chore: security updates

Qlever-LLC · Nov 20, 2024 · e55a6bc · e55a6bc
1 parent 635024a
commit e55a6bc
Show file tree

Hide file tree

Showing 6 changed files with 88 additions and 1,231 deletions.
diff --git a/.yarn/releases/yarn-4.5.0.cjs b/.yarn/releases/yarn-4.5.0.cjs
diff --git a/.yarnrc.yml b/.yarnrc.yml
@@ -6,5 +6,3 @@ packageExtensions:
   ava-nock@*:
     dependencies:
       pkg-conf: ^3.0.0
-
-yarnPath: .yarn/releases/yarn-4.5.0.cjs
diff --git a/Dockerfile b/Dockerfile
@@ -24,30 +24,29 @@ RUN apk add --no-cache \
 
 WORKDIR ${DIR}
 
-COPY ./.yarn ${DIR}.yarn
 COPY ./package.json ./yarn.lock ./.yarnrc.yml ${DIR}/
 
 RUN chown -R node:node ${DIR}
 # Do not run service as root
 USER node
 
-RUN yarn workspaces focus --all --production
+RUN corepack yarn workspaces focus --all --production
 
 # Launch entrypoint with dumb-init
 # Remap SIGTERM to SIGINT https://github.com/Yelp/dumb-init#signal-rewriting
-ENTRYPOINT ["/usr/bin/dumb-init", "--rewrite", "15:2", "--", "yarn", "run"]
+ENTRYPOINT ["/usr/bin/dumb-init", "--rewrite", "15:2", "--", "corepack", "yarn", "run"]
 CMD ["start"]
 
 FROM base AS build
 ARG DIR
 
 # Install dev deps too
-RUN yarn install --immutable
+RUN corepack yarn install --immutable
 
 COPY . ${DIR}
 
 # Build code
-RUN yarn build --verbose
+RUN corepack yarn build --verbose
 
 FROM base AS production
 ARG DIR

diff --git a/package.json b/package.json
@@ -56,16 +56,16 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@oada/client": "^5.2.3",
+    "@oada/client": "^5.2.6",
     "@oada/jobs": "^4.7.1",
     "@oada/lib-config": "^4.0.0",
-    "@oada/lib-prom": "^4.0.0",
+    "@oada/lib-prom": "^4.0.1",
     "@oada/list-lib": "^6.1.0",
     "@oada/pino-debug": "^4.0.1",
     "@oada/types": "^3.5.3",
     "bs58": "^6.0.0",
     "convict": "^6.2.4",
-    "cron": "^3.1.9",
+    "cron": "^3.2.1",
     "csvjson": "^5.1.0",
     "debug": "^4.3.7",
     "deep-equal": "^2.2.3",
@@ -88,7 +88,7 @@
     "@types/debug": "^4.1.12",
     "@types/deep-equal": "^1.0.4",
     "@types/mssql": "^9.1.5",
-    "@types/node": "^22.9.0",
+    "@types/node": "^22.9.1",
     "@typescript-eslint/eslint-plugin": "^7.18.0",
     "@typescript-eslint/parser": "^7.18.0",
     "@yarnpkg/sdks": "^3.2.0",
@@ -119,22 +119,23 @@
     "eslint-plugin-optimize-regex": "^1.2.1",
     "eslint-plugin-prettier": "^5.2.1",
     "eslint-plugin-promise": "^6.6.0",
-    "eslint-plugin-regexp": "^2.6.0",
+    "eslint-plugin-regexp": "^2.7.0",
     "eslint-plugin-security": "^3.0.1",
     "eslint-plugin-sonarjs": "^1.0.4",
     "eslint-plugin-unicorn": "^54.0.0",
     "prettier": "^3.3.3",
     "tslib": "^2.8.1",
-    "type-fest": "^4.26.1",
+    "type-fest": "^4.27.0",
     "typescript": "5.6.3",
     "update-browserslist-db": "^1.1.1"
   },
   "resolutions": {
+    "cross-spawn": "^7.0.5",
     "jsonpath-plus": "^10.0.0",
     "xlsx": "https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz"
   },
-  "packageManager": "[email protected].0",
+  "packageManager": "[email protected].1",
   "volta": {
     "node": "22.9.0"
   }
-}
+}
diff --git a/src/index.ts b/src/index.ts
@@ -17,6 +17,8 @@
 
 import { config } from './config.js';
 
+import '@oada/lib-prom';
+
 import { type Logger, pino } from '@oada/pino-debug';
 
 import { join } from 'node:path';
@@ -225,6 +227,7 @@ async function waitForLfEntries(
         }
       }
     }
+
     return {};
   }