fix: script portability and npm security updates

Scripts: - stop.sh: replace Linux-only fuser with cross-platform lsof fallback - start.sh: parameterize port (APP_PORT) and container name (dynamic lookup) - app-dev-start.sh: cross-platform stat (GNU -c / BSD -f) and setpriv/su fallback - deploy-compose.sh: parameterize Docker registry via DOCKER_REGISTRY env var - harden-postgres.sh: make DB_USER and DB_NAME configurable via env vars NPM security: - next: 15.5.12 → 15.5.15 (fixes HTTP request smuggling CVE) - nodemailer: 8.0.1 → 8.0.5 (fixes SMTP command injection CVEs) - lodash-es: add pnpm override to force >=4.18.0 (fixes code injection + prototype pollution) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-10 14:06:58 +02:00
parent e4bf121b33
commit 78d50b78d3
9 changed files with 102 additions and 76 deletions
@@ -2,8 +2,8 @@
 # Remove SUPERUSER from the application database user
 # Run after initial setup: bash scripts/harden-postgres.sh

-DB_USER="capakraken"
-DB_NAME="capakraken"
+DB_USER="${DB_USER:-capakraken}"
+DB_NAME="${DB_NAME:-capakraken}"

 echo "Hardening PostgreSQL for $DB_USER..."