Skip to content

Propagate changes from main into development#880

Merged
Wikid82 merged 2 commits intodevelopmentfrom
main
Mar 24, 2026
Merged

Propagate changes from main into development#880
Wikid82 merged 2 commits intodevelopmentfrom
main

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions bot commented Mar 24, 2026

Automated PR to propagate changes from main into development.

Triggered by push to main.

Wikid82 and others added 2 commits March 23, 2026 02:57
@Wikid82 @github-actions
chore(docker): update GeoLite2-Country.mmdb checksum
6fc4409 
Automated checksum update for GeoLite2-Country.mmdb database.

Old: aa154fc6bcd712644de232a4abcdd07dac1f801308c0b6f93dbc2b375443da7b
New: c6549807950f93f609d6433fa295fa517fbdec0ad975a4aafba69c136d5d2347

Auto-generated by: .github/workflows/update-geolite2.yml
@Wikid82
Merge pull request #876 from Wikid82/bot/update-geolite2-checksum
583633c 
chore(docker): update GeoLite2-Country.mmdb checksum
@github-advanced-security
Copy link
Copy Markdown
Contributor

github-advanced-security bot commented Mar 24, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@Wikid82 Wikid82 marked this pull request as ready for review March 24, 2026 06:40
Copilot AI review requested due to automatic review settings March 24, 2026 06:40
@Wikid82 Wikid82 merged commit 6c6c3f3 into development Mar 24, 2026
52 of 55 checks passed
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Automated sync PR to keep development aligned with main, updating the pinned checksum used to validate the downloaded GeoLite2 Country database during Docker image builds.

Changes:

  • Update GEOLITE2_COUNTRY_SHA256 to match the current GeoLite2-Country.mmdb content used by the Docker build.
Comments suppressed due to low confidence (1)

Dockerfile:439

  • The GeoLite2 database is downloaded from a mutable URL (GitHub raw/download), and in the CI branch the file is accepted without any checksum verification. This can cause supply-chain risk (unverified artifact in CI builds) and also leads to frequent rebuild breakages when the upstream file changes and the pinned SHA becomes stale. Consider pinning the download to a specific release/tag/commit (immutable URL) and verifying the checksum in CI as well (even if with a shorter timeout).
ARG GEOLITE2_COUNTRY_SHA256=c6549807950f93f609d6433fa295fa517fbdec0ad975a4aafba69c136d5d2347
RUN mkdir -p /app/data/geoip && \
        if [ -n "$CI" ]; then \
            echo "⏱️  CI detected - quick download (10s timeout, no retries)"; \
            if curl -fSL -m 10 "https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-Country.mmdb" \
                -o /app/data/geoip/GeoLite2-Country.mmdb 2>/dev/null; then \

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

auto-propagate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@github-advanced-security @Wikid82