
					
						
						
							
						
						830e6cefae 
					 
					
						
						
							
							Add version suffixes to nightly & edge image builds ( #24823 )  
						
						
						
						
					 
					
						2023-05-04 13:45:39 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						862861069d 
					 
					
						
						
							
							Update Node.js to 16.20.0 ( #24316 )  
						
						
						
						
					 
					
						2023-04-07 14:26:11 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						26682d4c22 
					 
					
						
						
							
							Remove duplicate ca-certificates Docker install ( #24231 )  
						
						
						
						
					 
					
						2023-04-07 14:10:12 +02:00 
						 
				 
			
				
					
						
							
							
								Sai 
							
						 
					 
					
						
						
							
						
						f318f1ef0e 
					 
					
						
						
							
							Bump ruby to 3.2.2 due to ReDoS vulnerabilities ( #24320 )  
						
						
						
						
					 
					
						2023-03-31 18:28:40 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						e7e189fa44 
					 
					
						
						
							
							Use Yarn production install for asset compile ( #24232 )  
						
						
						
						
					 
					
						2023-03-23 22:49:47 +01:00 
						 
				 
			
				
					
						
							
							
								Aaron Patterson 
							
						 
					 
					
						
						
							
						
						fb8503e861 
					 
					
						
						
							
							Upgrade to Ruby 3.2 ( #22928 )  
						
						... 
						
						
						
						Co-authored-by: Matthew Ford <matt@bitzesty.com > 
						
						
					 
					
						2023-02-15 08:30:27 +01:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						841263a548 
					 
					
						
						
							
							Update Ruby to 3.0.5 ( #23544 )  
						
						
						
						
					 
					
						2023-02-13 14:39:24 +01:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						c6b7e04120 
					 
					
						
						
							
							Sync Node.js to 16.19 patch release ( #23554 )  
						
						
						
						
					 
					
						2023-02-13 04:58:37 +01:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						a1c0573bc6 
					 
					
						
						
							
							Yarn cache cleanup right after install in Docker ( #23557 )  
						
						
						
						
					 
					
						2023-02-13 04:57:51 +01:00 
						 
				 
			
				
					
						
							
							
								Moritz Heiber 
							
						 
					 
					
						
						
							
						
						a0813806d6 
					 
					
						
						
							
							Add hadolint as Dockerfile linter ( #20993 )  
						
						... 
						
						
						
						* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile
* Use more specific version of hadolint Action
* Bumpt hadolint Action version to latest version to avoid deprecation notice
* Being _really_ specific now 
						
						
					 
					
						2022-12-15 15:57:17 +01:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
						
						736b4283b0 
					 
					
						
						
							
							Update Node 16.18.1 for latest security release ( #22019 )  
						
						... 
						
						
						
						* Update Node 16.18.1 for latest security release
* Increase Yarn network timeout for build error 
						
						
					 
					
						2022-12-11 07:37:00 +01:00 
						 
				 
			
				
					
						
							
							
								BtbN 
							
						 
					 
					
						
						
							
						
						f343ed42ff 
					 
					
						
						
							
							Add missing procps package to Dockerfile ( #21028 )  
						
						... 
						
						
						
						The new Debian-Base does not come with this by default, making the ps based health-check in the compose file fail 
						
						
					 
					
						2022-11-22 05:52:18 +01:00 
						 
				 
			
				
					
						
							
							
								Effy Elden 
							
						 
					 
					
						
						
							
						
						231e3ec552 
					 
					
						
						
							
							Remove blank line from start of Dockerfile breaking syntax declaration ( #20948 )  
						
						
						
						
					 
					
						2022-11-17 10:25:07 -05:00 
						 
				 
			
				
					
						
							
							
								Moritz Heiber 
							
						 
					 
					
						
						
							
						
						1b5ed32085 
					 
					
						
						
							
							Split off Dockerfile components for faster build times ( #20933 )  
						
						
						
						
					 
					
						2022-11-17 12:56:14 +01:00 
						 
				 
			
				
					
						
							
							
								Kohei Ota (inductor) 
							
						 
					 
					
						
						
							
						
						92734e3df1 
					 
					
						
						
							
							Use buildx functions for faster build ( #20692 )  
						
						... 
						
						
						
						* Use buildx functions for faster build
* move link
* cannot use --link with --chown 
						
						
					 
					
						2022-11-17 11:01:16 +01:00 
						 
				 
			
				
					
						
							
							
								Yamagishi Kazutoshi 
							
						 
					 
					
						
						
							
						
						5cf056fdb0 
					 
					
						
						
							
							Install python3 when building with Docker ( #18072 )  
						
						
						
						
					 
					
						2022-09-29 16:36:14 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel Jakots 
							
						 
					 
					
						
						
							
						
						0c99c6c3df 
					 
					
						
						
							
							Update Node to 16.17.1 ( #19224 )  
						
						... 
						
						
						
						See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/ 
for the details. 
						
						
					 
					
						2022-09-24 00:11:34 +02:00 
						 
				 
			
				
					
						
							
							
								zunda 
							
						 
					 
					
						
						
							
						
						113dd90aa3 
					 
					
						
						
							
							Bump Ruby version from 3.0.3 to 3.0.4 ( #18028 )  
						
						... 
						
						
						
						https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/  
					
						2022-08-15 04:39:58 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel Jakots 
							
						 
					 
					
						
						
							
						
						9f61f22a3b 
					 
					
						
						
							
							Update node to 16.16.0 ( #18790 )  
						
						... 
						
						
						
						See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/  
						
						
					 
					
						2022-08-15 02:47:33 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						602f291da9 
					 
					
						
						
							
							Update Dockerfile ( #18717 )  
						
						
						
						
					 
					
						2022-06-27 09:02:48 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel Jakots 
							
						 
					 
					
						
						
							
						
						8ee4fde19b 
					 
					
						
						
							
							Bump NODE_VER to 16.14.2 ( #17825 )  
						
						... 
						
						
						
						See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/  
						
						
					 
					
						2022-03-19 09:24:26 +01:00 
						 
				 
			
				
					
						
							
							
								Yamagishi Kazutoshi 
							
						 
					 
					
						
						
							
						
						298491a816 
					 
					
						
						
							
							Remove protobuf dependencies ( #17539 )  
						
						
						
						
					 
					
						2022-02-14 16:08:02 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Jakots 
							
						 
					 
					
						
						
							
						
						aa45404578 
					 
					
						
						
							
							Bump NODE_VER to 16.13.2, to solve security issues ( #17399 )  
						
						... 
						
						
						
						Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/  
						
						
					 
					
						2022-01-31 00:32:03 +01:00 
						 
				 
			
				
					
						
							
							
								Jeong Arm 
							
						 
					 
					
						
						
							
						
						fad37dd1bc 
					 
					
						
						
							
							Save bundle config as local ( #17188 )  
						
						... 
						
						
						
						Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment 
						
						
					 
					
						2021-12-25 22:52:24 +01:00 
						 
				 
			
				
					
						
							
							
								zunda 
							
						 
					 
					
						
						
							
						
						46e62fc4b3 
					 
					
						
						
							
							Upgrade Ruby to 3.0.3 ( #17038 )  
						
						... 
						
						
						
						https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/  
					
						2021-11-24 20:29:05 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						d647f6ad04 
					 
					
						
						
							
							Update Dockerfile ( #16939 )  
						
						
						
						
					 
					
						2021-11-18 22:00:38 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						c242c1d87a 
					 
					
						
						
							
							Ruby 3.0.2 Upgrade ( #16982 )  
						
						... 
						
						
						
						* Update .ruby-version
* Update Gemfile
* Update Gemfile.lock
* Update Dockerfile
* Update check-i18n.yml
* Update config.yml
* Update config.yml 
						
						
					 
					
						2021-11-18 21:59:57 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						03338d1297 
					 
					
						
						
							
							[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. ( #16856 )  
						
						... 
						
						
						
						* [Security] Update NodeJS on docker.
https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/ 
* Update Dockerfile
* Upgrade npm package
* Update Dockerfile 
						
						
					 
					
						2021-11-17 07:57:01 +01:00 
						 
				 
			
				
					
						
							
							
								David Sterry 
							
						 
					 
					
						
						
							
						
						f68772fd6a 
					 
					
						
						
							
							add bundle flag to suppress root warning ( #16557 )  
						
						
						
						
					 
					
						2021-10-14 21:00:38 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						12cb6ed461 
					 
					
						
						
							
							Update Dockerfile ( #16696 )  
						
						
						
						
					 
					
						2021-09-13 19:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						229f5d1681 
					 
					
						
						
							
							NodeJS 14 support - circleci/docker/.nvmrc ( #16163 )  
						
						... 
						
						
						
						* Update config.yml
* Update Dockerfile
* Update .nvmrc
* Update Dockerfile
* NodeJS 10 is EOL.
* Update package.json
* Update README.md
* Update Vagrantfile
* Update Dockerfile
* Update Dockerfile 
						
						
					 
					
						2021-08-10 22:56:13 +02:00 
						 
				 
			
				
					
						
							
							
								Daigo 3 Dango 
							
						 
					 
					
						
						
							
						
						3d5183e99c 
					 
					
						
						
							
							Use ruby-2.7.4 ( #16481 )  
						
						... 
						
						
						
						Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781  
						
						
					 
					
						2021-07-10 01:29:27 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						d95128c99d 
					 
					
						
						
							
							Revert default Ruby version to 2.7.2 ( #16154 )  
						
						... 
						
						
						
						Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781 
Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025  
						
						
					 
					
						2021-05-04 23:06:19 +02:00 
						 
				 
			
				
					
						
							
							
								Daigo 3 Dango 
							
						 
					 
					
						
						
							
						
						3f8d0de82e 
					 
					
						
						
							
							Upgrade Ruby to 2.7.3 ( #16004 )  
						
						... 
						
						
						
						* Upgrade Ruby to 2.7.3
https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ 
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows
* Update rexml to 3.2.5
https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/  
						
						
					 
					
						2021-04-09 02:31:36 +02:00 
						 
				 
			
				
					
						
							
							
								Mashiro 
							
						 
					 
					
						
						
							
						
						e3f1107975 
					 
					
						
						
							
							build: install shared-mime-info in Dockerfile ( #15978 )  
						
						
						
						
					 
					
						2021-03-30 10:10:04 +02:00 
						 
				 
			
				
					
						
							
							
								Sandro 
							
						 
					 
					
						
						
							
						
						46d3d3169e 
					 
					
						
						
							
							Docker: Use precompiled jemalloc, format, apply hadolint suggestions ( #10823 )  
						
						... 
						
						
						
						* Format, apply hadolint suggestions, little nitpicks
* Use pre compiled jemalloc
* Use tini from package repository 
						
						
					 
					
						2021-03-20 21:21:57 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						f56cf6e9d0 
					 
					
						
						
							
							Update Dockerfile ( #15869 )  
						
						
						
						
					 
					
						2021-03-12 05:33:35 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Jakots 
							
						 
					 
					
						
						
							
						
						b4281f5a51 
					 
					
						
						
							
							Update to Node.js-12.20.1 ( #15558 )  
						
						... 
						
						
						
						This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/  
						
						
					 
					
						2021-01-28 22:53:56 +01:00 
						 
				 
			
				
					
						
							
							
								kaiyou 
							
						 
					 
					
						
						
							
						
						1817f96578 
					 
					
						
						
							
							Fix the Dockerfile in case of Kaniko build ( #15510 )  
						
						... 
						
						
						
						Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.
Co-authored-by: kaiyou <dev@kaiyou.fr > 
						
						
					 
					
						2021-01-08 07:13:26 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						b429d33e46 
					 
					
						
						
							
							Update Dockerfile ( #15232 )  
						
						
						
						
					 
					
						2020-11-29 09:20:02 +01:00 
						 
				 
			
				
					
						
							
							
								Daigo 3 Dango 
							
						 
					 
					
						
						
							
						
						541b9f8c1c 
					 
					
						
						
							
							Use Ruby 2.7.2 ( #15150 )  
						
						... 
						
						
						
						thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those. 
						
						
					 
					
						2020-11-19 17:46:46 +01:00 
						 
				 
			
				
					
						
							
							
								Kairui Song | 宋恺睿 
							
						 
					 
					
						
						
							
						
						03b5f09ffc 
					 
					
						
						
							
							Minor fix & improvement for the Dockerfile  ( #14686 )  
						
						... 
						
						
						
						* Dockerfile: Fix building with multiarch
Tested on amd64 and arm64
* Reduce docker image size by clean up some unneeded source file 
						
						
					 
					
						2020-08-30 16:45:49 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						9ea91bbf59 
					 
					
						
						
							
							Update Dockerfile ( #13582 )  
						
						
						
						
					 
					
						2020-06-25 12:17:53 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						e4a1ebf721 
					 
					
						
						
							
							[Security] Update Dockerfile for Ruby 2.6.6 ( #13393 )  
						
						
						
						
					 
					
						2020-04-05 12:52:07 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						51a1fbaafc 
					 
					
						
						
							
							[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker ( #13235 )  
						
						... 
						
						
						
						* Update Dockerfile
* Update Dockerfile 
						
						
					 
					
						2020-03-10 12:00:55 +01:00 
						 
				 
			
				
					
						
							
							
								Sara Aimée Smiseth 
							
						 
					 
					
						
						
							
						
						250ca99cb5 
					 
					
						
						
							
							Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture ( #13081 )  
						
						... 
						
						
						
						* Use ARCH variable instead of hardcoded x64
* fix formating 
						
						
					 
					
						2020-02-16 12:54:57 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						71baacb49a 
					 
					
						
						
							
							Update Dockerfile ( #12997 )  
						
						
						
						
					 
					
						2020-01-28 20:33:09 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						e7d3495874 
					 
					
						
						
							
							Upgrade Node v12 in Dockerfile ( #12703 )  
						
						
						
						
					 
					
						2019-12-30 07:41:40 +01:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
						
						6c2c2eee46 
					 
					
						
						
							
							Updated NodeJS in Dockerfile ( #12492 )  
						
						
						
						
					 
					
						2019-11-29 17:03:20 +01:00