Compare commits
14 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
7bca378275 | ||
|
7106efa94a | ||
|
|
a26beefb08 | ||
|
|
833e2de2d6 | ||
|
|
e65dfa3979 | ||
|
|
8f6ebf6107 | ||
|
|
e1925b0f5e | ||
|
|
8c44d52b69 | ||
|
0600f9da2a | ||
|
|
e66404c817 | ||
|
|
51cba4ec80 | ||
|
|
99b8ed1996 | ||
|
|
18868a47fc | ||
|
|
cb5bd01a93 |
12
.github/renovate.json
vendored
12
.github/renovate.json
vendored
@@ -14,8 +14,11 @@
|
||||
"labels": ["dependencies"],
|
||||
"rebaseWhen": "conflicted",
|
||||
"vulnerabilityAlerts": { "enabled": true },
|
||||
"schedule": ["every weekday"],
|
||||
"schedule": ["before 4am on Monday"],
|
||||
"rangeStrategy": "bump",
|
||||
"automerge": true,
|
||||
"automergeType": "pr",
|
||||
"platformAutomerge": true,
|
||||
"customManagers": [
|
||||
{
|
||||
"customType": "regex",
|
||||
@@ -29,6 +32,11 @@
|
||||
}
|
||||
],
|
||||
"packageRules": [
|
||||
{
|
||||
"description": "Automerge digest updates (action pins, Docker SHAs)",
|
||||
"matchUpdateTypes": ["digest", "pin"],
|
||||
"automerge": true
|
||||
},
|
||||
{
|
||||
"description": "Caddy transitive dependency patches in Dockerfile",
|
||||
"matchManagers": ["regex"],
|
||||
@@ -55,7 +63,7 @@
|
||||
"matchManagers": ["gomod"],
|
||||
"labels": ["dependencies", "go"],
|
||||
"matchUpdateTypes": ["minor", "patch"],
|
||||
"automerge": false
|
||||
"automerge": true
|
||||
},
|
||||
{
|
||||
"description": "GitHub Actions updates",
|
||||
|
||||
1
.github/workflows/docker-build.yml
vendored
1
.github/workflows/docker-build.yml
vendored
@@ -110,6 +110,7 @@ jobs:
|
||||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
pull: true # Always pull fresh base images to get latest security patches
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
build-args: |
|
||||
|
||||
2
.github/workflows/docker-publish.yml
vendored
2
.github/workflows/docker-publish.yml
vendored
@@ -114,6 +114,8 @@ jobs:
|
||||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
# Always pull fresh base images to get latest security patches
|
||||
pull: true
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
build-args: |
|
||||
|
||||
2
.github/workflows/release-goreleaser.yml
vendored
2
.github/workflows/release-goreleaser.yml
vendored
@@ -26,7 +26,7 @@ jobs:
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6
|
||||
with:
|
||||
go-version: '1.23.x'
|
||||
go-version: '1.25.5'
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6
|
||||
|
||||
@@ -110,7 +110,7 @@ jobs:
|
||||
severity: 'CRITICAL,HIGH,MEDIUM,LOW'
|
||||
|
||||
- name: Upload Trivy JSON results
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
|
||||
with:
|
||||
name: trivy-weekly-scan-${{ github.run_number }}
|
||||
path: trivy-weekly-results.json
|
||||
|
||||
@@ -18,6 +18,7 @@ ARG CADDY_VERSION=2.10.2
|
||||
## plain Alpine base image and overwrite its caddy binary with our
|
||||
## xcaddy-built binary in the later COPY step. This avoids relying on
|
||||
## upstream caddy image tags while still shipping a pinned caddy binary.
|
||||
# renovate: datasource=docker depName=alpine
|
||||
ARG CADDY_IMAGE=alpine:3.23
|
||||
|
||||
# ---- Cross-Compilation Helpers ----
|
||||
@@ -203,6 +204,7 @@ RUN mkdir -p /crowdsec-out/config && \
|
||||
cp -r config/* /crowdsec-out/config/ || true
|
||||
|
||||
# ---- CrowdSec Fallback (for architectures where build fails) ----
|
||||
# renovate: datasource=docker depName=alpine
|
||||
FROM alpine:3.23 AS crowdsec-fallback
|
||||
|
||||
WORKDIR /tmp/crowdsec
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
module github.com/Wikid82/charon/backend
|
||||
|
||||
go 1.25
|
||||
go 1.25.5
|
||||
|
||||
require (
|
||||
github.com/containrrr/shoutrrr v0.8.0
|
||||
|
||||
@@ -406,7 +406,7 @@ describe('LiveLogViewer', () => {
|
||||
// Use findBy queries (built-in waiting) instead of single waitFor with multiple assertions
|
||||
// This avoids race conditions where one failing assertion causes the entire block to retry
|
||||
await screen.findByText('10.0.0.1');
|
||||
await screen.findByText(/BLOCKED: SQL injection detected/);
|
||||
await screen.findByText(/🚫 BLOCKED: SQL injection detected/);
|
||||
await screen.findByText(/\[SQL injection detected\]/);
|
||||
|
||||
// For getAllByText, keep in waitFor but separate from other assertions
|
||||
|
||||
@@ -42,6 +42,7 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua
|
||||
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
|
||||
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f h1:KUppIJq7/+SVif2QVs3tOP0zanoHgBEVAwHxUSIzRqU=
|
||||
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
|
||||
github.com/oschwald/maxminddb-golang/v2 v2.1.1/go.mod h1:PLdx6PR+siSIoXqqy7C7r3SB3KZnhxWr1Dp6g0Hacl8=
|
||||
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
|
||||
github.com/prometheus/client_golang v1.20.4/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
|
||||
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
||||
|
||||
Reference in New Issue
Block a user