chore(deps): bump node from 20-alpine to 25-alpine in /apps/github-webhook

[dependabot]

Bumps node from 20-alpine to 25-alpine.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, docker, gwi-triage. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[greptile-apps]

Greptile Summary

Dependabot upgraded the Node.js base image from 20-alpine to 25-alpine in both the builder and runner stages of the GitHub webhook service Dockerfile. This change aligns with the project's minimum Node version requirement (>=20.0.0 in package.json).

Key considerations:

• Node 25 is an active LTS release (supported until 2029-04-30)
• The upgrade affects both build and runtime environments
• CLAUDE.md specifies "Node 20+" which technically covers Node 25
• No other Dockerfiles in the repository have been updated yet (api, cli, gateway, worker, etc. still use Node 20)

Recommended actions:

• Verify compatibility with key dependencies (firebase-admin@12.7.0, @octokit/auth-app@6.0.0, express@4.18.2)
• Run the ARV gates (npm run arv) to ensure build and runtime behavior
• Consider testing in staging environment before production deployment
• Consider updating other Dockerfiles in the repository to maintain consistency

Confidence Score: 4/5

• Safe to merge with minor verification needed - Node 25 is within project requirements but untested
• Node 25 falls within the project's node: ">=20.0.0" requirement. The change is straightforward (only base image version bump), but Node 25 represents a significant version jump that may introduce compatibility issues with dependencies. The CLAUDE.md documentation specifies "Node 20+" which technically includes Node 25, but there's no evidence of testing with this version. Score reduced from 5 to 4 due to lack of explicit Node 25 compatibility validation.
• No files require special attention beyond standard Node 25 compatibility verification

Important Files Changed

Filename	Overview
apps/github-webhook/Dockerfile	Bumps Node.js from 20-alpine to 25-alpine in both builder and runner stages. Node 25 is supported by project's minimum requirement (>=20.0.0). Minor concern: CLAUDE.md indicates Node 20+ requirement but doesn't explicitly mention Node 25 compatibility testing.

_{Last reviewed commit: cb4bfc3}

[greptile-apps]

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Additional Comments (1)

apps/github-webhook/Dockerfile
Node 25 (LTS until 2029-04-30) is a significant jump from Node 20. Consider verifying that all dependencies, especially firebase-admin, @octokit/*, and native modules if any, are compatible with Node 25 before deploying to production.

[jeremylongshore]

Closing: Node 25 is not an LTS release. Updating all Dockerfiles to node:22-alpine (current LTS) instead.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.