fix: script portability and npm security updates
Scripts: - stop.sh: replace Linux-only fuser with cross-platform lsof fallback - start.sh: parameterize port (APP_PORT) and container name (dynamic lookup) - app-dev-start.sh: cross-platform stat (GNU -c / BSD -f) and setpriv/su fallback - deploy-compose.sh: parameterize Docker registry via DOCKER_REGISTRY env var - harden-postgres.sh: make DB_USER and DB_NAME configurable via env vars NPM security: - next: 15.5.12 → 15.5.15 (fixes HTTP request smuggling CVE) - nodemailer: 8.0.1 → 8.0.5 (fixes SMTP command injection CVEs) - lodash-es: add pnpm override to force >=4.18.0 (fixes code injection + prototype pollution) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -32,8 +32,9 @@ echo "App env file: ${APP_ENV_FILE}"
|
||||
echo "App image: ${APP_IMAGE}"
|
||||
echo "Migrator image: ${MIGRATOR_IMAGE}"
|
||||
|
||||
DOCKER_REGISTRY="${DOCKER_REGISTRY:-ghcr.io}"
|
||||
if [ -n "${GHCR_USERNAME:-}" ] && [ -n "${GHCR_TOKEN:-}" ]; then
|
||||
printf '%s\n' "${GHCR_TOKEN}" | docker login ghcr.io -u "${GHCR_USERNAME}" --password-stdin
|
||||
printf '%s\n' "${GHCR_TOKEN}" | docker login "${DOCKER_REGISTRY}" -u "${GHCR_USERNAME}" --password-stdin
|
||||
fi
|
||||
|
||||
docker compose -f "${COMPOSE_FILE}" config -q
|
||||
|
||||
Reference in New Issue
Block a user