Bump dotenv from 17.4.1 to 17.4.2

Bumps [dotenv](https://github.com/motdotla/dotenv) from 17.4.1 to 17.4.2.
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/motdotla/dotenv/compare/v17.4.1...v17.4.2)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-version: 17.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/dependabot.yml

@@ -0,0 +1,10 @@
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+

.github/workflows/docker.yml

@@ -5,19 +5,21 @@ on:
   push:
     tags:
       - v1.*
+  workflow_dispatch:
+
 jobs:
   push_to_registry:
     name: Push Docker Image to Docker Hub
     runs-on: ubuntu-latest
     steps:
-      - name: Check Out The Repo
+      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v5
 
-      - name: Set up QEMU
+      - name: Setup QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Get Smart Tag
         id: prepare
@@ -26,13 +28,13 @@ jobs:
           docker_image: krgamestudios/auth-server
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Push to Docker Hub
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v6
         with:
           push: true
           tags: ${{ steps.prepare.outputs.tag }}

Dockerfile

@@ -2,7 +2,7 @@
 FROM node:22-bookworm-slim
 WORKDIR "/app"
 COPY package*.json /app
-RUN npm install --production
+RUN npm install --omit=dev
 COPY . /app
 EXPOSE 3200
 USER node

configure-script.js

@@ -167,7 +167,7 @@ networks:
 FROM node:22-bookworm-slim
 WORKDIR "/app"
 COPY package*.json ./
-RUN npm install --production
+RUN npm install --omit=dev
 COPY . /app
 EXPOSE ${appPort}
 USER node

package.json

@@ -1,6 +1,6 @@
 {
   "name": "auth-server",
-  "version": "1.8.7",
+  "version": "1.8.11",
   "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
   "main": "server/server.js",
   "scripts": {
@@ -19,19 +19,19 @@
   },
   "homepage": "https://github.com/krgamestudios/auth-server#readme",
   "dependencies": {
-    "bcryptjs": "^3.0.2",
+    "bcryptjs": "^3.0.3",
     "cookie-parser": "^1.4.7",
-    "cors": "^2.8.5",
+    "cors": "^2.8.6",
-    "dotenv": "^17.2.1",
+    "dotenv": "^17.4.2",
-    "express": "^5.1.0",
+    "express": "^5.2.1",
-    "jsonwebtoken": "^9.0.2",
+    "jsonwebtoken": "^9.0.3",
-    "mariadb": "^3.4.5",
+    "mariadb": "^3.5.2",
     "node-cron": "^4.2.1",
     "node-fetch": "^3.3.2",
-    "nodemailer": "^7.0.5",
+    "nodemailer": "^8.0.4",
-    "sequelize": "^6.37.7"
+    "sequelize": "^6.37.8"
   },
   "devDependencies": {
-    "nodemon": "^3.1.10"
+    "nodemon": "^3.1.14"
   }
 }