From 15217ad5932db576b2d3c8a182e56ed0730eba15 Mon Sep 17 00:00:00 2001 From: Jake Bromberg Date: Mon, 2 Mar 2026 12:28:40 -0800 Subject: [PATCH] fix: copy lockfile into Docker builder stage and use npm ci The builder stages in both Dockerfiles copied only package.json, causing npm install to resolve caret ranges to the latest compatible versions rather than using the locked versions. This pulled better-auth 1.5.1 (which has breaking type changes) instead of the locked 1.4.9, failing every PR's integration tests. Copy package-lock.json alongside package.json and switch to npm ci for deterministic, reproducible builds. --- Dockerfile.auth | 4 ++-- Dockerfile.backend | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile.auth b/Dockerfile.auth index 1095cb22..b76b894b 100644 --- a/Dockerfile.auth +++ b/Dockerfile.auth @@ -3,12 +3,12 @@ FROM node:22-alpine AS builder WORKDIR /auth-builder -COPY ./package.json ./ +COPY ./package.json ./package-lock.json ./ COPY ./tsconfig.base.json ./ COPY ./shared ./shared COPY ./apps/auth ./apps/auth -RUN npm install && npm run build --workspace=@wxyc/database --workspace=shared/** --workspace=@wxyc/auth-service +RUN npm ci && npm run build --workspace=@wxyc/database --workspace=shared/** --workspace=@wxyc/auth-service #Production stage FROM node:22-alpine AS prod diff --git a/Dockerfile.backend b/Dockerfile.backend index a31baec3..ff5247b1 100644 --- a/Dockerfile.backend +++ b/Dockerfile.backend @@ -3,12 +3,12 @@ FROM node:22-alpine AS builder WORKDIR /builder -COPY ./package.json ./ +COPY ./package.json ./package-lock.json ./ COPY ./tsconfig.base.json ./ COPY ./shared ./shared COPY ./apps/backend ./apps/backend -RUN npm install && npm run build --workspace=@wxyc/database --workspace=shared/** --workspace=@wxyc/backend +RUN npm ci && npm run build --workspace=@wxyc/database --workspace=shared/** --workspace=@wxyc/backend #Production stage FROM node:22-alpine AS prod