Allow most printable ASCII chars for object label key

Implemented as a balena-compose dependency update. Change-type: patch Signed-off-by: Ken Bannister <kb2ma@runbox.com>
2025-06-24 18:45:07 +00:00 · 2023-03-22 06:23:34 -04:00
17 changed files with 132 additions and 731 deletions
--- a/.github/actions/publish/action.yml
+++ b/.github/actions/publish/action.yml
@ -1,131 +0,0 @@
---
-name: package and draft GitHub release
-# https://github.com/product-os/flowzone/tree/master/.github/actions
-inputs:
-  json:
-    description: "JSON stringified object containing all the inputs from the calling workflow"
-    required: true
-  secrets:
-    description: "JSON stringified object containing all the secrets from the calling workflow"
-    required: true
-
-  # --- custom environment
-  XCODE_APP_LOADER_EMAIL:
-    type: string
-    default: "accounts+apple@balena.io"
-  NODE_VERSION:
-    type: string
-    # FIXME: (please) https://github.com/balena-io/balena-cli/issues/2165
-    default: "12.x"
-  VERBOSE:
-    type: string
-    default: "true"
-
-runs:
-  # https://docs.github.com/en/actions/creating-actions/creating-a-composite-action
-  using: "composite"
-  steps:
-    - name: Download custom source artifact
-      uses: actions/download-artifact@v3
-      with:
-        name: custom-${{ github.event.pull_request.head.sha || github.event.head_commit.id }}-${{ runner.os }}
-        path: ${{ runner.temp }}
-
-    - name: Extract custom source artifact
-      shell: pwsh
-      working-directory: .
-      run: tar -xf ${{ runner.temp }}/custom.tgz
-
-    - name: Setup Node.js
-      uses: actions/setup-node@v3
-      with:
-        node-version: ${{ inputs.NODE_VERSION }}
-        cache: npm
-
-    - name: Install additional tools
-      if: runner.os == 'Windows'
-      shell: bash
-      run: |
-        choco install yq
-
-    - name: Install additional tools
-      if: runner.os == 'macOS'
-      shell: bash
-      run: |
-        brew install coreutils
-
-    # https://www.electron.build/code-signing.html
-    # https://github.com/Apple-Actions/import-codesign-certs
-    - name: Import Apple code signing certificate
-      if: runner.os == 'macOS'
-      uses: apple-actions/import-codesign-certs@v1
-      with:
-        p12-file-base64: ${{ fromJSON(inputs.secrets).APPLE_SIGNING }}
-        p12-password: ${{ fromJSON(inputs.secrets).APPLE_SIGNING_PASSWORD }}
-
-    - name: Import Windows code signing certificate
-      if: runner.os == 'Windows'
-      shell: powershell
-      run: |
-        Set-Content -Path ${{ runner.temp }}/certificate.base64 -Value $env:WINDOWS_CERTIFICATE
-        certutil -decode ${{ runner.temp }}/certificate.base64 ${{ runner.temp }}/certificate.pfx
-        Remove-Item -path ${{ runner.temp }} -include certificate.base64
-
-        Import-PfxCertificate `
-          -FilePath ${{ runner.temp }}/certificate.pfx `
-          -CertStoreLocation Cert:\CurrentUser\My `
-          -Password (ConvertTo-SecureString -String $env:WINDOWS_CERTIFICATE_PASSWORD -Force -AsPlainText)
-
-      env:
-        WINDOWS_CERTIFICATE: ${{ fromJSON(inputs.secrets).WINDOWS_SIGNING }}
-        WINDOWS_CERTIFICATE_PASSWORD: ${{ fromJSON(inputs.secrets).WINDOWS_SIGNING_PASSWORD }}
-
-    # https://github.com/product-os/scripts/tree/master/shared
-    # https://github.com/product-os/balena-concourse/blob/master/pipelines/github-events/template.yml
-    - name: Package release
-      shell: bash
-      run: |
-        set -ea
-
-        [[ '${{ inputs.VERBOSE }}' =~ on|On|Yes|yes|true|True ]] && set -x
-
-        runner_os="$(echo "${RUNNER_OS}" | tr '[:upper:]' '[:lower:]')"
-        runner_arch="$(echo "${RUNNER_ARCH}" | tr '[:upper:]' '[:lower:]')"
-
-        if [[ $runner_os =~ darwin|macos|osx ]]; then
-            CSC_KEY_PASSWORD=${{ fromJSON(inputs.secrets).APPLE_SIGNING_PASSWORD }}
-            CSC_KEYCHAIN=signing_temp
-            CSC_LINK=${{ fromJSON(inputs.secrets).APPLE_SIGNING }}
-
-        elif [[ $runner_os =~ windows|win ]]; then
-            CSC_KEY_PASSWORD=${{ fromJSON(inputs.secrets).WINDOWS_SIGNING_PASSWORD }}
-            CSC_LINK='${{ runner.temp }}\certificate.pfx'
-
-            # patches/all/oclif.patch
-            MSYSSHELLPATH="$(which bash)"
-            MSYSTEM=MSYS
-
-            # (signtool.exe) https://github.com/actions/runner-images/blob/main/images/win/Windows2019-Readme.md#installed-windows-sdks
-            PATH="/c/Program Files (x86)/Windows Kits/10/bin/${runner_arch}:${PATH}"
-        fi
-
-        npm run package
-
-        find dist -type f -maxdepth 1
-
-      env:
-        # https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/#improvements-for-public-repository-forks
-        # https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks#about-workflow-runs-from-public-forks
-        CSC_FOR_PULL_REQUEST: true
-        # https://sectigo.com/resource-library/time-stamping-server
-        TIMESTAMP_SERVER: http://timestamp.sectigo.com
-        # Apple notarization (automation/build-bin.ts)
-        XCODE_APP_LOADER_EMAIL: ${{ inputs.XCODE_APP_LOADER_EMAIL }}
-        XCODE_APP_LOADER_PASSWORD: ${{ fromJSON(inputs.secrets).XCODE_APP_LOADER_PASSWORD }}
-
-    - name: Upload artifacts
-      uses: actions/upload-artifact@v3
-      with:
-        name: gh-release-${{ github.event.pull_request.head.sha || github.event.head_commit.id }}
-        path: dist
-        retention-days: 1
--- a/.github/actions/test/action.yml
+++ b/.github/actions/test/action.yml
@ -1,57 +0,0 @@
---
-name: test release
-# https://github.com/product-os/flowzone/tree/master/.github/actions
-inputs:
-  json:
-    description: "JSON stringified object containing all the inputs from the calling workflow"
-    required: true
-  secrets:
-    description: "JSON stringified object containing all the secrets from the calling workflow"
-    required: true
-
-  # --- custom environment
-  NODE_VERSION:
-    type: string
-    # FIXME: (please) https://github.com/balena-io/balena-cli/issues/2165
-    default: "12.x"
-  VERBOSE:
-    type: string
-    default: "true"
-
-runs:
-  # https://docs.github.com/en/actions/creating-actions/creating-a-composite-action
-  using: "composite"
-  steps:
-    # https://github.com/actions/setup-node#caching-global-packages-data
-    - name: Setup Node.js
-      uses: actions/setup-node@v3
-      with:
-        node-version: ${{ inputs.NODE_VERSION }}
-        cache: npm
-
-    - name: Test release
-      shell: bash
-      run: |
-        set -ea
-
-        [[ '${{ inputs.VERBOSE }}' =~ on|On|Yes|yes|true|True ]] && set -x
-
-        if [[ -e package-lock.json ]]; then
-            npm ci
-        else
-            npm i
-        fi
-
-        npm run build
-        npm run test
-
-    - name: Compress custom source
-      shell: pwsh
-      run: tar -acf ${{ runner.temp }}/custom.tgz .
-
-    - name: Upload custom artifact
-      uses: actions/upload-artifact@v3
-      with:
-        name: custom-${{ github.event.pull_request.head.sha || github.event.head_commit.id }}-${{ runner.os }}
-        path: ${{ runner.temp }}/custom.tgz
-        retention-days: 1
--- a/.github/workflows/flowzone.yml
+++ b/.github/workflows/flowzone.yml
@ -1,16 +0,0 @@
-name: Flowzone
-
-on:
-  pull_request:
-    types: [opened, synchronize, closed]
-    branches:
-      - "main"
-      - "master"
-
-jobs:
-  flowzone:
-    name: Flowzone
-    uses: product-os/flowzone/.github/workflows/flowzone.yml@master
-    secrets: inherit
-    with:
-      tests_run_on: '["ubuntu-20.04","macos-11","windows-2019"]'
--- a/.gitignore
+++ b/.gitignore
@ -10,6 +10,7 @@
 *.seed
 /.idea/
 /.lock-wscript
+/.nvmrc
 /.nyc_output/
 /.vscode/
 /coverage/
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +0,0 @@
-12
--- a/.resinci.yml
+++ b/.resinci.yml
@ -0,0 +1,20 @@
+---
+npm:
+  platforms:
+    - name: linux
+      os: ubuntu
+      architecture: x86_64
+      node_versions:
+        - "12"
+        - "14"
+    ##
+    ## Temporarily skip Alpine tests until the following issues are resolved:
+    ##   * https://github.com/concourse/concourse/issues/7905
+    ##   * https://github.com/product-os/balena-concourse/issues/631
+    ##
+    # - name: linux
+    #   os: alpine
+    #   architecture: x86_64
+    #   node_versions:
+    #     - "12"
+    #     - "14"
--- a/.versionbot/CHANGELOG.yml
+++ b/.versionbot/CHANGELOG.yml
@ -1,225 +1,3 @@
- commits:
-    - subject: "patch: update balena-preload to 12.2.0"
-      hash: ca637b3fb669cd8997ceb70201d4cabe0c621ecf
-      body: ""
-      footer: {}
-      author: Edwin Joassart
-      nested: []
-  version: 14.5.15
-  title: ""
-  date: 2022-12-12T13:41:11.847Z
- commits:
-    - subject: Bump multicast-dns to rebased commit (again)
-      hash: 60dd0daae5682c797ad5ac6fec94ccb7b91c5264
-      body: >
-        A recent PR reverted the multicast-dns commit bump from PR #2401. This
-        means that
-
-        under some conditions, `npm install` will fail.
-
-
-        See: https://github.com/balena-io-modules/multicast-dns/pull/1
-
-        See: https://github.com/balena-io/balena-cli/pull/2401
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: pipex
-      nested: []
-  version: 14.5.14
-  title: ""
-  date: 2022-12-11T21:46:37.025Z
- commits:
-    - subject: Build on macos-11 for library compatibility reasons
-      hash: e566badfffbe54a44f8fdd627fc8a78a5ecc204f
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: Page-
-      nested: []
-    - subject: Build on ubuntu-20.04 for library compatibility reasons
-      hash: 69834c417e2aa2d2c20a9749319fc72bb6e563fa
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: Page-
-      nested: []
-  version: 14.5.13
-  title: ""
-  date: 2022-12-08T14:00:25.894Z
- commits:
-    - subject: Move GH publishing to FZ core
-      hash: 99e8a36bb581ac84619ecba452c5afa3d56dae94
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.12
-  title: ""
-  date: 2022-11-21T18:46:45.663Z
- commits:
-    - subject: Adding .nvmrc so we can use nvm use instead of hunting for version
-      hash: 767216c842569a523540b7d4d32133c4e53c7596
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: zoobot
-      nested: []
-  version: 14.5.11
-  title: ""
-  date: 2022-11-17T18:32:46.270Z
- commits:
-    - subject: Fix surfacing incompatible device type errors as not recognized
-      hash: ca9767835852da53758f8e9713db85357f22ba8b
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-        Signed-off-by: Thodoris Greasidis <thodoris@balena.io>
-        signed-off-by: Thodoris Greasidis <thodoris@balena.io>
-      author: Thodoris Greasidis
-      nested: []
-  version: 14.5.10
-  title: ""
-  date: 2022-11-11T11:24:19.344Z
- commits:
-    - subject: Prevent git from existing with 141
-      hash: 52e95e6d0a96cfb07c111b927f3f8b0607063b99
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.9
-  title: ""
-  date: 2022-11-11T00:49:23.691Z
- commits:
-    - subject: Replace missing input
-      hash: 44f09b32fac79c387681f6988e6c621fb0e1ad15
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.8
-  title: ""
-  date: 2022-11-10T23:32:18.629Z
- commits:
-    - subject: Just ignore errors during publish
-      hash: 39e9997d9e0a8622d0fc255afe508131a33a9123
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.7
-  title: ""
-  date: 2022-11-10T22:19:20.861Z
- commits:
-    - subject: Ignore PIPE signal
-      hash: 6063f4c7762140731a42dd1e5515ce3326b4cb91
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.6
-  title: ""
-  date: 2022-11-10T21:07:32.419Z
- commits:
-    - subject: Don't pipefail
-      hash: e5ce1ade892ddddd8a34209b83dcafaeb53a0051
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.5
-  title: ""
-  date: 2022-11-10T20:07:10.573Z
- commits:
-    - subject: Error when the device type and image parameters do not match
-      hash: 4de369ff956a4da2a34ddb8f54cf3fcef10a9ec2
-      body: ""
-      footer:
-        Resolves: "#2537"
-        resolves: "#2537"
-        Change-type: patch
-        change-type: patch
-        Signed-off-by: Thodoris Greasidis <thodoris@balena.io>
-        signed-off-by: Thodoris Greasidis <thodoris@balena.io>
-      author: Thodoris Greasidis
-      nested: []
-  version: 14.5.4
-  title: ""
-  date: 2022-11-10T18:31:18.648Z
- commits:
-    - subject: Switch to Flowzone
-      hash: 19144163eeed93a6b68b91715d87e043879a8d51
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-      author: ab77
-      nested: []
-  version: 14.5.3
-  title: ""
-  date: 2022-11-10T17:20:17.608Z
- commits:
-    - subject: Stop waiting for the analytics response
-      hash: 1c7d9255ae5333ff717b9f32ef7adf1690cbb163
-      body: ""
-      footer:
-        Change-type: patch
-        change-type: patch
-        See: https://balena.zulipchat.com/#narrow/stream/345884-aspect.2Fanalytics/topic/Balena.20CLI.20analytics-performance
-        see: https://balena.zulipchat.com/#narrow/stream/345884-aspect.2Fanalytics/topic/Balena.20CLI.20analytics-performance
-        Signed-off-by: Thodoris Greasidis <thodoris@balena.io>
-        signed-off-by: Thodoris Greasidis <thodoris@balena.io>
-      author: Thodoris Greasidis
-      nested: []
-  version: 14.5.2
-  title: "'Stop waiting for the analytics response'"
-  date: 2022-10-21T16:18:42.222Z
- commits:
-    - subject: Bump parse-link-header from 1.0.1 to 2.0.0
-      hash: 3c2c925eed81ed61e1326437038cda1059b1a0ba
-      body: >
-        Bumps [parse-link-header](https://github.com/thlorenz/parse-link-header)
-        from 1.0.1 to 2.0.0.
-
-        - [Release notes](https://github.com/thlorenz/parse-link-header/releases)
-
-        - [Commits](https://github.com/thlorenz/parse-link-header/compare/v1.0.1...v2.0.0)
-
-
-        ---
-
-        updated-dependencies:
-
-        - dependency-name: parse-link-header
-          dependency-type: direct:development
-        ...
-      footer:
-        Change-type: patch
-        change-type: patch
-        Signed-off-by: dependabot[bot] <support@github.com>
-        signed-off-by: dependabot[bot] <support@github.com>
-      author: dependabot[bot]
-      nested: []
-  version: 14.5.1
-  title: "'Bump parse-link-header from 1.0.1 to 2.0.0'"
-  date: 2022-10-20T17:14:00.057Z
 - commits:
    - subject: keeps events loggiging with default message
      hash: d1e3bdf29a4cbe976f6d2feff0eb0f8553b3865a
@ -1147,8 +925,8 @@
            - subject: "patch: bump browserify from 14.5.0 to 17.0.0"
              hash: 2ee532e8dcc3eda0c54296f468f7f9a9e637071a
              body: >
-                Bumps [browserify](https://github.com/browserify/browserify) from 14.5.0
-                to 17.0.0.
+                Bumps [browserify](https://github.com/browserify/browserify)
+                from 14.5.0 to 17.0.0.

                - [Release notes](https://github.com/browserify/browserify/releases)

@ -1177,7 +955,8 @@
            - subject: "patch: bump tmp from 0.0.31 to 0.2.1"
              hash: e905a6a8054297c89e75447e5ff48ca92e13bd49
              body: >
-                Bumps [tmp](https://github.com/raszi/node-tmp) from 0.0.31 to 0.2.1.
+                Bumps [tmp](https://github.com/raszi/node-tmp) from 0.0.31 to
+                0.2.1.

                - [Release notes](https://github.com/raszi/node-tmp/releases)

@ -1260,7 +1039,8 @@
            - subject: "patch: bump mocha from 3.5.3 to 10.0.0"
              hash: 548996665b7e6159e5e209aa4a10987e071da024
              body: >
-                Bumps [mocha](https://github.com/mochajs/mocha) from 3.5.3 to 10.0.0.
+                Bumps [mocha](https://github.com/mochajs/mocha) from 3.5.3 to
+                10.0.0.

                - [Release notes](https://github.com/mochajs/mocha/releases)

@ -1303,8 +1083,8 @@
            - subject: "patch: bump mockttp from 0.9.1 to 2.7.0"
              hash: fa44187e4e510171666f046d6a3a658f59956fd4
              body: >-
-                Bumps [mockttp](https://github.com/httptoolkit/mockttp) from 0.9.1 to
-                2.7.0.
+                Bumps [mockttp](https://github.com/httptoolkit/mockttp) from
+                0.9.1 to 2.7.0.

                - [Release notes](https://github.com/httptoolkit/mockttp/releases)

@ -1377,8 +1157,8 @@
            - subject: "patch: bump superagent from 3.8.3 to 7.1.2"
              hash: ae3974af1965386bf236b7ae295e4a9ecc285f0c
              body: >
-                Bumps [superagent](https://github.com/visionmedia/superagent) from 3.8.3
-                to 7.1.2.
+                Bumps [superagent](https://github.com/visionmedia/superagent)
+                from 3.8.3 to 7.1.2.

                - [Release notes](https://github.com/visionmedia/superagent/releases)

@ -1407,7 +1187,8 @@
            - subject: "patch: bump dotenv from 4.0.0 to 16.0.0"
              hash: b2ddda64df84d5a109b2adc1ee847ff5aef17000
              body: >
-                Bumps [dotenv](https://github.com/motdotla/dotenv) from 4.0.0 to 16.0.0.
+                Bumps [dotenv](https://github.com/motdotla/dotenv) from 4.0.0 to
+                16.0.0.

                - [Release notes](https://github.com/motdotla/dotenv/releases)

@ -1546,8 +1327,8 @@
            - subject: "minor: Add trying SDK in the browser"
              hash: 50a6ca1844869eaccaf3275361a4016f7a284c05
              body: >
-                Add information about using SDK in the browser as a partial. Solving:
-                https://github.com/balena-io/docs/issues/2205
+                Add information about using SDK in the browser as a partial.
+                Solving: https://github.com/balena-io/docs/issues/2205
              footer:
                Signed-off-by: Vipul Gupta (@vipulgupta2048) <vipul@balena.io>
                signed-off-by: Vipul Gupta (@vipulgupta2048) <vipul@balena.io>
@ -1634,7 +1415,8 @@
            - subject: Remove unnecessary vpn address filtering when fetching local addresses
              hash: 12266a3c9349e5d944ba203e56f2fe80b5e97970
              body: >
-                This has been handled by the supervisor since v2.2.0 / balenaOS v1.14
+                This has been handled by the supervisor since v2.2.0 / balenaOS
+                v1.14

                from 2016-09-23 and is not relevant for any supported devices
              footer:
@ -2004,8 +1786,8 @@
            - subject: Add support for building images with progress
              hash: e072408ee951d3caf46af5050d0b71991d114614
              body: >
-                Using build instead of pull allows to add metadata (e.g. labels) to pulled
-                images in an
+                Using build instead of pull allows to add metadata (e.g. labels)
+                to pulled images in an

                atomic way. This commit adds the `DockerProgres.build()` method to

@ -3094,7 +2876,8 @@
                            - subject: Allow more lenient gzip decompression
                              hash: 9c7bc3051b279c9d09ec501a78dbe9f506d65650
                              body: >
-                                Be more lenient with decoding compressed responses, since (very rarely)
+                                Be more lenient with decoding compressed
+                                responses, since (very rarely)

                                servers send slightly invalid gzip responses that are still accepted

@ -4767,8 +4550,8 @@
    - subject: Improve directory scan speed prior to tarballing
      hash: 257dd514ed7c0f6988b8a47219991cc4f61b4529
      body: >
-        This changes improves the speed that the project is tarballed by switching
-        from
+        This changes improves the speed that the project is tarballed by
+        switching from

        `klaw` to `recursive-fs` and not running `lstat` on files that are ignored.

@ -5279,7 +5062,8 @@
                    - subject: Allow more lenient gzip decompression
                      hash: 9c7bc3051b279c9d09ec501a78dbe9f506d65650
                      body: >
-                        Be more lenient with decoding compressed responses, since (very rarely)
+                        Be more lenient with decoding compressed responses,
+                        since (very rarely)

                        servers send slightly invalid gzip responses that are still accepted

@ -5577,7 +5361,8 @@
    - subject: Add balena.yml handling and `--draft` to `balena deploy` release creation
      hash: 7d568a928b4297671e3776b72f64a6e2845d5f72
      body: >
-        This change allows use of a contract and release semver when doing a push,
+        This change allows use of a contract and release semver when doing a
+        push,

        and is part of the larger feature to use the builder as part of a CI/CD pipeline.
      footer:
@ -6947,7 +6732,8 @@
    - subject: "docker: Improve handling of Docker-in-Docker errors"
      hash: 9036ce9af373eb8d328f105839163db0cae38ae6
      body: >
-        The `local` logging driver captures output from container’s stdout/stderr
+        The `local` logging driver captures output from container’s
+        stdout/stderr

        and writes them to an internal storage that is optimized for performance and disk use.

@ -10606,7 +10392,8 @@
                        - commits:
                            - author: Thodoris Greasidis
                              body: >-
-                                Didn't convert the source, so that we don't end up
+                                Didn't convert the source, so that we don't end
+                                up

                                having conflicts with other ongoing PRs.
                              footers:
@ -18232,7 +18019,8 @@
      subject: "dependencies: bump etcher-sdk to pull in fixes"
    - author: Gergely Imreh
      body: >-
-        To fix the same error as here https://github.com/nodejs/node/issues/20285
+        To fix the same error as here
+        https://github.com/nodejs/node/issues/20285

        Task changes as described at https://fettblog.eu/gulp-4-parallel-and-series/
      footers:
@ -19775,11 +19563,11 @@
      subject: Improve `selectFromList` function signature to be much more reusable
    - author: Akis Kesoglou
      body: >-
-        Both commands work with local devices by remotely invoking the `os-config`
-        executable via SSH. This requires an as of yet unreleased resinOS (that
-        will most likely be v2.14) and the commands ascertain compatibility
-        merely by looking for the `os-config` executable in the device, and bail
-        out if it’s not present.
+        Both commands work with local devices by remotely invoking the
+        `os-config` executable via SSH. This requires an as of yet unreleased
+        resinOS (that will most likely be v2.14) and the commands ascertain
+        compatibility merely by looking for the `os-config` executable in the
+        device, and bail out if it’s not present.

        `join` and `leave` accept a couple of optional arguments and implement a wizard-style interface if these are not given. They allow to interactively select the device and the application to promote to. If the user has no apps, `join` will offer the user to create one. `join` will also offer the user to login or create an account if they’re not logged in already without exiting the wizard.

@ -20445,9 +20233,9 @@
      subject: Fix invoking undefined method
    - author: Akis Kesoglou
      body: >-
-        Legacy behaviour is mostly retained. The most notable change in behaviour
-        is that invoking `resin deploy` without options is now allowed (see help
-        string how it behaves).
+        Legacy behaviour is mostly retained. The most notable change in
+        behaviour is that invoking `resin deploy` without options is now allowed
+        (see help string how it behaves).

        In this commit there are also the following notable changes:

--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,67 +4,6 @@ All notable changes to this project will be documented in this file
 automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY!
 This project adheres to [Semantic Versioning](http://semver.org/).

-## 14.5.15 - 2022-12-12
-
-* patch: update balena-preload to 12.2.0 [Edwin Joassart]
-
-## 14.5.14 - 2022-12-11
-
-* Bump multicast-dns to rebased commit (again) [pipex]
-
-## 14.5.13 - 2022-12-08
-
-* Build on macos-11 for library compatibility reasons [Page-]
-* Build on ubuntu-20.04 for library compatibility reasons [Page-]
-
-## 14.5.12 - 2022-11-21
-
-* Move GH publishing to FZ core [ab77]
-
-## 14.5.11 - 2022-11-17
-
-* Adding .nvmrc so we can use nvm use instead of hunting for version [zoobot]
-
-## 14.5.10 - 2022-11-11
-
-* Fix surfacing incompatible device type errors as not recognized [Thodoris Greasidis]
-
-## 14.5.9 - 2022-11-11
-
-* Prevent git from existing with 141 [ab77]
-
-## 14.5.8 - 2022-11-10
-
-* Replace missing input [ab77]
-
-## 14.5.7 - 2022-11-10
-
-* Just ignore errors during publish [ab77]
-
-## 14.5.6 - 2022-11-10
-
-* Ignore PIPE signal [ab77]
-
-## 14.5.5 - 2022-11-10
-
-* Don't pipefail [ab77]
-
-## 14.5.4 - 2022-11-10
-
-* Error when the device type and image parameters do not match [Thodoris Greasidis]
-
-## 14.5.3 - 2022-11-10
-
-* Switch to Flowzone [ab77]
-
-## 14.5.2 - 2022-10-21
-
-* Stop waiting for the analytics response [Thodoris Greasidis]
-
-## 14.5.1 - 2022-10-20
-
-* Bump parse-link-header from 1.0.1 to 2.0.0 [dependabot[bot]]
-
 ## 14.5.0 - 2022-10-18

 * keeps events loggiging with default message [Otávio Jacobi]
--- a/automation/build-bin.ts
+++ b/automation/build-bin.ts
@ -45,6 +45,8 @@ const execFileAsync = promisify(execFile);
 export const packageJSON = loadPackageJson();
 export const version = 'v' + packageJSON.version;
 const arch = process.arch;
+const MSYS2_BASH =
+	process.env.MSYSSHELLPATH || 'C:\\msys64\\usr\\bin\\bash.exe';

 function dPath(...paths: string[]) {
 	return path.join(ROOT, 'dist', ...paths);
@ -423,28 +425,20 @@ async function renameInstallerFiles() {

 /**
 * If the CSC_LINK and CSC_KEY_PASSWORD env vars are set, digitally sign the
- * executable installer using Microsoft SignTool.exe (Sign Tool)
- * https://learn.microsoft.com/en-us/dotnet/framework/tools/signtool-exe
+ * executable installer by running the balena-io/scripts/shared/sign-exe.sh
+ * script (which must be in the PATH) using a MSYS2 bash shell.
 */
 async function signWindowsInstaller() {
 	if (process.env.CSC_LINK && process.env.CSC_KEY_PASSWORD) {
 		const exeName = renamedOclifInstallers[process.platform];
 		console.log(`Signing installer "${exeName}"`);
-		// trust ...
-		await execFileAsync('signtool.exe', [
-			'sign',
-			'-t',
-			process.env.TIMESTAMP_SERVER || 'http://timestamp.comodoca.com',
+		await execFileAsync(MSYS2_BASH, [
+			'sign-exe.sh',
 			'-f',
-			process.env.CSC_LINK,
-			'-p',
-			process.env.CSC_KEY_PASSWORD,
+			exeName,
 			'-d',
 			`balena-cli ${version}`,
-			exeName,
 		]);
-		// ... but verify
-		await execFileAsync('signtool.exe', ['verify', '-pa', '-v', exeName]);
 	} else {
 		console.log(
 			'Skipping installer signing step because CSC_* env vars are not set',
@ -456,21 +450,14 @@ async function signWindowsInstaller() {
 * Wait for Apple Installer Notarization to continue
 */
 async function notarizeMacInstaller(): Promise<void> {
-	const appleId =
-		process.env.XCODE_APP_LOADER_EMAIL || 'accounts+apple@balena.io';
-	const appBundleId = packageJSON.oclif.macos.identifier || 'io.balena.cli';
-	const appleIdPassword = process.env.XCODE_APP_LOADER_PASSWORD;
-
-	if (appleIdPassword) {
-		const { notarize } = await import('electron-notarize');
-		// https://github.com/electron/notarize/blob/main/README.md
-		await notarize({
-			appBundleId,
-			appPath: renamedOclifInstallers.darwin,
-			appleId,
-			appleIdPassword,
-		});
-	}
+	const appleId = 'accounts+apple@balena.io';
+	const { notarize } = await import('electron-notarize');
+	await notarize({
+		appBundleId: 'io.balena.etcher',
+		appPath: renamedOclifInstallers.darwin,
+		appleId,
+		appleIdPassword: '@keychain:CLI_PASSWORD',
+	});
 }

 /**
--- a/completion/_balena
+++ b/completion/_balena
@ -12,7 +12,7 @@ _balena() {
  # Sub-completions
  api_key_cmds=( generate )
  config_cmds=( generate inject read reconfigure write )
-  device_cmds=( deactivate identify init local-mode move os-update pin public-url purge reboot register rename restart rm services shutdown track-fleet )
+  device_cmds=( deactivate identify init local-mode move os-update pin public-url purge reboot register rename restart rm shutdown track-fleet )
  devices_cmds=( supported )
  env_cmds=( add rename rm )
  fleet_cmds=( create pin purge rename restart rm track-latest )
--- a/completion/balena-completion.bash
+++ b/completion/balena-completion.bash
@ -11,7 +11,7 @@ _balena_complete()
  # Sub-completions
  api_key_cmds="generate"
  config_cmds="generate inject read reconfigure write"
-  device_cmds="deactivate identify init local-mode move os-update pin public-url purge reboot register rename restart rm services shutdown track-fleet"
+  device_cmds="deactivate identify init local-mode move os-update pin public-url purge reboot register rename restart rm shutdown track-fleet"
  devices_cmds="supported"
  env_cmds="add rename rm"
  fleet_cmds="create pin purge rename restart rm track-latest"
--- a/lib/commands/device/services.ts
+++ b/lib/commands/device/services.ts
@ -1,93 +0,0 @@
-/**
- * @license
- * Copyright 2016-2020 Balena Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import { flags } from '@oclif/command';
-import type { IArg } from '@oclif/parser/lib/args';
-import { ImageInstall } from 'balena-sdk';
-import Command from '../../command';
-import * as cf from '../../utils/common-flags';
-import { getBalenaSdk, getVisuals, stripIndent } from '../../utils/lazy';
-import { getExpandedProp } from '../../utils/pine';
-
-interface FlagsDef {
-	help: void;
-}
-
-interface ArgsDef {
-	uuid: string;
-}
-
-interface AugmentedImageInstall extends ImageInstall {
-	name?: string;
-	release?: string;
-}
-
-export default class DeviceServicesCmd extends Command {
-	public static description = stripIndent`
-         Show info about a device's services.
- 
-         Show info about a device's services.
-         `;
-	public static examples = ['$ balena device services 23c73a1'];
-
-	public static args: Array<IArg<any>> = [
-		{
-			name: 'uuid',
-			description: 'the uuid of the device whose services to show info about',
-			required: true,
-		},
-	];
-
-	public static usage = 'device services <uuid>';
-
-	public static flags: flags.Input<FlagsDef> = {
-		help: cf.help,
-	};
-
-	public static authenticated = true;
-
-	public async run() {
-		const { args: params } = this.parse<FlagsDef, ArgsDef>(DeviceServicesCmd);
-
-		const balena = getBalenaSdk();
-
-		try {
-			const device = await balena.models.device.getWithServiceDetails(
-				params.uuid,
-			);
-			console.log(
-				getVisuals().table.horizontal(
-					device.image_install?.map((imageInstall) => {
-						const newImageInstall: AugmentedImageInstall = { ...imageInstall };
-						newImageInstall.name = getExpandedProp(
-							getExpandedProp(imageInstall.image, 'is_a_build_of__service')!,
-							'service_name',
-						);
-						newImageInstall.release = getExpandedProp(
-							imageInstall.is_provided_by__release,
-							'commit',
-						);
-						return newImageInstall;
-					}),
-					['name', 'status', 'release', 'id'],
-				),
-			);
-		} catch (e) {
-			throw e;
-		}
-	}
-}
--- a/lib/errors.ts
+++ b/lib/errors.ts
@ -177,16 +177,7 @@ const messages: {
 		Looks like the session token has expired.
 		Try logging in again with the "balena login" command.`,

-	BalenaInvalidDeviceType: (
-		error: Error & { deviceTypeSlug?: string; type?: string },
-	) => {
-		// TODO: The SDK should be throwing a different Error for this case.
-		if (
-			typeof error.type === 'string' &&
-			error.type.startsWith('Incompatible ')
-		) {
-			return error.type;
-		}
+	BalenaInvalidDeviceType: (error: Error & { deviceTypeSlug?: string }) => {
 		const slug = error.deviceTypeSlug ? `"${error.deviceTypeSlug}"` : 'slug';
 		return stripIndent`
 			Device type ${slug} not recognized. Perhaps misspelled?
--- a/lib/events.ts
+++ b/lib/events.ts
@ -73,8 +73,6 @@ export async function trackCommand(commandSignature: string) {
 	}
 }

-const TIMEOUT = 4000;
-
 /**
 * Make the event tracking HTTPS request to balenaCloud's '/mixpanel' endpoint.
 */
@ -102,23 +100,14 @@ async function sendEvent(balenaUrl: string, event: string, username?: string) {
 		await got.post(url, {
 			json: trackData,
 			retry: 0,
-			timeout: {
-				// Starts when the request is initiated.
-				request: TIMEOUT,
-				// Starts when request has been flushed.
-				// Exits the request as soon as it's sent.
-				response: 0,
-			},
+			timeout: 4000,
 		});
 	} catch (e) {
 		if (process.env.DEBUG) {
 			console.error(`[debug] Event tracking error: ${e.message || e}`);
 		}

-		if (
-			e instanceof got.TimeoutError &&
-			TIMEOUT < (e.timings.phases.total ?? 0)
-		) {
+		if (e instanceof got.TimeoutError) {
 			console.error(stripIndent`
 				Timeout submitting analytics event to balenaCloud/openBalena.
 				If you are using the balena CLI in an air-gapped environment with a filtered
--- a/lib/utils/helpers.ts
+++ b/lib/utils/helpers.ts
@ -107,19 +107,11 @@ export async function getManifest(
 	deviceType: string,
 ): Promise<BalenaSdk.DeviceTypeJson.DeviceType> {
 	const init = await import('balena-device-init');
-	const sdk = getBalenaSdk();
 	const manifest = await init.getImageManifest(image);
-	if (
-		manifest != null &&
-		manifest.slug !== deviceType &&
-		manifest.slug !== (await sdk.models.deviceType.get(deviceType)).slug
-	) {
-		const { ExpectedError } = await import('../errors');
-		throw new ExpectedError(
-			`The device type of the provided OS image ${manifest.slug}, does not match the expected device type ${deviceType}`,
-		);
+	if (manifest != null) {
+		return manifest;
 	}
-	return manifest ?? (await sdk.models.device.getManifestBySlug(deviceType));
+	return getBalenaSdk().models.device.getManifestBySlug(deviceType);
 }

 export const areDeviceTypesCompatible = async (
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
@ -1,6 +1,6 @@
 {
  "name": "balena-cli",
-  "version": "14.5.15",
+  "version": "14.5.0",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
@ -1295,9 +1295,9 @@
      }
    },
    "@balena/compose": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/@balena/compose/-/compose-2.1.1.tgz",
-      "integrity": "sha512-Ra+nrR+wAuWYZsKFAtHpVZOpig19rcMvBtdoPuCjFgcpSCqGNLFaaHqRvg/kr9nN6sFXyaiYKpsb9C/varmy3Q==",
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/@balena/compose/-/compose-2.1.2.tgz",
+      "integrity": "sha512-FeVbdlFGRsU+oSlMm+15c0EC4VFaCdTbU1ym6aMlGGXkhn9ChYXCxpJAGUMCxe3Wzim1oh7Vnpb0QVUiX6Sfkw==",
      "requires": {
        "JSONStream": "^1.3.5",
        "ajv": "^6.12.3",
@ -1307,7 +1307,7 @@
        "docker-modem": "^3.0.3",
        "docker-progress": "^5.1.0",
        "dockerfile-ast": "^0.2.1",
-        "dockerode": "^3.3.1",
+        "dockerode": "3.3.3",
        "duplexify": "^4.1.2",
        "event-stream": "^4.0.1",
        "fp-ts": "^2.8.1",
@ -1333,14 +1333,14 @@
          "integrity": "sha512-6+VnnhZpxwWvvKwjkRnuqlTtlBRJuM+3cCSXmZoYhyXcdgxx6l/3lwYpqmJ9qmhzgWVeATkpVsTua92BsObJjw=="
        },
        "docker-modem": {
-          "version": "3.0.5",
-          "resolved": "https://registry.npmjs.org/docker-modem/-/docker-modem-3.0.5.tgz",
-          "integrity": "sha512-x1E6jxWdtoK3+ifAUWj4w5egPdTDGBpesSCErm+aKET5BnnEOvDtTP6GxcnMB1zZiv2iQ0qJZvJie+1wfIRg6Q==",
+          "version": "3.0.6",
+          "resolved": "https://registry.npmjs.org/docker-modem/-/docker-modem-3.0.6.tgz",
+          "integrity": "sha512-h0Ow21gclbYsZ3mkHDfsYNDqtRhXS8fXr51bU0qr1dxgTMJj0XufbzX+jhNOvA8KuEEzn6JbvLVhXyv+fny9Uw==",
          "requires": {
            "debug": "^4.1.1",
            "readable-stream": "^3.5.0",
            "split-ca": "^1.0.1",
-            "ssh2": "^1.4.0"
+            "ssh2": "^1.11.0"
          }
        },
        "event-stream": {
@ -1368,9 +1368,9 @@
          "integrity": "sha512-pgsE40/SvC7st04AHiISNewaIMUbY5V/K8b21ekiPiFoYs/EYSdsGa+FJArB1d441uq4Q8zZyIxvAzkGNlBdRw=="
        },
        "nan": {
-          "version": "2.16.0",
-          "resolved": "https://registry.npmjs.org/nan/-/nan-2.16.0.tgz",
-          "integrity": "sha512-UdAqHyFngu7TfQKsCBgAA6pWDkT8MAO7d0jyOecVhN5354xbLqdn8mV9Tat9gepAupm0bt2DbeaSC8vS52MuFA==",
+          "version": "2.17.0",
+          "resolved": "https://registry.npmjs.org/nan/-/nan-2.17.0.tgz",
+          "integrity": "sha512-2ZTgtl0nJsO0KQCjEpxcIr5D+Yv90plTitZt9JBfQvVJDS5seMl3FOvsh3+9CoYWXf/1l5OaZzzF6nDm4cagaQ==",
          "optional": true
        },
        "readable-stream": {
@ -2668,9 +2668,9 @@
      }
    },
    "@types/dockerode": {
-      "version": "3.3.9",
-      "resolved": "https://registry.npmjs.org/@types/dockerode/-/dockerode-3.3.9.tgz",
-      "integrity": "sha512-SYRN5FF/qmwpxUT6snJP5D8k0wgoUKOGVs625XvpRJOOUi6s//UYI4F0tbyE3OmzpI70Fo1+aqpzX27zCrInww==",
+      "version": "3.3.11",
+      "resolved": "https://registry.npmjs.org/@types/dockerode/-/dockerode-3.3.11.tgz",
+      "integrity": "sha512-aokz8xlZoq+ShZ5UkDmVZFwOrzuxK2ufFxK8WcQ4PuCPlQmUWl7kyHAv6ahKI7furWAysLtQnO7xX0jNDJdQTw==",
      "requires": {
        "@types/docker-modem": "*",
        "@types/node": "*"
@ -3061,18 +3061,9 @@
      }
    },
    "@types/ssh2": {
-      "version": "0.5.52",
-      "resolved": "https://registry.npmjs.org/@types/ssh2/-/ssh2-0.5.52.tgz",
-      "integrity": "sha512-lbLLlXxdCZOSJMCInKH2+9V/77ET2J6NPQHpFI0kda61Dd1KglJs+fPQBchizmzYSOJBgdTajhPqBO1xxLywvg==",
-      "requires": {
-        "@types/node": "*",
-        "@types/ssh2-streams": "*"
-      }
-    },
-    "@types/ssh2-streams": {
-      "version": "0.1.9",
-      "resolved": "https://registry.npmjs.org/@types/ssh2-streams/-/ssh2-streams-0.1.9.tgz",
-      "integrity": "sha512-I2J9jKqfmvXLR5GomDiCoHrEJ58hAOmFrekfFqmCFd+A6gaEStvWnPykoWUwld1PNg4G5ag1LwdA+Lz1doRJqg==",
+      "version": "1.11.6",
+      "resolved": "https://registry.npmjs.org/@types/ssh2/-/ssh2-1.11.6.tgz",
+      "integrity": "sha512-8Mf6bhzYYBLEB/G6COux7DS/F5bCWwojv/qFo2yH/e4cLzAavJnxvFXrYW59iKfXdhG6OmzJcXDasgOb/s0rxw==",
      "requires": {
        "@types/node": "*"
      }
@ -5564,9 +5555,9 @@
      },
      "dependencies": {
        "nan": {
-          "version": "2.16.0",
-          "resolved": "https://registry.npmjs.org/nan/-/nan-2.16.0.tgz",
-          "integrity": "sha512-UdAqHyFngu7TfQKsCBgAA6pWDkT8MAO7d0jyOecVhN5354xbLqdn8mV9Tat9gepAupm0bt2DbeaSC8vS52MuFA==",
+          "version": "2.17.0",
+          "resolved": "https://registry.npmjs.org/nan/-/nan-2.17.0.tgz",
+          "integrity": "sha512-2ZTgtl0nJsO0KQCjEpxcIr5D+Yv90plTitZt9JBfQvVJDS5seMl3FOvsh3+9CoYWXf/1l5OaZzzF6nDm4cagaQ==",
          "optional": true
        }
      }
@ -7941,9 +7932,9 @@
      "integrity": "sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow=="
    },
    "fp-ts": {
-      "version": "2.12.2",
-      "resolved": "https://registry.npmjs.org/fp-ts/-/fp-ts-2.12.2.tgz",
-      "integrity": "sha512-v8J7ud+nTkP5Zz17GhpCsY19wiRbB9miuj61nBcCJyDpu52zs9Z4O7OLDfYoKFQMJ9EsSZA7W1vRgC1d3jy5qw=="
+      "version": "2.13.1",
+      "resolved": "https://registry.npmjs.org/fp-ts/-/fp-ts-2.13.1.tgz",
+      "integrity": "sha512-0eu5ULPS2c/jsa1lGFneEFFEdTbembJv8e4QKXeVJ3lm/5hyve06dlKZrpxmMwJt6rYen7sxmHHK2CLaXvWuWQ=="
    },
    "fragment-cache": {
      "version": "0.2.1",
@ -9335,9 +9326,9 @@
      }
    },
    "io-ts": {
-      "version": "2.2.17",
-      "resolved": "https://registry.npmjs.org/io-ts/-/io-ts-2.2.17.tgz",
-      "integrity": "sha512-RkQY06h6rRyADVEI46OCAUYTP2p18Vdtz9Movi19Mmj7SJ1NhN/yGyW7CxlcBVxh95WKg2YSbTmcUPqqeLuhXw=="
+      "version": "2.2.19",
+      "resolved": "https://registry.npmjs.org/io-ts/-/io-ts-2.2.19.tgz",
+      "integrity": "sha512-ED0GQwvKRr5C2jqOOJCkuJW2clnbzqFexQ8V7Qsb+VB36S1Mk/OKH7k0FjSe4mjKy9qBRA3OqgVGyFMUEKIubw=="
    },
    "io-ts-reporters": {
      "version": "1.2.2",
@ -11454,7 +11445,7 @@
      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
    },
    "multicast-dns": {
-      "version": "git+https://github.com/resin-io-modules/multicast-dns.git#db98d68b79bbefc936b6799de9de1038ba49f85d",
+      "version": "git+https://github.com/resin-io-modules/multicast-dns.git#a15c63464eb43e8925b187ed5cb9de6892e8aacc",
      "from": "git+https://github.com/resin-io-modules/multicast-dns.git#listen-on-all-interfaces",
      "requires": {
        "dns-packet": "^1.0.1",
@ -12889,9 +12880,9 @@
      }
    },
    "parse-link-header": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/parse-link-header/-/parse-link-header-2.0.0.tgz",
-      "integrity": "sha512-xjU87V0VyHZybn2RrCX5TIFGxTVZE6zqqZWMPlIKiSKuWh/X5WZdt+w1Ki1nXB+8L/KtL+nZ4iq+sfI6MrhhMw==",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/parse-link-header/-/parse-link-header-1.0.1.tgz",
+      "integrity": "sha1-vt/g0hGK64S+deewJUGeyKYRQKc=",
      "dev": true,
      "requires": {
        "xtend": "~4.0.1"
@ -13133,9 +13124,9 @@
      }
    },
    "pinejs-client-request": {
-      "version": "7.3.5",
-      "resolved": "https://registry.npmjs.org/pinejs-client-request/-/pinejs-client-request-7.3.5.tgz",
-      "integrity": "sha512-A7OFpAASDixcprtBpHInF28oqcFXWeYssOlIVIzIMua6QIL65OVqxVdrkMb9KcAFfgJX9oY8656+Ri4O1w05lA==",
+      "version": "7.3.6",
+      "resolved": "https://registry.npmjs.org/pinejs-client-request/-/pinejs-client-request-7.3.6.tgz",
+      "integrity": "sha512-6Pr9rKXh2DcZcd/sCc7r8nLq6upL8SLWu7/VURAQ57U43bVWs/Urbib4jdyJ9CjRVvhGWm+7b52Y/Y0Q29WhqA==",
      "requires": {
        "@types/lodash": "^4.14.181",
        "@types/lru-cache": "^5.1.1",
@ -13148,9 +13139,9 @@
      },
      "dependencies": {
        "@types/lodash": {
-          "version": "4.14.182",
-          "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.182.tgz",
-          "integrity": "sha512-/THyiqyQAP9AfARo4pF+aCGcyiQ94tX/Is2I7HofNRqoYLgN1PBoOWu2/zTA5zMxzP5EFutMtWtGAFRKUe961Q=="
+          "version": "4.14.186",
+          "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.186.tgz",
+          "integrity": "sha512-eHcVlLXP0c2FlMPm56ITode2AgLMSa6aJ05JTTbYbI+7EMkCEE5qk2E41d5g2lCVTqRe0GnnRFurmlCsDODrPw=="
        },
        "@types/request": {
          "version": "2.48.8",
@ -13174,9 +13165,9 @@
          }
        },
        "pinejs-client-core": {
-          "version": "6.10.2",
-          "resolved": "https://registry.npmjs.org/pinejs-client-core/-/pinejs-client-core-6.10.2.tgz",
-          "integrity": "sha512-atW5VgmHdAwJGhalhw3hLbjhrjVQDODaSzrwLJYWFHS4M2XlQPdl7xGin4U6moGeVnsUDQe+/qVU8yKJLDgXrQ==",
+          "version": "6.10.5",
+          "resolved": "https://registry.npmjs.org/pinejs-client-core/-/pinejs-client-core-6.10.5.tgz",
+          "integrity": "sha512-wkcbNXCaU+wFAkPqdXUAlSA9XWjHmMrPzvRdmm1fEnI5bhaon8UWnH3cKi9JHZ8RXsO/bvn6d8zl7MKxQsn13Q==",
          "requires": {
            "@balena/es-version": "^1.0.1"
          }
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "balena-cli",
-  "version": "14.5.15",
+  "version": "14.5.0",
  "description": "The official balena Command Line Interface",
  "main": "./build/app.js",
  "homepage": "https://github.com/balena-io/balena-cli",
@ -90,7 +90,8 @@
  "author": "Balena Inc. (https://balena.io/)",
  "license": "Apache-2.0",
  "engines": {
-    "node": ">=12 <16"
+    "node": ">=12.8.0 <13.0.0",
+    "npm": "<7.0.0"
  },
  "husky": {
    "hooks": {
@ -126,7 +127,7 @@
    "@types/chai-as-promised": "^7.1.4",
    "@types/cli-truncate": "^2.0.0",
    "@types/common-tags": "^1.8.1",
-    "@types/dockerode": "^3.3.9",
+    "@types/dockerode": "^3.3.11",
    "@types/ejs": "^3.1.0",
    "@types/express": "^4.17.13",
    "@types/fs-extra": "^9.0.13",
@ -183,7 +184,7 @@
    "mocha": "^8.4.0",
    "mock-require": "^3.0.3",
    "nock": "^13.2.1",
-    "parse-link-header": "^2.0.0",
+    "parse-link-header": "^1.0.1",
    "pkg": "^5.5.1",
    "publish-release": "^1.6.1",
    "rewire": "^5.0.0",
@ -193,7 +194,7 @@
    "typescript": "^4.6.4"
  },
  "dependencies": {
-    "@balena/compose": "^2.1.1",
+    "@balena/compose": "^2.1.2",
    "@balena/dockerignore": "^1.0.2",
    "@balena/es-version": "^1.0.1",
    "@oclif/command": "^1.8.16",
@ -207,7 +208,7 @@
    "balena-errors": "^4.7.1",
    "balena-image-fs": "^7.0.6",
    "balena-image-manager": "^8.0.0",
-    "balena-preload": "^12.2.0",
+    "balena-preload": "^12.1.0",
    "balena-sdk": "^16.28.0",
    "balena-semver": "^2.3.0",
    "balena-settings-client": "^4.0.7",
@ -284,6 +285,6 @@
    "windosu": "^0.3.0"
  },
  "versionist": {
-    "publishedAt": "2022-12-12T13:41:12.779Z"
+    "publishedAt": "2022-10-18T11:18:20.001Z"
  }
 }