Update prod to master#15
Merged
Merged
Conversation
Bumps: - typescript ^5 -> ^6.0.3 - @types/node ^22 -> ^24 (match runtime) - drizzle-orm ^0.43 -> ^0.45.2 (clears GHSA-gpj5-g38j-94v9) - drizzle-kit ^0.31.1 -> ^0.31.10 - cronstrue ^2 -> ^3.14.0 - moment-timezone ^0.5 -> ^0.6.2 - node-cron ^3 -> ^4.2.1 (API back-compat for our call sites; @types/node-cron dropped — v4 ships its own types) Adds critical-severity npm audit step to the ci job and a security-only npm Dependabot ecosystem (open-pull-requests-limit: 0 disables version PRs but keeps security advisories firing). ESLint v9 / flat-config migration deferred — that's why eslint and its plugins are not in this bump.
Dockerfile now runs `npm ci --omit=dev` in a deps stage with a BuildKit ~/.npm cache mount, then copies node_modules into a runtime stage. Skips Vitest/ESLint/TypeScript/esbuild prebuild matrix on the droplet. A smoke test loads better-sqlite3 (native prebuild) and @swc-node/register/esm (exercises the @swc/core peer dep) so missing prebuilds fail the build at the deps stage, not at container start. Move @swc-node/register from devDependencies to dependencies since `npm start` uses its ESM loader at runtime; regenerate the lockfile. Constrain `docker image prune` on the droplet with `--filter until=72h` so the BuildKit cache layer survives across deploys.
`@swc-node/register/package.json` exports `./esm` with only the
`import` condition (for Node's `--loader` flag), so `require()` of
that subpath throws ERR_PACKAGE_PATH_NOT_EXPORTED and fails the
deps-stage build.
Replace the broken require with `require.resolve('@swc-node/register')`
and `require.resolve('@swc/core')`. This still validates the real
runtime risk (the @swc/core native peer dep being installed under
`--omit=dev`) without invoking the loader's registration side effects.
Organizers can crown a room's winner(s) of an event and reward them with a Discord role that the bot strips when the event's next occurrence opens
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.