auto-updater

The script is a functional auto-update/applier for a git repository with Docker-based deployment. It is not obviously malicious by itself, but it presents a meaningful software supply-chain risk: when --apply is used the host will execute untrusted repository content (install/build lifecycle scripts and Dockerfile instructions) without verification or sandboxing. The script also hides error details via stderr suppression, which reduces transparency. Recommended mitigations before using --apply: inspect package.json scripts and Dockerfile and verify commit/tag signatures or checksums, run builds in an isolated environment (unprivileged container or CI with limited secrets), avoid running as root, and remove or reduce stderr suppression to aid auditing.