// Upgrade pinned dependencies (LibRaw, SQLite, libjpeg-turbo, Node.js base image) in the Dockerfile. Use when the user asks to update, bump, or upgrade Dockerfile dependencies in base-tools-debian.
| name | update |
| description | Upgrade pinned dependencies (LibRaw, SQLite, libjpeg-turbo, Node.js base image) in the Dockerfile. Use when the user asks to update, bump, or upgrade Dockerfile dependencies in base-tools-debian. |
| allowed-tools | Bash, Read, Edit, Grep, Glob, WebFetch |
Bump the pinned versions of LibRaw, SQLite, libjpeg-turbo, and the Node.js base image in Dockerfile, validate the build, and summarize each change with GitHub links for every new commit.
grep -nE "FROM node|libraw/tarball|sqlite-autoconf|libjpeg-turbo/tarball" /home/mrm/src/base-tools-debian/Dockerfilecd /home/mrm/src/base-tools-debian && git status --shortAlways run these before reading versions โ sibling clones may be stale.
cd /home/mrm/src/LibRaw && git fetch --tags --prune && git pull --ff-only
cd /home/mrm/src/libjpeg-turbo && git fetch --tags --prune && git pull --ff-only
If any pull fails (non-fast-forward, dirty tree, missing clone), stop and report to the user โ do not proceed blindly.
Do not git pull /home/mrm/src/sqlite โ it is a downloaded source tarball, not a git clone. SQLite versions are queried directly from sqlite.org in Step 3.
FROM node: line in Dockerfile.FROM line without approval.FROM line alone.For each dependency, identify the latest upstream version:
/home/mrm/src/LibRaw, run git log -1 --format="%H %s" origin/master to get the HEAD SHA. Compare to the SHA in the Dockerfile tarball URL. If different, that's the new pin./home/mrm/src/libjpeg-turbo, find the newest release tag: git tag --sort=-v:refname | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | head -5. Resolve the tag to a SHA with git rev-list -n 1 <tag>. Compare to the Dockerfile SHA./home/mrm/src/sqlite is a downloaded tarball, not a git clone โ ignore it. Query sqlite.org directly: WebFetch https://sqlite.org/chronology.html (or https://sqlite.org/download.html) to find the latest autoconf release. Note both the version (e.g. 3530000) and the year segment (e.g. 2026). Compare to the Dockerfile URL.For LibRaw and libjpeg-turbo, always show the user a summary of what changed between the old and new SHA before editing the Dockerfile:
cd /home/mrm/src/LibRaw && git log --oneline <old-sha>..<new-sha>
cd /home/mrm/src/LibRaw && git diff --stat <old-sha>..<new-sha>
For SQLite, read the release notes snippet from https://sqlite.org/releaselog/.html (e.g. 3_53_0.html).
Use Edit to change only the pins. Preserve formatting exactly. Pin LibRaw and libjpeg-turbo by SHA (never by tag) โ this is a hard project rule.
Update the # YYYYMMDD: comment above the build block if it's a meaningful bump, using today's date.
cd /home/mrm/src/base-tools-debian && make validate
If the build fails, investigate and fix โ do not revert without understanding the cause. Report the failure to the user with the relevant log excerpt.
Present a summary in this shape. Use GitHub compare URLs for LibRaw/libjpeg-turbo and a link to the SQLite release notes.
## Dependency updates
- **LibRaw**: `<old-sha-short>` โ `<new-sha-short>` (N commits)
https://github.com/LibRaw/LibRaw/compare/<old-sha>...<new-sha>
- <one-line summary per notable commit>
- **libjpeg-turbo**: `<old-sha-short>` โ `<new-sha-short>` (tag `X.Y.Z`)
https://github.com/libjpeg-turbo/libjpeg-turbo/compare/<old-sha>...<new-sha>
- <notable changes>
- **SQLite**: `3.X.Y` โ `3.A.B`
https://sqlite.org/releaselog/<version>.html
- **Node.js**: unchanged at `node:NN-trixie-slim` (current LTS)
`make validate` passed.
Do not git commit โ per the user's global rule, always ask before committing.