fix: ensure npm is installed for Node.js base image (#5397)
* fix: ensure npm is installed for Node.js base image * Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
Leonic
GitHub
parent
3be91a4a51
commit
08def33801
1 changed files with 3 additions and 3 deletions
|
|
@ -44,10 +44,10 @@ RUN go build
|
|||
|
||||
# Shared Node.js base with optimized NPM installation
|
||||
FROM alpine:3.22.1 AS node_base
|
||||
RUN apk add --no-cache nodejs curl tini && \
|
||||
# Install NPM from source, as Alpine version is old and has dependency vulnerabilities
|
||||
RUN apk add --no-cache nodejs npm curl tini bash && \
|
||||
# apk provides an outdated npm; immediately upgrade to a pinned version to avoid vulnerabilities
|
||||
# TODO: Find a better method which is resistant to supply chain attacks
|
||||
sh -c "curl -qL https://www.npmjs.com/install.sh | env npm_install=11.5.2 sh" && \
|
||||
npm install -g npm@11.5.2 && \
|
||||
npm install -g pnpm@10.15.0 @import-meta-env/cli
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue