Caddy 2.10.2 requires Go 1.25 (declared in its go.mod). The previous
commit incorrectly downgraded to Go 1.23 based on the false assumption
that Go 1.25.5 doesn't exist.
This fix:
- Updates Dockerfile Go images from 1.23-alpine to 1.25-alpine
- Updates backend/go.mod to go 1.25
- Updates go.work to go 1.25
Fixes CI Docker build failures in xcaddy stage.
- Updated LiveLogViewer to support a new security mode, allowing for the display of security logs.
- Implemented mock functions for connecting to security logs in tests.
- Added tests for rendering, filtering, and displaying security log entries, including blocked requests and source filtering.
- Modified Security page to utilize the new security mode in LiveLogViewer.
- Updated Security page tests to reflect changes in log viewer and ensure proper rendering of security-related components.
- Introduced a new script for CrowdSec startup testing, ensuring proper configuration and parser installation.
- Added pre-flight checks in the CrowdSec integration script to verify successful startup and configuration.
- Added integration test script `crowdsec_decision_integration.sh` for verifying CrowdSec decision management functionality.
- Created QA report for the CrowdSec decision management integration test infrastructure, detailing file verification, validation results, and overall status.
- Included comprehensive test cases for starting CrowdSec, managing IP bans, and checking API responses.
- Ensured proper logging, error handling, and cleanup procedures within the test script.
- Verified syntax, security, and functionality of all related files.
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests.
- Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency.
- Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript.
- Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches.
- Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
- Added unit tests for CrowdSec handler, including listing, banning, and unbanning IPs.
- Implemented mock command executor for testing command execution.
- Created tests for various scenarios including successful operations, error handling, and invalid inputs.
- Developed CrowdSec configuration tests to ensure proper handler setup and JSON output.
- Documented security features and identified gaps in CrowdSec, WAF, and Rate Limiting implementations.
- Established acceptance criteria for feature completeness and outlined implementation phases for future work.
- Added custom manager in renovate.json to track Go dependencies patched in Dockerfile for Caddy CVE fixes.
- Updated Dockerfile to pre-fetch and override vulnerable module versions for dependencies (expr, quic-go, smallstep/certificates) during the build process.
- Improved build resilience by implementing a fallback mechanism for Caddy versioning.
- Introduced tests for user SMTP audit, covering invite token security, input validation, authorization, and SMTP config security.
- Enhanced user invite functionality with duplicate email protection and case-insensitive checks.
- Updated go.work.sum to include new dependencies and ensure compatibility.
- Implemented CrowdSec process management with start, stop, and status endpoints.
- Added import functionality for CrowdSec configuration files with backup support.
- Introduced a new FeatureFlagsHandler to manage feature flags with database and environment variable fallback.
- Created tests for CrowdSec handler and feature flags handler.
- Updated routes to include new feature flags and CrowdSec management endpoints.
- Enhanced import handler with better error logging and diagnostics.
- Added frontend API calls for CrowdSec management and feature flags.
- Updated SystemSettings page to manage feature flags and CrowdSec controls.
- Refactored logs and other components for improved functionality and UI consistency.
- Wrap async mutations in act() across useImport, useProxyHosts, useRemoteServers tests
- Add npm_config_rollup_skip_nodejs_native=1 in Dockerfile to bypass native binary for arm64
- Enable Go module caching in CI via cache-dependency-path on setup-go action
- All frontend tests now pass cleanly (49/49) without React Testing Library warnings
The backend-builder stage was using golang:latest (Debian) but trying to
run Alpine's apk package manager, causing build failures with 'apk: not
found'. Changed to golang:alpine for consistency with the RUN commands.
Fixes Docker build workflow failures in GitHub Actions.
- Added Codecov configuration to enforce 75% coverage.
- Created .dockerignore to exclude unnecessary files from Docker context.
- Implemented GitHub Actions CI workflow for linting, testing, and coverage reporting.
- Added a workflow to propagate changes between main and development branches.
- Configured pre-commit hooks for code quality checks.
- Developed a multi-stage Dockerfile for a Python web backend.
- Added MIT License to the project.
- Created README.md with project overview and setup instructions.
- Implemented a script to create GitHub issues from project planning.
- Defined development and runtime requirements in requirements.txt and requirements.dev.txt.
