Skip to content

added mobile to docker#406

Open
paribaker wants to merge 2 commits into
mainfrom
feature/docker-mobile
Open

added mobile to docker#406
paribaker wants to merge 2 commits into
mainfrom
feature/docker-mobile

Conversation

@paribaker
Copy link
Copy Markdown
Contributor

@paribaker paribaker commented Jun 27, 2025
edited by whusterj
Loading

Summary

Adds Docker support for the React Native mobile client, enabling containerized development environment for mobile app development.

Changes

  • Added new Dockerfile for mobile client (compose/mobile/Dockerfile)
  • Integrated mobile service into docker-compose.yaml
  • Updated mobile README with streamlined instructions
  • Added Docker-specific script to package.json

Benefits

  • Consistent development environment across team members
  • Simplified mobile development setup
  • Better integration with existing Docker infrastructure
  • Reduced README complexity by removing redundant setup instructions

@whusterj whusterj temporarily deployed to tn-spa-bootstrapper-pr-406 June 27, 2025 17:05 Inactive
@whusterj whusterj added the medium-risk Moderate merge/integration risk label Feb 18, 2026
@whusterj whusterj force-pushed the feature/docker-mobile branch from 8a6b689 to e3738c3 Compare February 18, 2026 21:52
@whusterj
Align node versions to 22.x (#462)
b3fb9d4 
## Problem
`feature/docker-mobile` introduced a mobile Docker image pinned to Node
18, while most of the repository and template CI paths were already on
Node 22 and mobile docs referenced Node 20. This created version drift
across local development, Docker, CI, and generated template projects.

From a developer perspective, this mismatch can produce inconsistent
install/lint/build behavior depending on where commands run (host
machine vs Docker vs GitHub Actions), and it increases maintenance cost
when troubleshooting environment-specific issues.

## Root Cause
Node runtime declarations were maintained in multiple places
(Dockerfiles, GitHub workflows, docs, template engine constraints, and
local GitHub action runtime metadata), and those references evolved
independently over time.

## Fix
This PR aligns runtime declarations to a single canonical target of
**Node 22.x** for project/tooling execution, and removes
stale/deprecated runtime references:

- Updated mobile Docker image to `node:22-alpine`.
- Standardized `actions/setup-node` references to `22.x` where mixed
formats (`22`, `'22'`, `22.x`) were present.
- Updated template mobile README from Node 20 guidance to Node 22
guidance.
- Normalized template root engine constraints from `22.*.*`/`10.*.*` to
`22.x`/`10.x`.
- Updated local JavaScript GitHub Action runtime from `node16` to
`node20` (required because GitHub Actions JS runtimes are versioned
separately from project runtime and `node16` is deprecated).

## Validation
Ran the following checks in the worktree:

- `UV_CACHE_DIR=.uv-cache uv run ruff check .` ✅
- `UV_CACHE_DIR=.uv-cache uv run pytest
tests/test_cookiecutter_generation.py` ✅ (`7 passed, 1 skipped`)
- Repo-wide grep audit for stale references (`node:18`, `node-version:
18/20`, `Node v20`, `using: 'node16'`) ✅ no matches

## Compatibility Notes / Risks
The template web lockfile currently includes at least one dependency
constraint requiring `^20.19.0 || >=22.12.0`. Using `22.x` remains
correct, but CI/dev images should not pin to early Node 22 patch
versions lower than `22.12.0`.

## Scope
Only Node version alignment files were changed (9 files total), with no
application logic changes.
@whusterj whusterj temporarily deployed to tn-spa-bootstrapper-pr-406 February 18, 2026 22:23 Inactive
@whusterj whusterj mentioned this pull request Mar 19, 2026
Merged
whusterj added a commit that referenced this pull request Mar 19, 2026
@whusterj
Fix: bump JS deps to resolve Dependabot security alerts (#482)
82a8452 
## Summary

Bumps JS dependencies in the web (React) and mobile (React Native)
templates to resolve open Dependabot security alerts. Most were
transitive dependencies updated via `npm update`; overrides were added
where semver constraints prevented natural resolution.

## Alerts resolved

- **flatted** 3.3.3 → 3.4.2 — prototype pollution + unbounded recursion
DoS (alerts #429, #428, #417)
- **ajv** 6.12.6 → 6.14.0 — ReDoS with `$data` option (alerts #412,
#411)
- **minimatch** 3.x (3.1.2 → 3.1.5) and 9.x (9.0.5 → 9.0.9) — ReDoS
(alerts #407, #403)
- **serialize-javascript** 6.0.2 → 7.0.4 via override — RCE via
`RegExp.flags` (alerts #406, #405)
- **zod** (React Native) 3.21.4 → 3.25.76 — denial of service (alert
#427)

## Approach

- `serialize-javascript` pinned via `overrides` in both `package.json`
files (transitive dep of webpack-related tooling)
- `zod` bumped as a direct dependency in the RN template
- `@typescript-eslint/utils` minimatch pinned via override in the RN
template
- All lock files regenerated with `npm install`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@paribaker paribaker

Labels

In Progress medium-risk Moderate merge/integration risk

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@paribaker @whusterj