fix: update log message to include an icon for SQL injection detection

Ensures Renovate detects and updates Alpine 3.23 to future versions
(3.24, 3.25, etc.) automatically without manual monitoring.

Dockerfile

@@ -18,6 +18,7 @@ ARG CADDY_VERSION=2.10.2
 ## plain Alpine base image and overwrite its caddy binary with our
 ## xcaddy-built binary in the later COPY step. This avoids relying on
 ## upstream caddy image tags while still shipping a pinned caddy binary.
+# renovate: datasource=docker depName=alpine
 ARG CADDY_IMAGE=alpine:3.23
 
 # ---- Cross-Compilation Helpers ----
@@ -203,6 +204,7 @@ RUN mkdir -p /crowdsec-out/config && \
     cp -r config/* /crowdsec-out/config/ || true
 
 # ---- CrowdSec Fallback (for architectures where build fails) ----
+# renovate: datasource=docker depName=alpine
 FROM alpine:3.23 AS crowdsec-fallback
 
 WORKDIR /tmp/crowdsec

frontend/src/components/__tests__/LiveLogViewer.test.tsx

@@ -406,7 +406,7 @@ describe('LiveLogViewer', () => {
       // Use findBy queries (built-in waiting) instead of single waitFor with multiple assertions
       // This avoids race conditions where one failing assertion causes the entire block to retry
       await screen.findByText('10.0.0.1');
-      await screen.findByText(/BLOCKED: SQL injection detected/);
+      await screen.findByText(/🚫 BLOCKED: SQL injection detected/);
       await screen.findByText(/\[SQL injection detected\]/);
 
       // For getAllByText, keep in waitFor but separate from other assertions