build: added openssl to java and bump pnpm to 11.0.6

2026-05-11 12:38:09 +08:00 · 2026-05-11 12:38:09 +08:00 · f257a1b039
parent 5c526822b8
commit f257a1b039
2 changed files with 3 additions and 2 deletions
--- a/ci/frontend-builder/Dockerfile
+++ b/ci/frontend-builder/Dockerfile
@ -69,7 +69,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
 # Needed by Playwright (`pnpm dlx`) and protoc-gen-es (`pnpm add -g`),
 # so it must land before both.
 # ─────────────────────────────────────────────────────────────────────
-ARG PNPM_VERSION=11.0.1
+ARG PNPM_VERSION=11.0.6
 RUN corepack enable \
    && corepack prepare "pnpm@${PNPM_VERSION}" --activate
--- a/ci/java-builder/Dockerfile
+++ b/ci/java-builder/Dockerfile
@ -32,6 +32,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
        gnupg \
        jq \
        unzip \
        openssl \
    && mkdir -p /etc/apt/keyrings \
    && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key \
        | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
@ -112,7 +113,7 @@ RUN curl -fsSL "https://github.com/bufbuild/buf/releases/download/v${BUF_VERSION
 # Last because it's the most volatile pin and corepack prepare is the
 # cheapest layer; bumping pnpm shouldn't force any other layer to rebuild.
 # ─────────────────────────────────────────────────────────────────────
-ARG PNPM_VERSION=11.0.1
+ARG PNPM_VERSION=11.0.6
 RUN corepack enable \
    && corepack prepare "pnpm@${PNPM_VERSION}" --activate