6275520348
* Fix building from source on arm Not building from source causes argon2 to pull the wrong arch, so we have to build from source. But building from source is causing the new Kerberos module to fail on arm64 and keytar to fail on both. The latter has been very difficult to debug because the GitHub image provides a different result to containers based on Ubuntu 20.04. Because of this, use a container instead. Use debian:buster as the container because it is easier to set up the architecture sources (no need to modify the sources) and because it seems to come with glibc 2.28 rather than 2.31. Also use the exact version of Node (18.15.0) for reproducibility. * Set owner and group during tar to zero Otherwise you get IDs that can cause (benign) errors while extracting, which might be confusing. At the very least, I did not see these errors from previous tars (although they seem to use 1001). There is no guarantee what IDs might exist so 0 seems the most reasonable. |
||
|---|---|---|
| .. | ||
| build.yaml | ||
| installer.yaml | ||
| publish.yaml | ||
| release.yaml | ||
| scripts.yaml | ||
| security.yaml | ||
| trivy-docker.yaml | ||