akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

chore: bump CrowdSec from 1.7.4 to 1.7.5

Browse Source 
Upgrade CrowdSec to maintenance release v1.7.5 with:

PAPI allowlist check before adding decisions
CAPI token reuse improvements
LAPI-only container hub preparation fix
~25 internal refactoring changes
12 dependency updates
Verification completed:

E2E tests: 674/746 passed
Backend coverage: 85.3%
Frontend coverage: 85.04%
Security scans: No new vulnerabilities
CodeQL: Clean (Go + JavaScript)
This commit is contained in:
GitHub Actions
2026-01-22 16:39:50 +00:00
parent 6593aca0ed
commit b60e0be5fb
8 changed files with 2728 additions and 2036 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
docs/plans/crowdsec_source_build.md
View File

@@ -34,7 +34,7 @@ ARG TARGETOS
ARG TARGETARCH
# CrowdSec version - Renovate can update this
# renovate: datasource=github-releases depName=crowdsecurity/crowdsec
ARG CROWDSEC_VERSION=1.7.4
ARG CROWDSEC_VERSION=1.7.5
RUN apk add --no-cache git clang lld
RUN xx-apk add --no-cache gcc musl-dev
@@ -122,7 +122,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
### Research Findings
**From CrowdSec GitHub (crowdsecurity/crowdsec v1.7.4):**
**From CrowdSec GitHub (crowdsecurity/crowdsec v1.7.5):**
- **Language:** Go 81.3%
- **License:** MIT
@@ -199,7 +199,7 @@ ARG TARGETOS
ARG TARGETARCH
# CrowdSec version - Renovate can update this
# renovate: datasource=github-releases depName=crowdsecurity/crowdsec
ARG CROWDSEC_VERSION=1.7.4
ARG CROWDSEC_VERSION=1.7.5
# hadolint ignore=DL3018
RUN apk add --no-cache git clang lld
@@ -444,7 +444,7 @@ docker rm crowdsec-test
**Expected Results:**
-`cscli version` shows CrowdSec v1.7.4
-`cscli version` shows CrowdSec v1.7.5
-`cscli hub list` displays installed scenarios/parsers
-`cscli metrics` shows metrics (or "No data" if no logs processed yet)
- ✅ No critical errors in logs
@@ -597,8 +597,8 @@ rm ./cscli_test ./crowdsec_test
**CrowdSec Version Pinning:**
- Current: `v1.7.4` (December 2025 release)
- expr-lang in v1.7.4: Likely `v1.17.2` (vulnerable)
- Current: `v1.7.5` (January 2026 release)
- expr-lang in v1.7.5: Uses patched `v1.17.7`
- Post-patch: `v1.17.7` (forced upgrade via `go get`)
**Potential Issues:**
@@ -859,7 +859,7 @@ docker exec <container-id> cscli parsers list
```bash
# Clone CrowdSec
git clone --depth 1 --branch v1.7.4 https://github.com/crowdsecurity/crowdsec.git
git clone --depth 1 --branch v1.7.5 https://github.com/crowdsecurity/crowdsec.git
cd crowdsec
# Patch expr-lang
@@ -868,11 +868,11 @@ go mod tidy
# Build binaries
CGO_ENABLED=1 go build -o crowdsec \
-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=v1.7.4" \
-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=v1.7.5" \
./cmd/crowdsec
CGO_ENABLED=1 go build -o cscli \
-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=v1.7.4" \
-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=v1.7.5" \
./cmd/crowdsec-cli
# Verify expr-lang version
@@ -892,7 +892,7 @@ strings /usr/local/bin/cscli | grep -i "expr-lang"
# Check version
cscli version
# Output:
# version: v1.7.4
# version: v1.7.5
# ...
```