publicWagsHome
/
amcrest2mqtt
mirror of https://github.com/dchesterton/amcrest2mqtt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
345 Commits
6 Branches
16 Tags
807 KiB
dependabot/github_actions/docker/setup-buildx-action-2.5.0
dependabot/pip/python-slugify-8.0.1
dependabot/github_actions/docker/build-push-action-4.0.0
dependabot/github_actions/docker/setup-qemu-action-2.1.0
dependabot/github_actions/docker/login-action-2.1.0
main
1.0.16
1.0.15
1.0.14
1.0.13
1.0.12
1.0.11
1.0.10
1.0.9
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5117cbd14a'
${ noResults }
Commit Graph

70 Commits (5117cbd14ae2d60a3a304bf5482dd40053efe9cd)

Author SHA1 Message Date
Jeff Culverhouse 21925c5688 chore: enhance Trivy security scanning configuration 
- Add ignore-unfixed: true to Trivy workflow to focus on actionable vulnerabilities
- Expand .trivyignore from 1 to 10 CVEs with detailed categorization
- Document why each CVE is ignored (system libraries, unused features)
- Ignore glibc/libtasn1 system library CVEs pending upstream fixes
- Ignore curl CVEs for SSH/OAuth2/LDAP features not used by application
- Ignore OpenLDAP CVE as library is not used by amcrest2mqtt

This aligns with govee2mqtt security configuration and reduces noise
from unfixable or non-applicable security alerts while maintaining
focus on CRITICAL and HIGH severity issues that can be addressed.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2 weeks ago
Jeff Culverhouse ed294a99e0 Add explicit permissions to Docker Hub workflow 1 month ago
Jeff Culverhouse 3314622c12 Pin GitHub Actions to SHAs 1 month ago
Jeff Culverhouse e7852b0c36 fix: skip release and docker jobs on pull requests 
Dependabot PRs were incorrectly triggering the docker build job.
Now release and docker jobs only run on pushes to main, scheduled
runs, and manual triggers.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 1 month ago
Jeff Culverhouse ff852aff3f chore: update codeql-action to v4 
Addresses deprecation warning for v3.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 1 month ago
Jeff Culverhouse 291bf7d765 feat: add image signing, vulnerability scanning, and security policy 
- Add Cosign image signing using Sigstore keyless signing
- Add Trivy vulnerability scanning with SARIF output to GitHub Security tab
- Add SECURITY.md with vulnerability reporting instructions
- Add required permissions for security-events and id-token

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 1 month ago
Jeff Culverhouse 396e8b131e chore: more python support; build tests 3 months ago
Jeff Culverhouse 1b111b8a4f fix: add last_device_check sensor; fix service status; only post messages on changes 3 months ago
Jeff Culverhouse 35c8486b96 chore: std Dockerfile and docker-compose, plus a few other fixes 3 months ago
Jeff Culverhouse 7e83bda129 ci: allow schedule to build and deploy 3 months ago
Jeff Culverhouse 0d7e8d9cb7 ci: allow schedule to build and deploy; add healthcheck to sample docker-compose 3 months ago
Jeff Culverhouse 1d52185673 feature: move things around, cleaner code 3 months ago
Jeff Culverhouse d74d12ae79 chore: fix duplicate labels in action 3 months ago
Jeff Culverhouse e230a7673f feat!: complete MQTT and service refactor, add timestamp + event tracking, and new modular mixins 
- Rewrote MQTT handling with reconnect, structured logging, and Home Assistant re-discovery triggers
- Introduced modular mixins (`helpers`, `mqtt`, `amcrest_api`) for cleaner architecture
- Replaced `util.py` with internal mixin helpers and `to_gb()` conversions
- Added new `event_text` and `event_time` sensors (with `device_class: timestamp`)
- Added support for doorbell and human-detection binary sensors
- Improved reconnect logic, last-will handling, and clean shutdown on signals
- Overhauled device discovery and state publishing to use unified upsert logic
- Simplified event handling and privacy mode inference from motion/human/doorbell events
- Introduced `tools/clear_mqtt.sh` for quick topic cleanup
- Added full pyproject.toml with lint/test/dev config (Black, Ruff, Pytest)
- Embedded full metadata and image labels in Docker build

BREAKING CHANGE:
Project layout moved to `src/amcrest2mqtt/`, internal class and import paths changed.
Users must update configs and volumes to the new structure before deploying.
 3 months ago
Jeff Culverhouse acb0b6b4e1 chore(ci): add OCI image metadata and update docker-compose config 4 months ago
Jeff Culverhouse fd8a8a5e5f chore: normalize github deploy actions 4 months ago
Jeff Culverhouse bbdc623a38 chore: setup monthly docker image rebuild 4 months ago
Jeff Culverhouse 69c4f1ac57 feat: semantic versioning, github action features, writes a version file, and tags Docker images 4 months ago
Jeff Culverhouse 3d04b16e28 githib action; cleanup compose 10 months ago
Jeff Culverhouse 9e3f8ef01c send to organization docker hub; README 11 months ago
Jeff Culverhouse 835fe53c9a fix funding file from fork 11 months ago
Jeff Culverhouse 7ed5e99742 minor docker changes 11 months ago
Jeff Culverhouse 7137ef80f9 use python bookwork instead of alpine 11 months ago
Jeff Culverhouse 346fa9cc7e fix github action; fix README 11 months ago
Daniel Chesterton 948a8b565d
Merge pull request #62 from dchesterton/dependabot/github_actions/actions/checkout-3 
[ci skip]: Bump actions/checkout from 2.4.0 to 3
 4 years ago
Daniel Chesterton 479bd008b6
Merge pull request #61 from dchesterton/dependabot/github_actions/docker/login-action-1.14.1 
[ci skip]: Bump docker/login-action from 1.12.0 to 1.14.1
 4 years ago
dependabot[bot] 9950622314
[ci skip]: Bump docker/build-push-action from 2.7.0 to 2.10.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.7.0 to 2.10.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.10.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 5623e60da7
[ci skip]: Bump actions/checkout from 2.4.0 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.4.0...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 93f239feeb
[ci skip]: Bump docker/login-action from 1.12.0 to 1.14.1 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.12.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.12.0...v1.14.1)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
Daniel Chesterton fd2123535d Switch action for bump-version 4 years ago
Daniel Chesterton 477aa89606
Merge pull request #52 from dchesterton/dependabot/github_actions/docker/login-action-1.12.0 
[ci skip]: Bump docker/login-action from 1.10.0 to 1.12.0
 4 years ago
dependabot[bot] afaef732c5
[ci skip]: Bump docker/login-action from 1.10.0 to 1.12.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.10.0 to 1.12.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.10.0...v1.12.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 4cd3b1add8
[ci skip]: Bump actions/checkout from 2.3.5 to 2.4.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
Daniel Chesterton 2886e5c1ca
Merge pull request #36 from dchesterton/dependabot/github_actions/docker/build-push-action-2.7.0 
[ci skip]: Bump docker/build-push-action from 2.6.1 to 2.7.0
 4 years ago
Daniel Chesterton 9ba2544237
Merge pull request #39 from dchesterton/dependabot/github_actions/docker/setup-buildx-action-1.6.0 
[ci skip]: Bump docker/setup-buildx-action from 1.5.1 to 1.6.0
 4 years ago
Daniel Chesterton ed38b86eb6 Change bump-version 4 years ago
dependabot[bot] 781becf0d0
[ci skip]: Bump actions/checkout from 2.3.4 to 2.3.5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.4...v2.3.5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 65623b45a2
[ci skip]: Bump docker/setup-buildx-action from 1.5.1 to 1.6.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1.5.1...v1.6.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 4af6eac710
[ci skip]: Bump docker/build-push-action from 2.6.1 to 2.7.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.6.1...v2.7.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 years ago
Daniel Chesterton d7e52c0843 Add STORAGE_POLL_INTERVAL environment variable 5 years ago
Daniel Chesterton dc6b6c0149
Merge pull request #21 from dchesterton/dependabot/github_actions/docker/login-action-1.10.0 
[ci skip]: Bump docker/login-action from 1.9.0 to 1.10.0
 5 years ago
Daniel Chesterton 2687358810
Merge pull request #25 from dchesterton/dependabot/github_actions/docker/build-push-action-2.6.1 
[ci skip]: Bump docker/build-push-action from 2.5.0 to 2.6.1
 5 years ago
dependabot[bot] 3ee2a7bf64
[ci skip]: Bump docker/setup-buildx-action from 1.3.0 to 1.5.1 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1.3.0 to 1.5.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1.3.0...v1.5.1)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 years ago
dependabot[bot] 441905c91f
[ci skip]: Bump docker/build-push-action from 2.5.0 to 2.6.1 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.5.0 to 2.6.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.5.0...v2.6.1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 years ago
dependabot[bot] a5a9383ad4
[ci skip]: Bump docker/login-action from 1.9.0 to 1.10.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 years ago
Daniel Chesterton 1b85a28e01 Fix workflow 5 years ago
Daniel Chesterton 2a683fefc8 Fix workflow 5 years ago
Daniel Chesterton afb215850c Fix workflow 5 years ago
Daniel Chesterton bb3e636119 Fix workflow 5 years ago
Daniel Chesterton f814b9dd3c Fix workflow 5 years ago