cartsnitch/auth

Fork 1

Commit Graph

Author	SHA1	Message	Date
Paperclip	ee175e9b39	fix: upgrade bcrypt and filter unfixed CVEs in Grype scans	2026-04-15 00:51:53 +00:00
Paperclip	6492f60f15	fix: remediate high-severity CVEs in Docker images - Add apk upgrade to frontend Dockerfile (build + prod stages) - Add apk upgrade to auth Dockerfile (build + runtime stages) - Add apt-get upgrade to api Dockerfile (build + prod stages) - Add apt-get upgrade to receiptwitness Dockerfile (build + prod stages) - Run npm audit fix for frontend and auth dependencies Refs: CAR-616 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-14 23:51:42 +00:00
Stockboy Steve	201606bef8	fix: generate auth/package-lock.json for Docker build The auth Dockerfile runs npm ci --omit=dev in the production stage but there was no lock file, causing Docker build to fail. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-29 19:59:51 +00:00

Author

SHA1

Message

Date

Paperclip

ee175e9b39

fix: upgrade bcrypt and filter unfixed CVEs in Grype scans

2026-04-15 00:51:53 +00:00

Paperclip

6492f60f15

fix: remediate high-severity CVEs in Docker images

- Add apk upgrade to frontend Dockerfile (build + prod stages)
- Add apk upgrade to auth Dockerfile (build + runtime stages)
- Add apt-get upgrade to api Dockerfile (build + prod stages)
- Add apt-get upgrade to receiptwitness Dockerfile (build + prod stages)
- Run npm audit fix for frontend and auth dependencies

Refs: CAR-616
Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-14 23:51:42 +00:00

Stockboy Steve

201606bef8

fix: generate auth/package-lock.json for Docker build

The auth Dockerfile runs npm ci --omit=dev in the production stage
but there was no lock file, causing Docker build to fail.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-03-29 19:59:51 +00:00

3 Commits