unarr

torrentclaw/unarr

Fork 0

Commit graph

Author	SHA1	Message	Date
Deivid Soto	283eb54a74	fix(security): bump golang.org/x deps and add container CVE scan gate - Bump golang.org/x/{net,crypto,sys,text,term} to latest patches to clear GHSA module advisories flagged by Docker Scout. - Add Docker Scout CVE gate to the release workflow (fails only on FIXABLE critical/high; unfixed upstream ffmpeg codec CVEs are accepted and documented in SECURITY.md). - Add weekly + manual docker-rebuild workflow so newly fixed base/ ffmpeg/Go patches land on :latest between tagged releases. - Document container image vuln-scanning policy and hardening in SECURITY.md.	2026-05-21 16:53:23 +02:00

Author

SHA1

Message

Date

Deivid Soto

283eb54a74

fix(security): bump golang.org/x deps and add container CVE scan gate

- Bump golang.org/x/{net,crypto,sys,text,term} to latest patches to
  clear GHSA module advisories flagged by Docker Scout.
- Add Docker Scout CVE gate to the release workflow (fails only on
  FIXABLE critical/high; unfixed upstream ffmpeg codec CVEs are accepted
  and documented in SECURITY.md).
- Add weekly + manual docker-rebuild workflow so newly fixed base/
  ffmpeg/Go patches land on :latest between tagged releases.
- Document container image vuln-scanning policy and hardening in
  SECURITY.md.

2026-05-21 16:53:23 +02:00

1 commit