changed perms

Merge branch 'development' into main
Merge pull request #962 from Wikid82/hotfix/ci
2026-04-22 18:19:14 +00:00 · 2026-04-20 17:55:51 -04:00 · 2026-04-20 12:56:13 -04:00 · 2026-04-20 12:17:15 -04:00 · 2026-04-20 08:50:29 -04:00 · 2026-04-20 12:48:33 +00:00
2023 changed files with 4224 additions and 979 deletions
@@ -303,6 +303,19 @@ ACQUIS_EOF
    # Also handle case where it might be without trailing slash
    sed -i 's|log_dir: /var/log$|log_dir: /var/log/crowdsec|g' "$CS_CONFIG_DIR/config.yaml"

+    # Redirect CrowdSec LAPI database to persistent volume
+    # Default path /var/lib/crowdsec/data/crowdsec.db is ephemeral (not volume-mounted),
+    # so it is destroyed on every container rebuild. The bouncer API key (stored on the
+    # persistent volume at /app/data/crowdsec/) survives rebuilds but the LAPI database
+    # that validates it does not — causing perpetual key rejection.
+    # Redirecting db_path to the volume-mounted CS_DATA_DIR fixes this.
+    sed -i "s|db_path: /var/lib/crowdsec/data/crowdsec.db|db_path: ${CS_DATA_DIR}/crowdsec.db|g" "$CS_CONFIG_DIR/config.yaml"
+    if grep -q "db_path:.*${CS_DATA_DIR}" "$CS_CONFIG_DIR/config.yaml"; then
+        echo "✓ CrowdSec LAPI database redirected to persistent volume: ${CS_DATA_DIR}/crowdsec.db"
+    else
+        echo "⚠️  WARNING: Could not verify LAPI db_path redirect — bouncer keys may not survive rebuilds"
+    fi
+
    # Verify LAPI configuration was applied correctly
    if grep -q "listen_uri:.*:8085" "$CS_CONFIG_DIR/config.yaml"; then
        echo "✓ CrowdSec LAPI configured for port 8085"
@@ -324,6 +324,12 @@
      "matchDatasources": ["go"],
      "matchPackageNames": ["github.com/oschwald/geoip2-golang/v2"],
      "sourceUrl": "https://github.com/oschwald/geoip2-golang"
+    },
+    {
+      "description": "Fix Renovate lookup for google/uuid",
+      "matchDatasources": ["go"],
+      "matchPackageNames": ["github.com/google/uuid"],
+      "sourceUrl": "https://github.com/google/uuid"
    }
  ]
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
akanealw	eec8c28fb3	changed perms Go Benchmark / Performance Regression Check (push) Has been cancelled Details Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled Details Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled Details Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled Details CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled Details CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled Details CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled Details Docker Build, Publish & Test / build-and-push (push) Has been cancelled Details Quality Checks / Auth Route Protection Contract (push) Has been cancelled Details Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled Details Quality Checks / Backend (Go) (push) Has been cancelled Details Quality Checks / Frontend (React) (push) Has been cancelled Details Rate Limit integration / Rate Limiting Integration (push) Has been cancelled Details Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled Details Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled Details WAF integration / Coraza WAF Integration (push) Has been cancelled Details Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled Details Repo Health Check / Repo health (push) Has been cancelled Details History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled Details Prune Renovate Branches / prune (push) Has been cancelled Details Renovate / renovate (push) Has been cancelled Details Nightly Build & Package / sync-development-to-nightly (push) Has been cancelled Details Nightly Build & Package / Trigger Nightly Validation Workflows (push) Has been cancelled Details Nightly Build & Package / build-and-push-nightly (push) Has been cancelled Details Nightly Build & Package / test-nightly-image (push) Has been cancelled Details Nightly Build & Package / verify-nightly-supply-chain (push) Has been cancelled Details Update GeoLite2 Checksum / update-checksum (push) Has been cancelled Details Container Registry Prune / prune-ghcr (push) Has been cancelled Details Container Registry Prune / prune-dockerhub (push) Has been cancelled Details Container Registry Prune / summarize (push) Has been cancelled Details Supply Chain Verification / Verify SBOM (push) Has been cancelled Details Supply Chain Verification / Verify Release Artifacts (push) Has been cancelled Details Supply Chain Verification / Verify Docker Image Supply Chain (push) Has been cancelled Details Monitor Caddy Major Release / check-caddy-major (push) Has been cancelled Details Weekly Nightly to Main Promotion / Verify Nightly Branch Health (push) Has been cancelled Details Weekly Nightly to Main Promotion / Create Promotion PR (push) Has been cancelled Details Weekly Nightly to Main Promotion / Trigger Missing Required Checks (push) Has been cancelled Details Weekly Nightly to Main Promotion / Notify on Failure (push) Has been cancelled Details Weekly Nightly to Main Promotion / Workflow Summary (push) Has been cancelled Details Weekly Security Rebuild / Security Rebuild & Scan (push) Has been cancelled Details	2026-04-22 18:19:14 +00:00
Jeremy	a599623ea9	Merge branch 'development' into main	2026-04-20 17:55:51 -04:00
Jeremy	0f0a442d74	Merge pull request #962 from Wikid82/hotfix/ci fix(ci): shift GeoLite2 update to Sunday targeting development branch	2026-04-20 12:56:13 -04:00
Jeremy	a8cd4bf34c	Merge branch 'feature/beta-release' into development	2026-04-20 12:17:15 -04:00
Jeremy	02911109ef	Merge pull request #960 from Wikid82/main Propagate changes from main into development	2026-04-20 08:50:29 -04:00
GitHub Actions	2bad9fec53	fix: make URL preview invite modal test deterministic	2026-04-20 12:48:33 +00:00
Jeremy	54ce6f677c	Merge pull request #959 from Wikid82/renovate/feature/beta-release-non-major-updates fix(deps): update non-major-updates (feature/beta-release)	2026-04-20 08:34:32 -04:00
Jeremy	ad7704c1df	Merge branch 'feature/beta-release' into renovate/feature/beta-release-non-major-updates	2026-04-20 08:02:55 -04:00
GitHub Actions	330ccae82f	fix: update vulnerability suppression for buger/jsonparser to reflect upstream fix availability	2026-04-20 11:56:26 +00:00
renovate[bot]	0a5bb296a9	fix(deps): update non-major-updates	2026-04-20 11:56:08 +00:00
GitHub Actions	437a35bd47	fix: replace div with button for close action in whitelist delete modal Co-authored-by: Copilot <copilot@github.com>	2026-04-20 11:29:10 +00:00
GitHub Actions	612d3655fa	fix: improve IP normalization in normalizeIPOrCIDR function Co-authored-by: Copilot <copilot@github.com>	2026-04-20 11:27:56 +00:00
GitHub Actions	38cdc5d9d0	fix(deps): update @oxc-project/types and @rolldown dependencies to version 0.126.0 and 1.0.0-rc.16 respectively	2026-04-20 11:16:56 +00:00
GitHub Actions	816124634b	fix(deps): update @oxc-parser dependencies to version 0.126.0 and remove unused packages	2026-04-20 11:16:20 +00:00
GitHub Actions	2b2f3c876b	chore: fix Renovate lookup failure for google/uuid dependency	2026-04-20 11:02:31 +00:00
Jeremy	20f2624653	Merge pull request #957 from Wikid82/renovate/feature/beta-release-non-major-updates fix(deps): update non-major-updates (feature/beta-release)	2026-04-20 06:51:03 -04:00
Jeremy	e8724c5edc	Merge branch 'feature/beta-release' into renovate/feature/beta-release-non-major-updates	2026-04-19 17:13:04 -04:00
GitHub Actions	2c284bdd49	test: add tests for handling empty UUID in DeleteWhitelist and invalid CIDR in Add method	2026-04-19 21:11:14 +00:00
GitHub Actions	db1e77ceb3	test(coverage): cover all modified lines for 100% patch coverage vs origin/main - Add domains field to certificate mock to exercise per-domain loop in Dashboard component, covering the previously untested branch - Extend CrowdSec whitelist test suite with backdrop-click close test to cover the dialog dismissal handler - Remove duplicate describe blocks introduced when whitelist API tests were appended to crowdsec.test.ts, resolving ESLint vitest/no-identical-title errors that were blocking pre-commit hooks	2026-04-19 21:08:26 +00:00
GitHub Actions	df5e69236a	fix(deps): update dependencies for improved stability and performance	2026-04-19 21:03:48 +00:00
renovate[bot]	a3259b042d	fix(deps): update non-major-updates	2026-04-19 17:10:33 +00:00
GitHub Actions	f5e7c2bdfc	fix(test): resolve CrowdSec card title lookup in Security test mock The Security component renders the CrowdSec card title using the nested translation key 'security.crowdsec.title', but the test mock only had the flat key 'security.crowdsec'. The mock fallback returns the key string itself when a lookup misses, causing getByText('CrowdSec') to find nothing. Added 'security.crowdsec.title' to the securityTranslations map so the mock resolves to the expected 'CrowdSec' string, matching the component's actual t() call and allowing the title assertion to pass.	2026-04-18 01:39:06 +00:00
GitHub Actions	0859ab31ab	fix(deps): update modernc.org/sqlite to version 1.49.1 for improved functionality	2026-04-18 01:36:58 +00:00
GitHub Actions	c02219cc92	fix(deps): update @asamuzakjp/dom-selector, @humanfs/core, @humanfs/node, and hasown to latest versions; add @humanfs/types dependency	2026-04-18 01:35:43 +00:00
GitHub Actions	d73b3aee5c	fix(deps): update @humanfs/core and @humanfs/node to latest versions and add @humanfs/types dependency	2026-04-18 01:34:43 +00:00
Jeremy	80eb91e9a1	Merge pull request #956 from Wikid82/renovate/feature/beta-release-non-major-updates fix(deps): update non-major-updates (feature/beta-release)	2026-04-17 21:33:31 -04:00
renovate[bot]	aa6c751007	fix(deps): update non-major-updates	2026-04-17 20:39:46 +00:00
GitHub Actions	1af786e7c8	fix: update eslint-plugin-react-hooks and typescript to latest versions for improved compatibility	2026-04-16 23:53:11 +00:00
GitHub Actions	c46c1976a2	fix: update typescript to version 6.0.3 for improved functionality and security	2026-04-16 23:52:39 +00:00
GitHub Actions	3b3ea83ecd	chore: add database error handling tests for whitelist service and handler	2026-04-16 23:51:01 +00:00
GitHub Actions	5980a8081c	fix: improve regex for delete button name matching in CrowdSec IP Whitelist tests	2026-04-16 14:12:07 +00:00
GitHub Actions	55f64f8050	fix: update translation keys for CrowdSec security titles and badges	2026-04-16 14:07:36 +00:00
GitHub Actions	983ae34147	fix(docker): persist CrowdSec LAPI database across container rebuilds	2026-04-16 14:04:15 +00:00
GitHub Actions	4232c0a8ee	fix: update benchmark-action/github-action-benchmark to v1.22.0 and mlugg/setup-zig to v2.2.1 for improved security and functionality	2026-04-16 13:34:36 +00:00
GitHub Actions	402a8b3105	fix: update electron-to-chromium, eslint-plugin-sonarjs, minimatch, and ts-api-utils to latest versions	2026-04-16 13:34:36 +00:00
GitHub Actions	f46bb838ca	feat: add QA audit report for CrowdSec IP Whitelist Management	2026-04-16 13:34:36 +00:00
GitHub Actions	3d0179a119	fix: update @asamuzakjp/css-color and @asamuzakjp/dom-selector to latest versions and add @asamuzakjp/generational-cache dependency	2026-04-16 13:34:36 +00:00
GitHub Actions	557b33dc73	fix: update docker/go-connections dependency to v0.7.0	2026-04-16 13:34:36 +00:00
GitHub Actions	2a1652d0b1	feat: add IP whitelist management details to architecture documentation	2026-04-16 13:34:36 +00:00
GitHub Actions	f0fdf9b752	test: update response key for whitelist entries and add validation test for missing fields	2026-04-16 13:34:36 +00:00
GitHub Actions	973efd6412	fix: initialize WhitelistSvc only if db is not nil and update error message in AddWhitelist handler	2026-04-16 13:34:36 +00:00
GitHub Actions	028342c63a	fix: update JSON response key for whitelist entries in ListWhitelists handler	2026-04-16 13:34:36 +00:00
GitHub Actions	eb9b907ba3	feat: add end-to-end tests for CrowdSec IP whitelist management	2026-04-16 13:34:36 +00:00
GitHub Actions	aee0eeef82	feat: add unit tests for useCrowdSecWhitelist hooks	2026-04-16 13:34:36 +00:00
GitHub Actions	c977cf6190	feat: add whitelist management functionality to CrowdSecConfig	2026-04-16 13:34:36 +00:00
GitHub Actions	28bc73bb1a	feat: add whitelist management hooks for querying and mutating whitelist entries	2026-04-16 13:34:36 +00:00
GitHub Actions	19719693b0	feat: add unit tests for CrowdSecWhitelistService and CrowdsecHandler	2026-04-16 13:34:36 +00:00
GitHub Actions	a243066691	feat: regenerate whitelist YAML on CrowdSec startup	2026-04-16 13:34:36 +00:00
GitHub Actions	741a59c333	feat: add whitelist management endpoints to CrowdsecHandler	2026-04-16 13:34:36 +00:00
GitHub Actions	5642a37c44	feat: implement CrowdSecWhitelistService for managing IP/CIDR whitelists	2026-04-16 13:34:36 +00:00
GitHub Actions	1726a19cb6	feat: add CrowdSecWhitelist model and integrate into API route registration	2026-04-16 13:34:36 +00:00
GitHub Actions	40090cda23	feat: add installation of crowdsecurity/whitelists parser	2026-04-16 13:34:36 +00:00
Jeremy	9945fac150	Merge branch 'development' into feature/beta-release	2026-04-16 09:33:49 -04:00
Jeremy	abf88ab4cb	Merge pull request #954 from Wikid82/renovate/feature/beta-release-non-major-updates chore(deps): update non-major-updates (feature/beta-release)	2026-04-16 09:33:04 -04:00
renovate[bot]	98c720987d	chore(deps): update non-major-updates	2026-04-16 13:26:37 +00:00
Jeremy	1bd7eab223	Merge pull request #953 from Wikid82/development Propagate changes from development into feature/beta-release	2026-04-16 09:25:43 -04:00
Jeremy	080e17d85a	Merge pull request #951 from Wikid82/main chore(config): migrate config .github/renovate.json	2026-04-15 13:23:05 -04:00
GitHub Actions	0a3b64ba5c	fix: correct misplaced env block in propagate-changes workflow	2026-04-15 17:19:19 +00:00