libgl1-mesa-glx, libegl1-mesa, and libgles2-mesa were removed in
Noble — use their non-transitional replacements.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Align PyJWT (2.8.0→2.10.1) and requests (2.32.5→2.32.4) in pastebin
backend to match all other services. Replace futile retry loop with a
merge-and-deduplicate strategy that gives pip a single consistent set
of constraints.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All deployment commands now go through deployment.py. Deleted:
build-base-images.sh, build-apps.sh, build-testcontainers.sh, deploy.sh,
start-stack.sh, release.sh, nexus-ci-init.sh, push-to-nexus.sh,
populate-nexus.sh, publish-npm-patches.sh.
Kept nexus-init.sh and artifactory-init.sh (Docker container entrypoints).
Updated all references in CLAUDE.md, README.md, AGENTS.md, ROADMAP.md,
deployment docs, Dockerfiles, and docker-compose comments.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Dockerfile.node-deps: upgrade FROM node:22 to node:24
- Dockerfile.node-deps: rewrite main registry= line to Nexus when detected
(was only rewriting scoped @esbuild-kit registry, leaving registry.npmjs.org
unreachable inside Docker)
- Dockerfile.node-deps: fix sed ordering so cleanup of old auth lines runs
before registry rewrite (prevents new registry= line from being deleted)
- Add deployment/cli/ modular Python CLI powered by JSON config, replacing
12 shell scripts (build-base-images.sh, build-apps.sh, deploy.sh,
start-stack.sh, release.sh, nexus-init.sh, nexus-ci-init.sh,
push-to-nexus.sh, populate-nexus.sh, publish-npm-patches.sh,
build-testcontainers.sh, artifactory-init.sh)
- Bump rocksdict 0.3.23 -> 0.3.29 (old version removed from PyPI)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
node:20-slim lacks wget and curl, causing all registry connectivity
checks to silently fail and report reachable registries as UNREACHABLE.
Switching to the full node:22 image provides both tools and upgrades
to the current LTS.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The Dockerfile now probes for Nexus (:8091) and Verdaccio (:4873) via
both host.docker.internal and localhost, then rewrites .npmrc to point
at whichever is running. This lets the same .npmrc work in CI
(Verdaccio) and on desktops (Nexus) without manual editing.
When neither registry is found, a prominent warning banner is printed
with instructions to start one, then the build continues using only
the public npm registry.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Dockerfile.node-deps now checks all registries in .npmrc before running
npm install, replacing a 20-minute retry loop with an immediate error
that tells the user to start Nexus/Verdaccio first. Also adds deployment
README documenting the full build order (registries → base images → apps → stack).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The android-sdk base image was failing because gradlew/gradle/ files
weren't available in the Docker build context. Replace per-project COPY
with `gradle wrapper` generation and a single stub warmup project.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The .dockerignore excluded the scripts/ directory, so
scripts/patch-bundled-deps.sh was missing during npm install in the
base-node-deps Docker image. This caused the postinstall hook to fail
with "No such file or directory" on every retry.
- Whitelist scripts/patch-bundled-deps.sh in .dockerignore
- Add COPY for the script in Dockerfile.node-deps before npm install
https://claude.ai/code/session_01LsQx9CLjseJn72Sup32Dwm
The postinstall script (patch-bundled-deps.sh) requires bash, which is
not available on Alpine. This caused npm install to fail silently,
leaving node_modules empty and breaking the devcontainer build.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The retry loop exited with sleep's exit code (0) after all 5 attempts,
letting Docker commit an empty /app/node_modules layer. Added explicit
exit 1 on the final failed attempt so the build fails visibly instead
of producing a broken base image that downstream COPY --from cannot find.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
