fix(ci): use GITHUB_TOKEN for GHCR and stabilize Trivy scan

2026-03-07 20:56:52 +00:00
parent da84d171e5
commit 4df5036534
11 changed files with 18 additions and 12 deletions
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -21,8 +21,8 @@ WORKDIR /app
 # Upgrade zlib to include Alpine security fixes
 RUN apk upgrade --no-cache zlib

-# Install pnpm globally first
-RUN npm install -g pnpm
+# Upgrade global npm and pnpm tooling
+RUN npm install -g npm@latest pnpm@latest

 # Copy package files first for better Docker layer caching
 COPY package.json pnpm-lock.yaml* ./