From 4cf1c579133dc289846e1871fa7d5ed1dd34857b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 12 Aug 2024 11:21:37 +0000
Subject: [PATCH 1/3] chore(deps): bump node from 22.5-alpine to 22.6-alpine

Bumps node from 22.5-alpine to 22.6-alpine.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Dockerfile          | 2 +-
 Dockerfile.cloudrun | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b0fe7b51df1..bd47208bf8c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:22.5-alpine
+FROM node:22.6-alpine
 
 RUN addgroup -g 10001 app && \
     adduser -D -G app -h /app -u 10001 app
diff --git a/Dockerfile.cloudrun b/Dockerfile.cloudrun
index 3db4b6c4c50..12480110a79 100644
--- a/Dockerfile.cloudrun
+++ b/Dockerfile.cloudrun
@@ -1,4 +1,4 @@
-FROM node:22.5-alpine
+FROM node:22.6-alpine
 
 RUN addgroup -g 10001 app && \
     adduser -D -G app -h /app -u 10001 app

From ba085afec2719acc10a7a49b3fb319e453d3fc02 Mon Sep 17 00:00:00 2001
From: Robert Helmer <rhelmer@mozilla.com>
Date: Mon, 12 Aug 2024 11:41:15 -0700
Subject: [PATCH 2/3] bump to node 22.6.0

---
 .github/workflows/build.yaml     | 2 +-
 .github/workflows/e2e_cron.yml   | 2 +-
 .github/workflows/e2e_pr.yml     | 2 +-
 .github/workflows/lint.yaml      | 2 +-
 .github/workflows/unittests.yaml | 2 +-
 esbuild.cronjobs.js              | 2 +-
 netlify.toml                     | 2 +-
 package-lock.json                | 2 +-
 package.json                     | 4 ++--
 9 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 33e681e2765..b3301191072 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22.5.x'
+          node-version: '22.6.x'
       - run: npm ci
       - run: npm run build-glean
       # Verify that the build (incl. type-checking) succeeds
diff --git a/.github/workflows/e2e_cron.yml b/.github/workflows/e2e_cron.yml
index eb795740a71..51b6ef2762a 100644
--- a/.github/workflows/e2e_cron.yml
+++ b/.github/workflows/e2e_cron.yml
@@ -21,7 +21,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22.5.x
+          node-version: 22.6.x
 
       - name: Install dependencies
         run: npm ci
diff --git a/.github/workflows/e2e_pr.yml b/.github/workflows/e2e_pr.yml
index 0d8da17d3be..fd0955afa47 100644
--- a/.github/workflows/e2e_pr.yml
+++ b/.github/workflows/e2e_pr.yml
@@ -32,7 +32,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22.5.x
+          node-version: 22.6.x
 
       - name: Install dependencies
         run: npm ci
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 719bff7daea..ebffedff753 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22.5.x'
+          node-version: '22.6.x'
       - run: npm ci
       - run: npm run build-glean
       - run: npm run build-nimbus
diff --git a/.github/workflows/unittests.yaml b/.github/workflows/unittests.yaml
index fc819fd0e3a..83c3a974b96 100644
--- a/.github/workflows/unittests.yaml
+++ b/.github/workflows/unittests.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22.5.x'
+          node-version: '22.6.x'
       - run: npm ci
       - run: npm run build-glean
       - run: npm test
diff --git a/esbuild.cronjobs.js b/esbuild.cronjobs.js
index 1002931ed9e..0c939e74ffb 100644
--- a/esbuild.cronjobs.js
+++ b/esbuild.cronjobs.js
@@ -21,6 +21,6 @@ build({
   format: "esm",
   outdir: "dist/scripts/cronjobs/",
   sourcemap: true,
-  target: "node22.5",
+  target: "node22.6",
   packages: "external",
 });
diff --git a/netlify.toml b/netlify.toml
index b21d50013e2..84e61375b47 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -18,4 +18,4 @@
   # Default build command.
   command = "npm ci; npm run build-storybook"
 
-  environment = { NODE_VERSION = "22.5.1", NPM_VERSION = "10.8.1" }
+  environment = { NODE_VERSION = "22.6.0", NPM_VERSION = "10.8.1" }
diff --git a/package-lock.json b/package-lock.json
index f0ed9f2b46b..bd77c4c3a75 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -106,7 +106,7 @@
         "yaml": "^2.4.5"
       },
       "engines": {
-        "node": "22.5.x",
+        "node": "22.6.x",
         "npm": "10.8.x"
       }
     },
diff --git a/package.json b/package.json
index 72a485cdf22..ae4b1ab677b 100644
--- a/package.json
+++ b/package.json
@@ -3,7 +3,7 @@
   "version": "1.0.0",
   "description": "Firefox Monitor",
   "engines": {
-    "node": "22.5.x",
+    "node": "22.6.x",
     "npm": "10.8.x"
   },
   "type": "module",
@@ -58,7 +58,7 @@
   "homepage": "https://github.com/mozilla/blurts-server",
   "license": "MPL-2.0",
   "volta": {
-    "node": "22.5.1",
+    "node": "22.6.0",
     "npm": "10.8.1"
   },
   "dependencies": {

From a1f12be70709f21041cf8337c40f5dcf465f8329 Mon Sep 17 00:00:00 2001
From: Robert Helmer <rhelmer@mozilla.com>
Date: Mon, 12 Aug 2024 11:49:16 -0700
Subject: [PATCH 3/3] update docs on Docker/Node

---
 docs/dependency-updates.md | 39 +++++++++++++++++++++++++++++++++++---
 1 file changed, 36 insertions(+), 3 deletions(-)

diff --git a/docs/dependency-updates.md b/docs/dependency-updates.md
index 6d750aa34a5..f7cede1a1bb 100644
--- a/docs/dependency-updates.md
+++ b/docs/dependency-updates.md
@@ -49,10 +49,43 @@ For example, the unit tests Workflow (`/.github/workflows/unittests.yaml`) uses
 the `setup-node` Action, so if that gets updated, the tests should continue to
 run, and to result in a failing check if the tests fail.
 
-## Docker
+## Docker / Node
 
-TODO: Describe how to verify that an update of the base Docker image doesn't
-break the app.
+Monitor specifies the official Node:Alpine Docker image, which bundles both the minimalistic
+Alpine Linux distribution with the latest version of Node.
+
+GitHub's Dependabot only updates `Dockerfile`, but the Node version is specified in many
+different config files. The PR that Dependabot opens will always fail the lint check because
+the script `scripts/check-node-version-alignment.js` will fail if the Node version isn't
+set consistently across all config files.
+
+1. clone the branch that Dependabot creates
+
+e.g.
+
+```sh
+git clone dependabot/docker/node-22.6-alpine
+```
+
+2. Run the Node version alignment script and fix any problems it finds
+
+```sh
+node scripts/check-node-version-alignment.js
+```
+
+3. Commit and push to branch Dependabot opened
+
+e.g.
+
+```sh
+git push origin dependabot/docker/node-22.6-alpine
+```
+
+Lint on the GitHub PR should now pass and the PR may be merged.
+
+Testing: NOTE This must be pushed to the stage environment and the full e2e test suite must pass
+before this is pushed to production. The release notes must be reviewed to determine how
+urgent the update is (e.g. security fixes) and if more thorough testing should be performed.
 
 ## npm