Skip to content

chore: remove unused npm and clean up ctags artifacts in Docker image#1119

Merged
brendan-kellam merged 1 commit intomainfrom
brendan/docker-image-cleanup
Apr 15, 2026
Merged

chore: remove unused npm and clean up ctags artifacts in Docker image#1119
brendan-kellam merged 1 commit intomainfrom
brendan/docker-image-cleanup

Conversation

@brendan-kellam
Copy link
Copy Markdown
Contributor

@brendan-kellam brendan-kellam commented Apr 15, 2026
edited
Loading

Summary

  • Remove bundled npm, npx, and related caches from the runner stage. We use Yarn exclusively, so npm is dead weight. Its transitive dependencies (minimatch, tar, picomatch) were being flagged by Trivy as vulnerable.
  • Clean up ctags source tree left in /tmp after the install script (~109MB of build artifacts).

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Optimized production Docker image by removing unnecessary build tooling and temporary artifacts, reducing deployment size and improving deployment efficiency.

@brendan-kellam @claude
chore: remove unused npm and clean up ctags build artifacts in Docker…
9ffe5d1 
… image

The Node.js base image bundles npm with transitive dependencies
(minimatch, tar, picomatch) that Trivy flags as vulnerable. Since we
use Yarn exclusively, npm is never invoked at runtime. Removing it
eliminates these false positives and reduces image size.

Also clean up the ctags source tree left in /tmp after the install
script runs (~109MB of build artifacts).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 15, 2026

@brendan-kellam your pull request is missing a changelog!

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 15, 2026
edited
Loading

Walkthrough

The Dockerfile was modified to reduce final image size by removing bundled Node.js tooling (npm, npx, npm/node-gyp directories) from the runner stage and adding cleanup of temporary build artifacts during the ctags installation step.

Changes

Cohort / File(s) Summary
Docker Image Optimization
Dockerfile		 Added removal of npm and node-gyp artifacts from final runner stage; extended ctags installation step with cleanup of /tmp/* directory to reduce image footprint.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely summarizes the main changes: removing unused npm tooling and cleaning up ctags artifacts from the Docker image.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch brendan/docker-image-cleanup

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@brendan-kellam brendan-kellam merged commit 5e1d851 into main Apr 15, 2026
7 of 8 checks passed
@brendan-kellam brendan-kellam deleted the brendan/docker-image-cleanup branch April 15, 2026 02:03
@github-actions github-actions bot mentioned this pull request Apr 15, 2026
Open
@brendan-kellam brendan-kellam restored the brendan/docker-image-cleanup branch April 15, 2026 02:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@brendan-kellam