Merge branch 'upgrade-requirements-20211124' into 'master'

Update packages (2021-11-24)

See merge request bp-barberini/bp-barberini!426

MAINTENANCE.md

@@ -25,23 +25,48 @@ b) can break the connection to external access points whose interface has change
 c) may leave recently discovered security leaks unfixed.
 Thus, updates should be carried out on a regular schedule.
 
-#### Update python (pip) dependencies
+#### Update python (pip) & JavaScript (npm) dependencies
 
 1. Check out a new branch.
 2. Connect to the docker (`make connect`), and run `make upgrade-requirements`.
-3. If `pip check` fails, you need to manually add the required dependencies to `docker/requirements.txt`.
+3. Revise the changes in `requirements.txt` and `package*.json`.
+4. If `pip check` fails, you need to manually add the required dependencies to `docker/requirements.txt`.
    This is necessary because of <https://github.com/pypa/pip/issues/988>.
 
    **Remark:** You may need to "touch" the Dockerfile manually by editing its first line to make sure that the previous docker cache is not reused, which would lead to the changes in `requirements.txt` are not checked at all!
 
-4. Create a merge request with your changes and make sure the CI passes.
-5. Once it passes, merge the branch.
+5. Create a merge request with your changes and make sure the CI passes.
+6. Once it passes, merge the branch.
+
+#### Update docker installation
+
+1. Check your current version:
+
+   ```sh
+   docker -v
+   ```
+
+2. Visit <https://docs.docker.com/engine/release-notes/> to learn about open CVEs.
+
+3. Identify upgradable packages:
+
+   ```sh
+   apt list --installed | grep docker
+   ```
+
+4. Upgrade relevant packages:
+
+   ```sh
+   apt upgrade <package name>
+   ```
 
 #### Update docker images
 
 Each used docker image is specified either in `docker/docker-compose.yml` or in the linked Dockerfile.
 For more information about the docker containers, please refer to the [documentation](DOCUMENTATION.md#docker-containers).
 
+0. First of all, search for breaking changes of an update, e.g., [here](https://www.postgresql.org/docs/release/) for Postgresql.
+   You can find all existing CVEs for Postgresql [here](https://www.postgresql.org/support/security/).
 1. To update a docker image, edit the `image` key in the yaml file respectively the `FROM` command in the Dockerfile.
    Be careful to watch for any breaking changes in the updates.
 2. Restart the container by running `make shutdown-<docker> startup-<docker>`.

Makefile

@@ -191,5 +191,6 @@ db-schema-report:
 upgrade-requirements:
 	pip-upgrade docker/requirements.txt --skip-virtualenv-check -p all
 	bash -c 'pip3 check || (echo "⚠ Please define these deps explicitely in requirements.txt" && false)'
+	cd docker && ncu -u && npm install
 	echo "Upgrade successful, please run the CI now before merging the" \
 		 "upgrades into the master!"

docker/docker-compose.yml

@@ -46,7 +46,7 @@ services:
 
     barberini_analytics_db:
         container_name: barberini_analytics_db
-        image: postgres:12.3
+        image: postgres:12.7
         restart: always
         shm_size: 1g
         ports: