b741b02408
npm automatically picks up GITHUB_TOKEN / NPM_TOKEN from the build environment and writes them as _authToken entries in /root/.npmrc and /usr/local/etc/npmrc during 'npm install -g'. Add a cleanup RUN step that removes any npmrc file containing auth tokens before the image is finalised, and explicitly deletes the two most common registry auth keys via 'npm config delete'. Also add .npmrc to .dockerignore as an extra guard against accidentally COPY-ing a local credential file into the build context. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
13 lines
334 B
Bash
Executable file
13 lines
334 B
Bash
Executable file
#!/usr/bin/env bash
|
|
# Ensure control scripts stay executable.
|
|
set -euo pipefail
|
|
|
|
SCRIPTS=(claude.sh build.sh setup.sh launch.sh hooks/pre-commit)
|
|
|
|
for f in "${SCRIPTS[@]}"; do
|
|
if [[ -f "$f" && ! -x "$f" ]]; then
|
|
echo "pre-commit: fixing missing executable bit on $f"
|
|
chmod +x "$f"
|
|
git add "$f"
|
|
fi
|
|
done
|