akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
3,752 Commits 11 Branches 107 Tags
v0.25.4
Commit Graph

179 Commits

Author SHA1 Message Date
Wikid82 6509bb5d1b chore(docker): update GeoLite2-Country.mmdb checksum 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: b018842033872f19ed9ccefb863ec954f8024db2ae913d0d4ea14e35ace4eba1
New: 62049119bd084e19fff4689bebe258f18a5f27a386e6d26ba5180941b613fc2b

Auto-generated by: .github/workflows/update-geolite2.yml
 2026-04-20 02:58:45 +00:00
Jeremy 83b361ae57 Merge pull request #938 from Wikid82/nightly 
Weekly: Promote nightly to main (2026-04-13)
 2026-04-13 08:48:06 -04:00
Wikid82 00ba5b3650 chore(docker): update GeoLite2-Country.mmdb checksum 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: f5e80a9a3129d46e75c8cccd66bfac725b0449a6c89ba5093a16561d58f20bda
New: b018842033872f19ed9ccefb863ec954f8024db2ae913d0d4ea14e35ace4eba1

Auto-generated by: .github/workflows/update-geolite2.yml
 2026-04-13 02:59:03 +00:00
renovate[bot] ed9d6fe5d8 fix(deps): update non-major-updates 2026-04-10 15:11:47 +00:00
GitHub Actions 615e5a95f5 fix: downgrade pgx/v4 to v4.18.3 to address buffer overflow vulnerability 2026-04-09 19:09:25 +00:00
renovate[bot] f05c24dd66 chore(deps): update module github.com/jackc/pgx/v4 to v5 2026-04-09 18:24:32 +00:00
GitHub Actions 580e20d573 fix: resolve 5 HIGH-severity CVEs blocking nightly container image scan 
Patch vulnerable transitive dependencies across all three compiled
binaries in the Docker image (backend, Caddy, CrowdSec):

- go-jose/v3 and v4: JOSE/JWT validation bypass (CVE-2026-34986)
- otel/sdk: resource leak in OpenTelemetry SDK (CVE-2026-39883)
- pgproto3/v2: buffer overflow via pgx/v4 bump (CVE-2026-32286)
- AWS SDK v2: event stream injection in CrowdSec deps (GHSA-xmrv-pmrh-hhx2)
- OTel HTTP exporters: request smuggling (CVE-2026-39882)
- gRPC: bumped to v1.80.0 for transitive go-jose/v4 resolution

All Dockerfile patches include Renovate annotations for automated
future tracking. Renovate config extended to cover Go version and
GitHub Action refs in skill example workflows, preventing version
drift in non-CI files. SECURITY.md updated with pre-existing Alpine
base image CVE (no upstream fix available).

Nightly Go stdlib CVEs (1.26.1) self-heal on next development sync;
example workflow pinned to 1.26.2 for correctness.
 2026-04-09 17:24:25 +00:00
renovate[bot] 73565e0e0d fix(deps): update non-major-updates 2026-04-09 09:20:57 +00:00
Jeremy 79f0080c80 Merge pull request #915 from Wikid82/main 
Propagate changes from main into development
 2026-04-06 01:07:49 -04:00
Wikid82 f5ab2cddd8 chore(docker): update GeoLite2-Country.mmdb checksum 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: 7840f4b8891e7c866f948d4b020cdc12aeea51b09450b44ad96d1f14f6e32879
New: f5e80a9a3129d46e75c8cccd66bfac725b0449a6c89ba5093a16561d58f20bda

Auto-generated by: .github/workflows/update-geolite2.yml
 2026-04-06 02:58:45 +00:00
Jeremy d0deef1537 Merge branch 'development' into feature/beta-release 2026-04-03 21:08:07 -04:00
renovate[bot] b45861090d fix(deps): update non-major-updates 2026-04-04 00:58:06 +00:00
GitHub Actions 29985714a3 fix: update CORAZA_CADDY_VERSION to 2.4.0 for compatibility improvements 2026-04-03 22:39:40 +00:00
GitHub Actions 64c9d7adbe fix: update CADDY_SECURITY_VERSION to 1.1.61 for security improvements 2026-04-03 22:38:28 +00:00
renovate[bot] 543388b5a4 fix(deps): update non-major-updates 2026-03-31 01:08:59 +00:00
GitHub Actions 0a43a76a4a fix: update CROWDSEC_VERSION to 1.7.7 for compatibility improvements 2026-03-30 22:20:37 +00:00
GitHub Actions c852838644 fix: update CORAZA_CADDY_VERSION to 2.3.0 for compatibility improvements 2026-03-30 22:19:49 +00:00
GitHub Actions 9740ddb813 fix: update CADDY_SECURITY_VERSION to 1.1.57 for security improvements 2026-03-30 22:19:07 +00:00
Jeremy ecf314b2e5 Merge branch 'main' into bot/update-geolite2-checksum 2026-03-30 17:56:36 -04:00
Wikid82 e32f3dfb57 chore(docker): update GeoLite2-Country.mmdb checksum 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: c6549807950f93f609d6433fa295fa517fbdec0ad975a4aafba69c136d5d2347
New: 7840f4b8891e7c866f948d4b020cdc12aeea51b09450b44ad96d1f14f6e32879

Auto-generated by: .github/workflows/update-geolite2.yml
 2026-03-30 02:58:26 +00:00
GitHub Actions f40fca844f fix: update CADDY_SECURITY_VERSION to 1.1.53 for security improvements 2026-03-25 20:47:46 +00:00
GitHub Actions 0a4ac41242 fix: update CADDY_SECURITY_VERSION to 1.1.52 for security improvements 2026-03-25 19:34:48 +00:00
GitHub Actions 8702d7b76d fix(deps): update CADDY_SECURITY_VERSION to 1.1.51 for security improvements 2026-03-25 04:10:05 +00:00
Jeremy 6c6c3f3373 Merge pull request #880 from Wikid82/main 
Propagate changes from main into development
 2026-03-24 02:41:00 -04:00
Wikid82 6fc4409513 chore(docker): update GeoLite2-Country.mmdb checksum 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: aa154fc6bcd712644de232a4abcdd07dac1f801308c0b6f93dbc2b375443da7b
New: c6549807950f93f609d6433fa295fa517fbdec0ad975a4aafba69c136d5d2347

Auto-generated by: .github/workflows/update-geolite2.yml
 2026-03-23 02:57:35 +00:00
GitHub Actions 68d21fc20b fix: patch CVE-2026-30836 in Caddy build by pinning smallstep/certificates to v0.30.0 2026-03-20 04:15:29 +00:00
GitHub Actions 5bf7b54496 chore: proactively pin grpc and goxmldsig in Docker builder stages to patch embedded binary CVEs 2026-03-19 18:18:28 +00:00
GitHub Actions 19b388d865 fix: update Caddy security version to 1.1.50 in Dockerfile 2026-03-18 22:11:50 +00:00
renovate[bot] 4c375ad86f chore(deps): update module github.com/greenpau/caddy-security to v1.1.49 2026-03-18 02:33:53 +00:00
GitHub Actions 8b0011f6c6 fix(ci): enhance rate limit integration test reliability 
- Added HTTP status checks for login and security config POST requests to ensure proper error handling.
- Implemented a readiness gate for the Caddy admin API before applying security configurations.
- Increased sleep duration before verifying rate limit handler to accommodate Caddy's configuration propagation.
- Changed verification failure from a warning to a hard exit to prevent misleading test results.
- Updated Caddy admin API URL to use the canonical trailing slash in multiple locations.
- Adjusted retry parameters for rate limit verification to reduce polling noise.
- Removed stale GeoIP checksum validation from the Dockerfile's non-CI path to simplify the build process.
 2026-03-17 14:05:25 +00:00
Jeremy ec1b79c2b7 Merge branch 'development' into feature/beta-release 2026-03-16 08:30:45 -04:00
renovate[bot] edd7405313 chore(deps): update non-major-updates 2026-03-16 12:28:25 +00:00
GitHub Actions 79800871fa fix: harden frontend-builder with npm upgrade to mitigate bundled CVEs 2026-03-16 12:26:55 +00:00
Jeremy 34d5cca972 Merge branch 'main' into nightly 2026-03-16 07:35:56 -04:00
Wikid82 3570c05805 chore(docker): update GeoLite2-Country.mmdb checksum 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: b79afc28a0a52f89c15e8d92b05c173f314dd4f687719f96cf921012d900fcce
New: aa154fc6bcd712644de232a4abcdd07dac1f801308c0b6f93dbc2b375443da7b

Auto-generated by: .github/workflows/update-geolite2.yml
 2026-03-16 02:58:27 +00:00
GitHub Actions b66cc34e1c fix: update Caddy security version to 1.1.48 in Dockerfile 2026-03-15 20:49:53 +00:00
GitHub Actions f8e8440388 fix: correct GeoIP CI detection to require truthy value 2026-03-15 11:15:56 +00:00
GitHub Actions 4b170b69e0 fix: update Caddy security version to 1.1.47 in Dockerfile 2026-03-15 03:25:41 +00:00
GitHub Actions bad97102e1 fix: repair GeoIP CI detection and harden httpbin startup in integration tests 2026-03-13 20:07:30 +00:00
GitHub Actions 4b896c2e3c fix: replace curl with wget for healthcheck commands in Docker configurations 2026-03-13 14:13:37 +00:00
GitHub Actions 354ff0068a fix: upgrade zlib package in Dockerfile to ensure latest security patches 2026-03-13 12:10:38 +00:00
GitHub Actions fb9b6cae76 fix(deps): update caddy-security version to 1.1.46 2026-03-13 01:37:09 +00:00
GitHub Actions d4081d954f chore: update dependencies and configuration for Vite and Vitest 
- Bump versions of @vitejs/plugin-react, @vitest/coverage-istanbul, @vitest/coverage-v8, and @vitest/ui to their beta releases.
- Upgrade Vite and Vitest to their respective beta versions.
- Adjust Vite configuration to disable code splitting for improved React initialization stability.
 2026-03-12 04:31:31 +00:00
GitHub Actions f41bd485e3 fix(docker): update Caddy security version to 1.1.45 2026-03-10 18:20:28 +00:00
Jeremy f8ec567a35 Merge pull request #818 from Wikid82/hotfix/docker_build 
fix(docker): update CADDY_VERSION to 2.11.2 for improved stability
 2026-03-09 14:46:12 -04:00
GitHub Actions cd35f6d8c7 fix(docker): update CADDY_CANDIDATE_VERSION to 2.11.2 for consistency 2026-03-09 16:47:48 +00:00
GitHub Actions 85b0bb1f5e fix(docker): update CADDY_VERSION to 2.11.2 for improved stability 2026-03-09 16:40:30 +00:00
GitHub Actions 332872c7f5 fix: update Coraza Caddy version to 2.2.0 2026-03-09 12:48:55 +00:00
GitHub Actions c499c57296 fix: update Caddy security version to 1.1.44 2026-03-09 12:39:22 +00:00
Jeremy 36d561bbb8 Merge pull request #815 from Wikid82/nightly 
Weekly: Promote nightly to main (2026-03-09)
 2026-03-09 08:36:28 -04:00