mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
Files
fix/matrix-native-binary
stack/docs/scratchpads/180-security-pnpm-dockerfiles.md
Jason Woltje 7102b4a1d2 feat(#167): Implement Runner jobs CRUD and queue submission 
Implements runner-jobs module for job lifecycle management and queue submission.

Changes:
- Created RunnerJobsModule with service, controller, and DTOs
- Implemented job creation with BullMQ queue submission
- Implemented job listing with filters (status, type, agentTaskId)
- Implemented job detail retrieval with steps and events
- Implemented cancel operation for pending/queued jobs
- Implemented retry operation for failed jobs
- Added comprehensive unit tests (24 tests, 100% coverage)
- Integrated with BullMQ for async job processing
- Integrated with Prisma for database operations
- Followed existing CRUD patterns from tasks/events modules

API Endpoints:
- POST /runner-jobs - Create and queue a new job
- GET /runner-jobs - List jobs (with filters)
- GET /runner-jobs/:id - Get job details
- POST /runner-jobs/:id/cancel - Cancel a running job
- POST /runner-jobs/:id/retry - Retry a failed job

Quality Gates:
- Typecheck:  PASSED
- Lint:  PASSED
- Build:  PASSED
- Tests:  PASSED (24/24 tests)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 21:09:03 -06:00

37 lines
880 B
Markdown
Raw Permalink Blame History

# Issue #180: Update pnpm to 10.27.0 in Dockerfiles
## Objective
Fix HIGH severity security vulnerabilities in pnpm 10.19.0 by upgrading to pnpm 10.27.0 in Docker build configurations.
## Approach
1. Update pnpm version in apps/api/Dockerfile (line 8)
2. Update pnpm version in apps/web/Dockerfile (lines 8 and 81)
3. Verify Dockerfile syntax is valid
## Progress
- [x] Read apps/api/Dockerfile
- [x] Read apps/web/Dockerfile
- [x] Create scratchpad
- [x] Update apps/api/Dockerfile
- [x] Update apps/web/Dockerfile
- [x] Verify syntax
- [x] Commit changes
## CVEs Fixed
- CVE-2025-69262
- CVE-2025-69263
- CVE-2025-6926
## Notes
Affected versions:
- apps/api/Dockerfile: line 8 (base stage)
- apps/web/Dockerfile: line 8 (base stage) and line 81 (production stage)
Both Dockerfiles use the same base image (node:20-alpine) and require pnpm for builds and/or runtime.
Reference in New Issue View Git Blame Copy Permalink