Update crowdsecurity/crowdsec Docker tag to v1.7.3 #59

The 1.7.0 release of crowdsec brings some major changes to how services are auto-detected during installation, and to the metrics shared by the log processors to LAPI.

The new detection system, cscli setup, is much more flexible and powerful:

Supports Linux, BSD and Windows (at the time, auto-detection is only performed at install time for deb and RPM packages)
More services are detected out of the box
A custom detection configuration can be provided during installation to detect custom services and generate custom acquisition configs (eg, when not using default log paths)
The auto-detection can be skipped if the configuration is managed with tools like Ansible

Learn more about it in our documentation.

The Log Processors now send metrics about the acquisition (number of lines read and parsed per datasource) and the parsers (number of events parsed, unparsed, or whitelisted) to LAPI.
Those metrics are shown when running cscli machines inspect XXX.
In the future, they will also be displayed in the console and used to detect potentially misconfigured or misbehaving installations.

Other notable changes include:

Support for swarm in the docker datasource
Better CRS integration in the WAF (this will continue to be improved over time)
New expr helpers to compute the average and median time between events

[!WARNING]
Starting with this release, when crowdsec is run in a docker (or podman) container, a volume must be provided /var/lib/crowdsec/data/, otherwise the container will refuse to start.
This requirement does not apply to Kubernetes.

[!NOTE]
As previously documented here, the cscli dashboard command has been removed.
If you are still using the metabase dashboard, we recommend you migrate to https://app.crowdsec.net

Changes

use go 1.24.6 (#3835) @mmetc
CI: update actions; drop version comments (#3823) @mmetc
install scripts: echo -e -> echo (we're not requiring bash anymore) (#3799) @mmetc
move detect.yaml to /var/lib/crowdsec/data (#3797) @mmetc
restore wizard.sh --unattended (#3790) @mmetc
cleanup wizard.sh (#3786) @mmetc
remove the cscli_setup feature flag (#3784) @mmetc
add detect.yaml in rpm files section (#3773) @sabban
refact whitelist/allowlist: net.IP to net/netip (#3683) @mmetc
refact: pkg/database decisions filter, queries (#3635) @mmetc

New Features

cscli: remove "dashboard" command (#3004) @mmetc
clean up buckets serialization code (#3777) @sabban
cscli setup: new service detection and configuration (#3730) @mmetc
feat: add swarm support to docker acquistion (#3744) @LaurenceJJones

Improvements

WAF: Improve user-experience with CRS and modsecurity rules (#3827) @blotus
cscli setup: allow skipping service detection with $CROWDSEC_SETUP_UN… (#3822) @mmetc
cscli setup: improve service detection and datasource validation (#3812) @mmetc
cscli setup: skip missing items, fix collection name (#3794) @mmetc
Improve the output of appsec cscli hubtest (#3791) @buixor
cscli setup improvements (#3789) @mmetc
cscli: print command name along with errors (#3768) @mmetc
enhance: Add 2 time helpers for average and median (#3748) @LaurenceJJones
usage metrics: report acquisition + parsers metrics to LAPI (#3709) @blotus
improve datasource validation (goccy/go-yaml) (#3646) @mmetc

Bug Fixes

fix "cscli alerts list -s " for alerts with no decisions (#3830) @mmetc
unify the output format of start_at and stop_at (#3819) @buixor
pkg/cwhub: fix relative symlink resolution (#3824) @mmetc
fix: Postint check also if api.server.enable is false (#3802) @LaurenceJJones
detect.yaml: always acquire ssh logs from file if present (#3825) @mmetc
detect.yaml: avoid double acquisition on deb (#3821) @mmetc
review config/detect.yaml (#3820) @mmetc
fix rpm detect.yaml (#3814) @sabban
CI: remove config/detect.yaml reference from rpm (#3813) @mmetc
fix rpm dovecot detection (#3796) @sabban
Increase hub download timeout to 10 minutes (#3785) @mmetc
docker: enforce volume use for /var/lib/crowdsec/data/ (#3757) @blotus
setup: add detect.yaml to windows install (#3775) @blotus
fix timemachine lock (#3767) @sabban
appsec: properly set URI in the original request object for use in hooks (#3755) @blotus

Chore / Deps

build(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 (#3816) @dependabot[bot]
build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 (#3818) @dependabot[bot]
build(deps): bump github.com/crowdsecurity/machineid from 1.0.2 to 1.0.3 (#3769) @dependabot[bot]
build(deps): bump docker/login-action from 3.4.0 to 3.5.0 (#3783) @dependabot[bot]
update dependencies, use go 1.24.5 (#3774) @mmetc
build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.9.3 (#3761) @dependabot[bot]
build(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 (#3763) @dependabot[bot]
build(deps): bump github.com/hashicorp/go-version from 1.2.1 to 1.7.0 (#3764) @dependabot[bot]
build(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (#3765) @dependabot[bot]
build(deps): bump github.com/alexliesenfeld/health from 0.8.0 to 0.8.1 (#3760) @dependabot[bot]
build(deps): bump github.com/r3labs/diff/v2 from 2.14.1 to 2.15.1 (#3721) @dependabot[bot]
build(deps): bump google.golang.org/grpc from 1.67.1 to 1.74.2 (#3750) @dependabot[bot]
build(deps): bump github.com/go-openapi/validate from 0.20.0 to 0.24.0 (#3719) @dependabot[bot]
build(deps): bump github.com/sanity-io/litter from 1.5.5 to 1.5.8 (#3720) @dependabot[bot]
build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 (#3749) @dependabot[bot]
build(deps): bump astral-sh/setup-uv from 6.4.1 to 6.4.3 (#3753) @dependabot[bot]
build(deps): bump github/codeql-action from 3.29.2 to 3.29.4 (#3751) @dependabot[bot]
build(deps): bump golang.org/x/mod from 0.25.0 to 0.26.0 (#3746) @dependabot[bot]

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

`v1.6.11`

Compare Source

[!WARNING]
This release fixes an issue with the Windows version of CrowdSec that prevented it from shutting down properly.
Due to this issue, the service will not stop automatically when updating to this version.
You will need to manually kill the CrowdSec process in Task Manager before running the installer.

This release mainly contains small fixes:

Fixed an issue preventing proper shutdown on Windows
Fixed an issue when importing decisions where allowlists were not always checked

Changes

update lint configuration (#3667) @mmetc
context.Background() -> t.Context() (#3739) @mmetc

Bug Fixes

fix: normalize scope within range to ensure allowlist check (#3735) @LaurenceJJones
cscli: don't assume master hub branch if version check fails (after retrying) (#3732) @mmetc
windows: fix service getting stuck on shutdown (#3733) @blotus

Chore / Deps

build(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 (#3741) @dependabot[bot]
build(deps): bump astral-sh/setup-uv from 6.3.1 to 6.4.1 (#3737) @dependabot[bot]
build(deps): bump github.com/blackfireio/osinfo from 1.0.5 to 1.1.0 (#3718) @dependabot[bot]
build(deps): bump github.com/crowdsecurity/dlog from 0.0.0-20170105205344-4fb5f8204f26 to 0.0.2 (#3717) @dependabot[bot]
docker: document console options (#3724) @blotus

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

`v1.6.10`

Compare Source

Overview

This release mostly focuses on small bug fixes and improvements:

WAF: fixed a resource leak in the appsec datasource when checking bouncer authentication
Allowlists: added cscli allowlists check to check if an IP/range belongs to an allowlist
S3 datasource: added support for SNS notifications
HTTP datasource: added support for GET and HEAD requests to allow the log provider to confirm the datasource is working.

Full changelog is below.

Improvements

enhance: Add allowlist check (#3684) @LaurenceJJones
Flags for console features (#3457) @Simbiat
HTTP datasource: allow GET/HEAD request for checking if the datasource is working (#3710) @blotus
enhance: appsec reuse httpc optimization (#3693) @LaurenceJJones
hubtest: resolve relative path for 'cscli', 'crowdsec' (#3651) @mmetc
refact pkg/cwhub (#3666) @mmetc
S3 datasource: add support for SNS format (#3716) @blotus

Changes

refact pkg/acquisition: extract loop method (#3615) @mmetc
refact: plugin config parsing (#3640) @mmetc
refact: migrate net.IP -> net/netip: part 1 (#3680) @mmetc
use github.com/cenkalti/backoff/v5 for apiclient backoff (#3662) @mmetc
use go 1.24.4 (#3674) @mmetc
cscli help typos (#3707) @mmetc
move cti expr helper to pkg/cticlient (#3696) @mmetc
refact csplugin: move ProfileAlert to models (#3671) @mmetc
refact cmd/crowdsec: extract functions from runCrowdsec() (#3669) @mmetc
cscli capi register: no error if online_api_credentials.yaml does not exist (#3645) @mmetc
refact cmd/crowdsec: move plugin initialization to apiserver (#3668) @mmetc
lint: require name on interface parameters (#3614) @mmetc
unit tests: rename ./tests, ./test_data -> ./testdata (#3673) @mmetc

Bug Fixes

Fix infinite loop in decisions list for some values of limit (#3695) @blotus
fix: Reset datafiles before loading the hub on HUP (#3712) @LaurenceJJones
fix: allowlist use content created at instead of list itself (#3703) @LaurenceJJones
pkg/apiserver: remove incorrect log.Error (#3672) @mmetc

Chore / Deps

dependabot: set kind/dependencies label (#3722) @blotus
CI: update action deps (#3692) @mmetc
update golangci-lint v2.2 and config (#3713) @mmetc
refact: replace iplib with net/netip (#3642) @mmetc
update hashicorp/go-plugin (#3694) @mmetc
update github.com/jedib0t/go-pretty/ (#3705) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [crowdsecurity/crowdsec](https://github.com/crowdsecurity/crowdsec) | minor | `v1.6.9` -> `v1.7.3` | --- ### Release Notes <details> <summary>crowdsecurity/crowdsec (crowdsecurity/crowdsec)</summary> ### [`v1.7.3`](https://github.com/crowdsecurity/crowdsec/releases/tag/v1.7.3) [Compare Source](https://github.com/crowdsecurity/crowdsec/compare/v1.7.2...v1.7.3) #### Changes - move hubupdate.sh to libexec ([#4000](https://github.com/crowdsecurity/crowdsec/issues/4000)) [@mmetc](https://github.com/mmetc) - rpm: install hubupdate with full path ([#4002](https://github.com/crowdsecurity/crowdsec/issues/4002)) [@mmetc](https://github.com/mmetc) #### Geolite2 notice This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com">https://www.maxmind.com</a>. #### Installation Take a look at the [installation instructions](https://doc.crowdsec.net/docs/getting_started/install_crowdsec). ### [`v1.7.2`](https://github.com/crowdsecurity/crowdsec/releases/tag/v1.7.2) [Compare Source](https://github.com/crowdsecurity/crowdsec/compare/v1.7.0...v1.7.2) #### Changes - hub update: add systemd timer and service ([#3977](https://github.com/crowdsecurity/crowdsec/issues/3977)) - rpm: package hubupdate.sh ([#3979](https://github.com/crowdsecurity/crowdsec/issues/3979)) - rpm: immediately activate systemd timer ([#3985](https://github.com/crowdsecurity/crowdsec/issues/3985)) - Windows: Revert to windows 2022 to fix build ([#3986](https://github.com/crowdsecurity/crowdsec/issues/3986)) - deb: remove cron file ([#3987](https://github.com/crowdsecurity/crowdsec/issues/3987)) #### Geolite2 notice This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com">https://www.maxmind.com</a>. #### Installation Take a look at the [installation instructions](https://doc.crowdsec.net/docs/getting_started/install_crowdsec). ### [`v1.7.0`](https://github.com/crowdsecurity/crowdsec/releases/tag/v1.7.0) [Compare Source](https://github.com/crowdsecurity/crowdsec/compare/v1.6.11...v1.7.0) The 1.7.0 release of crowdsec brings some major changes to how services are auto-detected during installation, and to the metrics shared by the log processors to LAPI. The new detection system, `cscli setup`, is much more flexible and powerful: - Supports Linux, BSD and Windows (at the time, auto-detection is only performed at install time for deb and RPM packages) - More services are detected out of the box - A custom detection configuration can be provided during installation to detect custom services and generate custom acquisition configs (eg, when not using default log paths) - The auto-detection can be skipped if the configuration is managed with tools like Ansible Learn more about it in [our documentation](https://docs.crowdsec.net/docs/log_processor/service-discovery-setup/intro). The Log Processors now send metrics about the acquisition (number of lines read and parsed per datasource) and the parsers (number of events parsed, unparsed, or whitelisted) to LAPI. Those metrics are shown when running `cscli machines inspect XXX`. In the future, they will also be displayed in the console and used to detect potentially misconfigured or misbehaving installations. Other notable changes include: - Support for swarm in the docker datasource - Better CRS integration in the WAF (this will continue to be improved over time) - New expr helpers to compute the average and median time between events > \[!WARNING] > Starting with this release, when crowdsec is run in a docker (or podman) container, a volume *must* be provided `/var/lib/crowdsec/data/`, otherwise the container will refuse to start. > This requirement does not apply to Kubernetes. > \[!NOTE] > As previously documented [here](https://docs.crowdsec.net/blog/cscli_dashboard_deprecation/), the `cscli dashboard` command has been removed. > If you are still using the metabase dashboard, we recommend you migrate to https://app.crowdsec.net #### Changes - use go 1.24.6 ([#3835](https://github.com/crowdsecurity/crowdsec/issues/3835)) [@mmetc](https://github.com/mmetc) - CI: update actions; drop version comments ([#3823](https://github.com/crowdsecurity/crowdsec/issues/3823)) [@mmetc](https://github.com/mmetc) - install scripts: echo -e -> echo (we're not requiring bash anymore) ([#3799](https://github.com/crowdsecurity/crowdsec/issues/3799)) [@mmetc](https://github.com/mmetc) - move detect.yaml to /var/lib/crowdsec/data ([#3797](https://github.com/crowdsecurity/crowdsec/issues/3797)) [@mmetc](https://github.com/mmetc) - restore wizard.sh --unattended ([#3790](https://github.com/crowdsecurity/crowdsec/issues/3790)) [@mmetc](https://github.com/mmetc) - cleanup wizard.sh ([#3786](https://github.com/crowdsecurity/crowdsec/issues/3786)) [@mmetc](https://github.com/mmetc) - remove the cscli_setup feature flag ([#3784](https://github.com/crowdsecurity/crowdsec/issues/3784)) [@mmetc](https://github.com/mmetc) - add detect.yaml in rpm files section ([#3773](https://github.com/crowdsecurity/crowdsec/issues/3773)) [@sabban](https://github.com/sabban) - refact whitelist/allowlist: net.IP to net/netip ([#3683](https://github.com/crowdsecurity/crowdsec/issues/3683)) [@mmetc](https://github.com/mmetc) - refact: pkg/database decisions filter, queries ([#3635](https://github.com/crowdsecurity/crowdsec/issues/3635)) [@mmetc](https://github.com/mmetc) #### New Features - cscli: remove "dashboard" command ([#3004](https://github.com/crowdsecurity/crowdsec/issues/3004)) [@mmetc](https://github.com/mmetc) - clean up buckets serialization code ([#3777](https://github.com/crowdsecurity/crowdsec/issues/3777)) [@sabban](https://github.com/sabban) - cscli setup: new service detection and configuration ([#3730](https://github.com/crowdsecurity/crowdsec/issues/3730)) [@mmetc](https://github.com/mmetc) - feat: add swarm support to docker acquistion ([#3744](https://github.com/crowdsecurity/crowdsec/issues/3744)) [@LaurenceJJones](https://github.com/LaurenceJJones) #### Improvements - WAF: Improve user-experience with CRS and modsecurity rules ([#3827](https://github.com/crowdsecurity/crowdsec/issues/3827)) [@blotus](https://github.com/blotus) - cscli setup: allow skipping service detection with $CROWDSEC_SETUP_UN… ([#3822](https://github.com/crowdsecurity/crowdsec/issues/3822)) [@mmetc](https://github.com/mmetc) - cscli setup: improve service detection and datasource validation ([#3812](https://github.com/crowdsecurity/crowdsec/issues/3812)) [@mmetc](https://github.com/mmetc) - cscli setup: skip missing items, fix collection name ([#3794](https://github.com/crowdsecurity/crowdsec/issues/3794)) [@mmetc](https://github.com/mmetc) - Improve the output of appsec `cscli hubtest` ([#3791](https://github.com/crowdsecurity/crowdsec/issues/3791)) [@buixor](https://github.com/buixor) - cscli setup improvements ([#3789](https://github.com/crowdsecurity/crowdsec/issues/3789)) [@mmetc](https://github.com/mmetc) - cscli: print command name along with errors ([#3768](https://github.com/crowdsecurity/crowdsec/issues/3768)) [@mmetc](https://github.com/mmetc) - enhance: Add 2 time helpers for average and median ([#3748](https://github.com/crowdsecurity/crowdsec/issues/3748)) [@LaurenceJJones](https://github.com/LaurenceJJones) - usage metrics: report acquisition + parsers metrics to LAPI ([#3709](https://github.com/crowdsecurity/crowdsec/issues/3709)) [@blotus](https://github.com/blotus) - improve datasource validation (goccy/go-yaml) ([#3646](https://github.com/crowdsecurity/crowdsec/issues/3646)) [@mmetc](https://github.com/mmetc) #### Bug Fixes - fix "cscli alerts list -s <scenario>" for alerts with no decisions ([#3830](https://github.com/crowdsecurity/crowdsec/issues/3830)) [@mmetc](https://github.com/mmetc) - unify the output format of start_at and stop_at ([#3819](https://github.com/crowdsecurity/crowdsec/issues/3819)) [@buixor](https://github.com/buixor) - pkg/cwhub: fix relative symlink resolution ([#3824](https://github.com/crowdsecurity/crowdsec/issues/3824)) [@mmetc](https://github.com/mmetc) - fix: Postint check also if api.server.enable is false ([#3802](https://github.com/crowdsecurity/crowdsec/issues/3802)) [@LaurenceJJones](https://github.com/LaurenceJJones) - detect.yaml: always acquire ssh logs from file if present ([#3825](https://github.com/crowdsecurity/crowdsec/issues/3825)) [@mmetc](https://github.com/mmetc) - detect.yaml: avoid double acquisition on deb ([#3821](https://github.com/crowdsecurity/crowdsec/issues/3821)) [@mmetc](https://github.com/mmetc) - review config/detect.yaml ([#3820](https://github.com/crowdsecurity/crowdsec/issues/3820)) [@mmetc](https://github.com/mmetc) - fix rpm detect.yaml ([#3814](https://github.com/crowdsecurity/crowdsec/issues/3814)) [@sabban](https://github.com/sabban) - CI: remove config/detect.yaml reference from rpm ([#3813](https://github.com/crowdsecurity/crowdsec/issues/3813)) [@mmetc](https://github.com/mmetc) - fix rpm dovecot detection ([#3796](https://github.com/crowdsecurity/crowdsec/issues/3796)) [@sabban](https://github.com/sabban) - Increase hub download timeout to 10 minutes ([#3785](https://github.com/crowdsecurity/crowdsec/issues/3785)) [@mmetc](https://github.com/mmetc) - docker: enforce volume use for /var/lib/crowdsec/data/ ([#3757](https://github.com/crowdsecurity/crowdsec/issues/3757)) [@blotus](https://github.com/blotus) - setup: add detect.yaml to windows install ([#3775](https://github.com/crowdsecurity/crowdsec/issues/3775)) [@blotus](https://github.com/blotus) - fix timemachine lock ([#3767](https://github.com/crowdsecurity/crowdsec/issues/3767)) [@sabban](https://github.com/sabban) - appsec: properly set URI in the original request object for use in hooks ([#3755](https://github.com/crowdsecurity/crowdsec/issues/3755)) [@blotus](https://github.com/blotus) #### Chore / Deps - build(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 ([#3816](https://github.com/crowdsecurity/crowdsec/issues/3816)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 ([#3818](https://github.com/crowdsecurity/crowdsec/issues/3818)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/crowdsecurity/machineid from 1.0.2 to 1.0.3 ([#3769](https://github.com/crowdsecurity/crowdsec/issues/3769)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump docker/login-action from 3.4.0 to 3.5.0 ([#3783](https://github.com/crowdsecurity/crowdsec/issues/3783)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - update dependencies, use go 1.24.5 ([#3774](https://github.com/crowdsecurity/crowdsec/issues/3774)) [@mmetc](https://github.com/mmetc) - build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.9.3 ([#3761](https://github.com/crowdsecurity/crowdsec/issues/3761)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 ([#3763](https://github.com/crowdsecurity/crowdsec/issues/3763)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/hashicorp/go-version from 1.2.1 to 1.7.0 ([#3764](https://github.com/crowdsecurity/crowdsec/issues/3764)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github/codeql-action from 3.29.4 to 3.29.5 ([#3765](https://github.com/crowdsecurity/crowdsec/issues/3765)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/alexliesenfeld/health from 0.8.0 to 0.8.1 ([#3760](https://github.com/crowdsecurity/crowdsec/issues/3760)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/r3labs/diff/v2 from 2.14.1 to 2.15.1 ([#3721](https://github.com/crowdsecurity/crowdsec/issues/3721)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump google.golang.org/grpc from 1.67.1 to 1.74.2 ([#3750](https://github.com/crowdsecurity/crowdsec/issues/3750)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/go-openapi/validate from 0.20.0 to 0.24.0 ([#3719](https://github.com/crowdsecurity/crowdsec/issues/3719)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/sanity-io/litter from 1.5.5 to 1.5.8 ([#3720](https://github.com/crowdsecurity/crowdsec/issues/3720)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 ([#3749](https://github.com/crowdsecurity/crowdsec/issues/3749)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump astral-sh/setup-uv from 6.4.1 to 6.4.3 ([#3753](https://github.com/crowdsecurity/crowdsec/issues/3753)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github/codeql-action from 3.29.2 to 3.29.4 ([#3751](https://github.com/crowdsecurity/crowdsec/issues/3751)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump golang.org/x/mod from 0.25.0 to 0.26.0 ([#3746](https://github.com/crowdsecurity/crowdsec/issues/3746)) @[dependabot\[bot\]](https://github.com/apps/dependabot) #### Geolite2 notice This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com">https://www.maxmind.com</a>. #### Installation Take a look at the [installation instructions](https://doc.crowdsec.net/docs/getting_started/install_crowdsec). ### [`v1.6.11`](https://github.com/crowdsecurity/crowdsec/releases/tag/v1.6.11) [Compare Source](https://github.com/crowdsecurity/crowdsec/compare/v1.6.10...v1.6.11) > \[!WARNING] > This release fixes an issue with the Windows version of CrowdSec that prevented it from shutting down properly. > Due to this issue, the service will not stop automatically when updating to this version. > You will need to manually kill the CrowdSec process in Task Manager before running the installer. This release mainly contains small fixes: - Fixed an issue preventing proper shutdown on Windows - Fixed an issue when importing decisions where allowlists were not always checked #### Changes - update lint configuration ([#3667](https://github.com/crowdsecurity/crowdsec/issues/3667)) [@mmetc](https://github.com/mmetc) - context.Background() -> t.Context() ([#3739](https://github.com/crowdsecurity/crowdsec/issues/3739)) [@mmetc](https://github.com/mmetc) #### Bug Fixes - fix: normalize scope within range to ensure allowlist check ([#3735](https://github.com/crowdsecurity/crowdsec/issues/3735)) [@LaurenceJJones](https://github.com/LaurenceJJones) - cscli: don't assume master hub branch if version check fails (after retrying) ([#3732](https://github.com/crowdsecurity/crowdsec/issues/3732)) [@mmetc](https://github.com/mmetc) - windows: fix service getting stuck on shutdown ([#3733](https://github.com/crowdsecurity/crowdsec/issues/3733)) [@blotus](https://github.com/blotus) #### Chore / Deps - build(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 ([#3741](https://github.com/crowdsecurity/crowdsec/issues/3741)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump astral-sh/setup-uv from 6.3.1 to 6.4.1 ([#3737](https://github.com/crowdsecurity/crowdsec/issues/3737)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/blackfireio/osinfo from 1.0.5 to 1.1.0 ([#3718](https://github.com/crowdsecurity/crowdsec/issues/3718)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/crowdsecurity/dlog from 0.0.0-20170105205344-4fb5f8204f26 to 0.0.2 ([#3717](https://github.com/crowdsecurity/crowdsec/issues/3717)) @[dependabot\[bot\]](https://github.com/apps/dependabot) - docker: document console options ([#3724](https://github.com/crowdsecurity/crowdsec/issues/3724)) [@blotus](https://github.com/blotus) #### Geolite2 notice This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com">https://www.maxmind.com</a>. #### Installation Take a look at the [installation instructions](https://doc.crowdsec.net/docs/getting_started/install_crowdsec). ### [`v1.6.10`](https://github.com/crowdsecurity/crowdsec/releases/tag/v1.6.10) [Compare Source](https://github.com/crowdsecurity/crowdsec/compare/v1.6.9...v1.6.10) #### Overview This release mostly focuses on small bug fixes and improvements: - WAF: fixed a resource leak in the appsec datasource when checking bouncer authentication - Allowlists: added `cscli allowlists check` to check if an IP/range belongs to an allowlist - S3 datasource: added support for `SNS` notifications - HTTP datasource: added support for `GET` and `HEAD` requests to allow the log provider to confirm the datasource is working. Full changelog is below. #### Improvements - enhance: Add allowlist check ([#3684](https://github.com/crowdsecurity/crowdsec/issues/3684)) [@LaurenceJJones](https://github.com/LaurenceJJones) - Flags for console features ([#3457](https://github.com/crowdsecurity/crowdsec/issues/3457)) [@Simbiat](https://github.com/Simbiat) - HTTP datasource: allow GET/HEAD request for checking if the datasource is working ([#3710](https://github.com/crowdsecurity/crowdsec/issues/3710)) [@blotus](https://github.com/blotus) - enhance: appsec reuse httpc optimization ([#3693](https://github.com/crowdsecurity/crowdsec/issues/3693)) [@LaurenceJJones](https://github.com/LaurenceJJones) - hubtest: resolve relative path for 'cscli', 'crowdsec' ([#3651](https://github.com/crowdsecurity/crowdsec/issues/3651)) [@mmetc](https://github.com/mmetc) - refact pkg/cwhub ([#3666](https://github.com/crowdsecurity/crowdsec/issues/3666)) [@mmetc](https://github.com/mmetc) - S3 datasource: add support for SNS format ([#3716](https://github.com/crowdsecurity/crowdsec/issues/3716)) [@blotus](https://github.com/blotus) #### Changes - refact pkg/acquisition: extract loop method ([#3615](https://github.com/crowdsecurity/crowdsec/issues/3615)) [@mmetc](https://github.com/mmetc) - refact: plugin config parsing ([#3640](https://github.com/crowdsecurity/crowdsec/issues/3640)) [@mmetc](https://github.com/mmetc) - refact: migrate net.IP -> net/netip: part 1 ([#3680](https://github.com/crowdsecurity/crowdsec/issues/3680)) [@mmetc](https://github.com/mmetc) - use github.com/cenkalti/backoff/v5 for apiclient backoff ([#3662](https://github.com/crowdsecurity/crowdsec/issues/3662)) [@mmetc](https://github.com/mmetc) - use go 1.24.4 ([#3674](https://github.com/crowdsecurity/crowdsec/issues/3674)) [@mmetc](https://github.com/mmetc) - cscli help typos ([#3707](https://github.com/crowdsecurity/crowdsec/issues/3707)) [@mmetc](https://github.com/mmetc) - move cti expr helper to pkg/cticlient ([#3696](https://github.com/crowdsecurity/crowdsec/issues/3696)) [@mmetc](https://github.com/mmetc) - refact csplugin: move ProfileAlert to models ([#3671](https://github.com/crowdsecurity/crowdsec/issues/3671)) [@mmetc](https://github.com/mmetc) - refact cmd/crowdsec: extract functions from runCrowdsec() ([#3669](https://github.com/crowdsecurity/crowdsec/issues/3669)) [@mmetc](https://github.com/mmetc) - cscli capi register: no error if online_api_credentials.yaml does not exist ([#3645](https://github.com/crowdsecurity/crowdsec/issues/3645)) [@mmetc](https://github.com/mmetc) - refact cmd/crowdsec: move plugin initialization to apiserver ([#3668](https://github.com/crowdsecurity/crowdsec/issues/3668)) [@mmetc](https://github.com/mmetc) - lint: require name on interface parameters ([#3614](https://github.com/crowdsecurity/crowdsec/issues/3614)) [@mmetc](https://github.com/mmetc) - unit tests: rename ./tests, ./test_data -> ./testdata ([#3673](https://github.com/crowdsecurity/crowdsec/issues/3673)) [@mmetc](https://github.com/mmetc) #### Bug Fixes - Fix infinite loop in decisions list for some values of limit ([#3695](https://github.com/crowdsecurity/crowdsec/issues/3695)) [@blotus](https://github.com/blotus) - fix: Reset datafiles before loading the hub on HUP ([#3712](https://github.com/crowdsecurity/crowdsec/issues/3712)) [@LaurenceJJones](https://github.com/LaurenceJJones) - fix: allowlist use content created at instead of list itself ([#3703](https://github.com/crowdsecurity/crowdsec/issues/3703)) [@LaurenceJJones](https://github.com/LaurenceJJones) - pkg/apiserver: remove incorrect log.Error ([#3672](https://github.com/crowdsecurity/crowdsec/issues/3672)) [@mmetc](https://github.com/mmetc) #### Chore / Deps - dependabot: set kind/dependencies label ([#3722](https://github.com/crowdsecurity/crowdsec/issues/3722)) [@blotus](https://github.com/blotus) - CI: update action deps ([#3692](https://github.com/crowdsecurity/crowdsec/issues/3692)) [@mmetc](https://github.com/mmetc) - update golangci-lint v2.2 and config ([#3713](https://github.com/crowdsecurity/crowdsec/issues/3713)) [@mmetc](https://github.com/mmetc) - refact: replace iplib with net/netip ([#3642](https://github.com/crowdsecurity/crowdsec/issues/3642)) [@mmetc](https://github.com/mmetc) - update hashicorp/go-plugin ([#3694](https://github.com/crowdsecurity/crowdsec/issues/3694)) [@mmetc](https://github.com/mmetc) - update github.com/jedib0t/go-pretty/ ([#3705](https://github.com/crowdsecurity/crowdsec/issues/3705)) [@mmetc](https://github.com/mmetc) #### Geolite2 notice This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com">https://www.maxmind.com</a>. #### Installation Take a look at the [installation instructions](https://doc.crowdsec.net/docs/getting_started/install_crowdsec). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Renovate-Bot added 1 commit 2025-09-26 20:01:21 -04:00

Update crowdsecurity/crowdsec Docker tag to v1.7.0 e40dfdfa1c

Renovate-Bot force-pushed renovate/crowdsecurity-crowdsec-1.x from e40dfdfa1c to 2114f17404

2025-10-22 20:01:16 -04:00

Compare

Renovate-Bot changed title from ~~Update crowdsecurity/crowdsec Docker tag to v1.7.0~~ to Update crowdsecurity/crowdsec Docker tag to v1.7.2

2025-10-22 20:01:19 -04:00

Renovate-Bot force-pushed renovate/crowdsecurity-crowdsec-1.x from 2114f17404 to f2362c5b27

2025-10-24 20:01:12 -04:00

Compare

Renovate-Bot changed title from ~~Update crowdsecurity/crowdsec Docker tag to v1.7.2~~ to Update crowdsecurity/crowdsec Docker tag to v1.7.3

2025-10-24 20:01:16 -04:00

This pull request can be merged automatically.

You are not authorized to merge this pull request.

View command line instructions.

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin renovate/crowdsecurity-crowdsec-1.x:renovate/crowdsecurity-crowdsec-1.x

git checkout renovate/crowdsecurity-crowdsec-1.x

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: justus/Homelab-Ansible#59