fix: address security and reliability issues

dlackty · dlackty · commit 47266c8a6ad6 · 2026-01-14T02:28:08.000+08:00
- Add curl safety flags (-fsSL) for Volta installation
- Fix Bundler version in README (2.4.20 -&gt; 2.4.22)
- Add error handling to ECR sync workflow
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -61,6 +61,8 @@ jobs:
 
       - name: Sync multi-arch image to ECR
         run: |
+          set -e
           docker buildx imagetools create \
             --tag public.ecr.aws/z1n0q3w1/base:${{ github.ref_name }} \
             polydice/base:${{ github.ref_name }}
+          echo "Successfully synced to ECR Public"
diff --git a/Dockerfile b/Dockerfile
@@ -26,7 +26,7 @@ ARG YARN_VERSION=1.22.22
 ARG PNPM_VERSION=9.9.0
 RUN apt-get update && apt-get install -y --no-install-recommends curl ca-certificates \
   && rm -rf /var/lib/apt/lists/* \
-  && curl https://get.volta.sh | bash
+  && curl -fsSL https://get.volta.sh | bash
 ENV VOLTA_HOME /root/.volta
 ENV VOLTA_FEATURE_PNPM=1
 ENV PATH $VOLTA_HOME/bin:/usr/local/bin:$PATH
diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ Polydice's base docker image for Rails applications.
 
 | Version | Ruby  | Node.js | Yarn    | Bundler | pnpm  | ARM64 |
 |---------|-------|---------|---------|---------|-------|-------|
-| 0.32.0  | 2.7.8 | 18.18.0 | 1.22.22 | 2.4.20  | 9.9.0 | ✅    |
+| 0.32.0  | 2.7.8 | 18.18.0 | 1.22.22 | 2.4.22  | 9.9.0 | ✅    |
 | 0.31.2  | 2.7.8 | 18.18.0 | 1.22.22 | 2.4.20  | 9.9.0 | ❌    |
 | 0.31.1  | 2.7.8 | 18.18.0 | 1.22.19 | 2.4.20  | 8.8.0 | ❌    |
 | 0.31.0  | 2.7.7 | 18.18.0 | 1.22.19 | 2.4.5   | 8.8.0 | ❌    |
