-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependency updates, required for ARM #11
Conversation
…s and is a dependency update only
cts/docker-compose.yml
Outdated
@@ -61,7 +61,7 @@ services: | |||
- API_KEY=${PLAYER_KEY} | |||
- API_SECRET=${PLAYER_SECRET} | |||
rdbms: | |||
image: mysql:8.0.17 | |||
image: mysql/mysql-server:8.0.26 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We specifically avoided the most up to date version of mySQL because of an issue we saw with the server falling over. I'll see if I can dig up more information on that, but I'd hold off on merging this until that is determined to have been fixed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the bug https://bugs.mysql.com/bug.php?id=103225 that we ran into. Unfortunately they have it marked as Won't Fix but there seem to be a number of people still running into it. It seems like they plan to fix it, but just not where it will be reported outside of the manual.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, good to know. I see that at https://bugs.mysql.com/bug.php?id=103465 too. There is a note to either increase or decrease sort_buffer_size and innodb_sort_buffer_size however that's not great either.
cts/service/package.json
Outdated
@@ -24,7 +24,7 @@ | |||
"@hapi/jwt": "^2.0.1", | |||
"@hapi/vision": "^6.1.0", | |||
"@hapi/wreck": "^17.1.0", | |||
"bcrypt": "^5.0.1", | |||
"bcrypt": "5.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This effectively locks the version for all users to satisfy one set of users and could lead to security issues in the future. I don't know that there is a better way to handle this, but locking an older version for that reason doesn't seem desirable, in theory it should be fixed up stream. Has there been an issue opened there?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi Brian, thanks or reviewing these changes. It's possible that the other M1 pull request fixes this by building from source on the fly.... there are details in kelektiv/node.bcrypt.js#868 which suggest that, but also looking at bcryptjs. I'm going to give the other M1 pull request some review and hopefully the x86 platform suggestion can be avoided.
Dependencies have been updated to match improvements for ARM |
Please review these updates, they were required to build for Mac M1 and run in Docker. There are other issues with libxml but hopefully those can be resolved.