akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity
3,573 Commits 11 Branches 107 Tags
9d4b6e5b432bb8a930d4d00e6925d57e5d215ee2
Commit Graph

946 Commits

Author SHA1 Message Date
GitHub Actions
c428a5be57 fix: propagate pipeline exit codes in CI quality-checks workflow 2026-03-21 02:23:16 +00:00
renovate[bot]
fa42e79af3 fix(deps): update non-major-updates 2026-03-21 00:12:20 +00:00
renovate[bot]
3b247cdd73 fix(deps): update non-major-updates 2026-03-20 18:09:46 +00:00
renovate[bot]
5b02eebfe5 chore(deps): update nick-fields/retry action to v4 2026-03-20 05:30:43 +00:00
renovate[bot]
3a80e032f4 chore(deps): update dependency anchore/grype to v0.110.0 2026-03-19 21:09:01 +00:00
renovate[bot]
ec25165e54 fix(deps): update non-major-updates 2026-03-19 18:02:03 +00:00
renovate[bot]
6939c792bd chore(deps): update non-major-updates 2026-03-18 23:07:56 +00:00
renovate[bot]
db824152ef fix(deps): update non-major-updates 2026-03-18 17:00:26 +00:00
renovate[bot]
f82a892405 chore(deps): update release-drafter/release-drafter digest to 44a942e 2026-03-17 17:17:04 +00:00
renovate[bot]
1c72469ad6 chore(deps): update paulhatch/semantic-version action to v6.0.2 2026-03-17 14:30:44 +00:00
GitHub Actions
8b0011f6c6 fix(ci): enhance rate limit integration test reliability 
- Added HTTP status checks for login and security config POST requests to ensure proper error handling.
- Implemented a readiness gate for the Caddy admin API before applying security configurations.
- Increased sleep duration before verifying rate limit handler to accommodate Caddy's configuration propagation.
- Changed verification failure from a warning to a hard exit to prevent misleading test results.
- Updated Caddy admin API URL to use the canonical trailing slash in multiple locations.
- Adjusted retry parameters for rate limit verification to reduce polling noise.
- Removed stale GeoIP checksum validation from the Dockerfile's non-CI path to simplify the build process.
 2026-03-17 14:05:25 +00:00
renovate[bot]
c44642241c chore(deps): update non-major-updates 2026-03-16 18:22:12 +00:00
GitHub Actions
95a65069c0 fix: handle existing PR outputs in promotion job 2026-03-16 11:17:37 +00:00
renovate[bot]
81f1dce887 fix(deps): update non-major-updates 2026-03-16 11:06:23 +00:00
renovate[bot]
3577ce6c56 chore(deps): update softprops/action-gh-release digest to b25b93d 2026-03-15 10:55:54 +00:00
Jeremy
fca1139c81 Merge pull request #838 from Wikid82/renovate/feature/beta-release-release-drafter-release-drafter-7.x 
chore(deps): update release-drafter/release-drafter action to v7 (feature/beta-release)
 2026-03-14 12:30:46 -04:00
renovate[bot]
8ab926dc8b chore(deps): update release-drafter/release-drafter action to v7 2026-03-14 13:16:45 +00:00
renovate[bot]
85f258d9f6 chore(deps): update non-major-updates 2026-03-14 13:15:37 +00:00
GitHub Actions
bad97102e1 fix: repair GeoIP CI detection and harden httpbin startup in integration tests 2026-03-13 20:07:30 +00:00
GitHub Actions
98a4efcd82 fix: handle errors gracefully when commenting on PRs in supply chain verification workflow 2026-03-13 20:07:30 +00:00
renovate[bot]
eb5b74cbe3 chore(deps): update non-major-updates 2026-03-13 19:08:11 +00:00
renovate[bot]
49b956f916 chore(deps): update non-major-updates 2026-03-12 17:38:44 +00:00
renovate[bot]
7932188dae fix(deps): update non-major-updates 2026-03-12 09:30:08 +00:00
renovate[bot]
3186676f94 chore(deps): update non-major-updates 2026-03-11 16:26:55 +00:00
renovate[bot]
065ac87815 fix(deps): update non-major-updates 2026-03-11 14:53:49 +00:00
renovate[bot]
4e81a982aa chore(deps): update non-major-updates 2026-03-11 02:14:55 +00:00
renovate[bot]
13c5f8356c chore(deps): update non-major-updates 2026-03-10 13:21:37 +00:00
renovate[bot]
e2ebdb37f0 fix(deps): update non-major-updates 2026-03-09 18:49:35 +00:00
renovate[bot]
424dc43652 fix(deps): update non-major-updates 2026-03-09 16:47:48 +00:00
GitHub Actions
9cc7393e7b fix: update digest references in nightly build workflow to use output from resolve_digest step 2026-03-09 00:28:55 +00:00
GitHub Actions
187c3aea68 fix: remove unused tags output from build-and-push-nightly job 2026-03-09 00:06:00 +00:00
renovate[bot]
8032fb5b41 chore(deps): update non-major-updates 2026-03-07 19:54:06 +00:00
GitHub Actions
e68035fe30 fix: add Trivy ignore for CVE-2026-22184 and update expiry date for CVE-2026-22184 in Grype configuration 2026-03-07 13:56:01 +00:00
GitHub Actions
80ecb7de7f fix: enhance vulnerability reporting in nightly build with detailed triage information 2026-03-07 13:38:16 +00:00
GitHub Actions
75cd0a4d9c fix: update nightly branch checkout reference to support manual triggers 2026-03-07 12:58:40 +00:00
GitHub Actions
2824a731f5 fix: improve Alpine image digest resolution in nightly build workflow 2026-03-07 12:40:00 +00:00
GitHub Actions
2dbb00036d fix: resolve image digest from GHCR API for nightly builds 2026-03-07 12:25:57 +00:00
GitHub Actions
0ad0c2f2c4 fix: improve error handling for empty build digest in Syft SBOM scan 2026-03-07 12:18:20 +00:00
GitHub Actions
104f0eb6ee fix: add error handling for empty build digest in Syft SBOM scan 2026-03-07 12:04:15 +00:00
Jeremy
f50b05519b Merge pull request #810 from Wikid82/renovate/feature/beta-release-non-major-updates 
chore(deps): update aquasecurity/trivy-action action to v0.35.0 (feature/beta-release)
 2026-03-07 00:35:57 -05:00
GitHub Actions
ca3c1085ac fix: update notification messages for various handlers to improve clarity and consistency 2026-03-07 05:16:07 +00:00
renovate[bot]
4cee4f01f3 chore(deps): update aquasecurity/trivy-action action to v0.35.0 2026-03-07 04:29:40 +00:00
GitHub Actions
82e2134333 fix: remove security-experimental queries from CodeQL configuration to prevent false positives 2026-03-07 03:48:04 +00:00
GitHub Actions
92310a8b3e fix: update CodeQL queries to include security-experimental suite for enhanced analysis 2026-03-07 02:42:42 +00:00
renovate[bot]
13d31dd922 fix(deps): update non-major-updates 2026-03-06 20:00:48 +00:00
GitHub Actions
5bbae48b6b chore(docker): wire all workflows to single-source version ARGs 
The Dockerfile already centralizes all version pins into top-level ARGs
(GO_VERSION, ALPINE_IMAGE, CROWDSEC_VERSION, EXPR_LANG_VERSION, XNET_VERSION).
This change closes the remaining gaps so those ARGs are the single source of
truth end-to-end:

- nightly-build.yml now resolves the Alpine image digest at build time and
  passes ALPINE_IMAGE as a build-arg, matching the docker-build.yml pattern.
  Previously, nightly images were built with the Dockerfile ARG default and
  without a pinned digest, making runtime Alpine differ from docker-build.yml.

- six CI workflows (quality-checks, codecov-upload, benchmark, e2e-tests-split,
  release-goreleaser, codeql) declared a GO_VERSION env var but their setup-go
  steps ignored it and hardcoded the version string directly. They now reference
  ${{ env.GO_VERSION }}, so Renovate only needs to update one value per file
  and the env var actually serves its purpose.

- codeql.yml had no GO_VERSION env var at all; one is now added alongside the
  existing GOTOOLCHAIN: auto entry.

When Renovate bumps Go, it updates the env var at the top of each workflow and
the Dockerfile ARG — zero manual hunting required.
 2026-03-06 03:57:18 +00:00
GitHub Actions
abcfd62b21 fix: update Go version to 1.26.1 in CodeQL workflow for consistency and security improvements 2026-03-06 03:20:37 +00:00
GitHub Actions
b292a1b793 fix: update Go version to 1.26.1 in multiple workflow files for consistency and security improvements 2026-03-06 02:35:36 +00:00
renovate[bot]
834907cb5d chore(deps): update non-major-updates 2026-03-06 02:02:10 +00:00
renovate[bot]
132bbbd657 chore(deps): update docker/build-push-action action to v7 2026-03-06 01:07:01 +00:00