Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: script portability and npm security updates

Browse Source 
Scripts:
- stop.sh: replace Linux-only fuser with cross-platform lsof fallback
- start.sh: parameterize port (APP_PORT) and container name (dynamic lookup)
- app-dev-start.sh: cross-platform stat (GNU -c / BSD -f) and setpriv/su fallback
- deploy-compose.sh: parameterize Docker registry via DOCKER_REGISTRY env var
- harden-postgres.sh: make DB_USER and DB_NAME configurable via env vars

NPM security:
- next: 15.5.12 → 15.5.15 (fixes HTTP request smuggling CVE)
- nodemailer: 8.0.1 → 8.0.5 (fixes SMTP command injection CVEs)
- lodash-es: add pnpm override to force >=4.18.0 (fixes code injection + prototype pollution)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Hartmut Nörenberg
2026-04-10 14:06:58 +02:00
parent e4bf121b33
commit 78d50b78d3
9 changed files with 102 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/start.sh
+12 -6
View File
@@ -2,6 +2,9 @@
set -euo pipefail
cd "$(dirname "$0")/.."
APP_PORT="${APP_PORT:-3100}"
APP_CONTAINER="${APP_CONTAINER:-$(docker compose --profile full ps -q app 2>/dev/null | head -1)}"
echo "Starting CapaKraken..."
# 1. Start Docker services
@@ -19,20 +22,23 @@ for i in {1..30}; do
done
# 3. Start the web app in Docker for a stable lifecycle
echo " Starting app container on port 3100..."
echo " Starting app container on port ${APP_PORT}..."
docker compose --profile full up -d app
# Resolve container name after start (docker compose generates it from project dir + service)
APP_CONTAINER="$(docker compose --profile full ps -q app 2>/dev/null | head -1)"
# 4. Wait for server to be ready
# Allow up to 90s: prisma generate + migrate deploy + next dev compilation
echo " Waiting for server (up to 90s)..."
for i in {1..90}; do
if curl -sf http://localhost:3100/api/health > /dev/null 2>&1; then
if curl -sf "http://localhost:${APP_PORT}/api/health" > /dev/null 2>&1; then
echo ""
echo "CapaKraken is running!"
curl -s http://localhost:3100/api/ready | python3 -m json.tool 2>/dev/null || curl -s http://localhost:3100/api/ready
curl -s "http://localhost:${APP_PORT}/api/ready" | python3 -m json.tool 2>/dev/null || curl -s "http://localhost:${APP_PORT}/api/ready"
echo ""
echo " URL: http://localhost:3100"
echo " Logs: docker logs -f capakraken-app-1"
echo " URL: http://localhost:${APP_PORT}"
echo " Logs: docker logs -f ${APP_CONTAINER}"
exit 0
fi
# Print progress every 10s
@@ -43,5 +49,5 @@ for i in {1..90}; do
done
echo "ERROR: Server failed to start within 90 seconds"
echo "Check logs: docker logs --tail 100 capakraken-app-1"
echo "Check logs: docker logs --tail 100 ${APP_CONTAINER}"
exit 1