Skip to content

[Sync] Update project files from source repository (1299e85)#15

Merged
mrz1836 merged 3 commits into
mainfrom
chore/sync-files-bsv-blockchain-services-20260205-183326-1299e85
Feb 6, 2026
Merged

[Sync] Update project files from source repository (1299e85)#15
mrz1836 merged 3 commits into
mainfrom
chore/sync-files-bsv-blockchain-services-20260205-183326-1299e85

Conversation

@mrz1836
Copy link
Copy Markdown
Collaborator

@mrz1836 mrz1836 commented Feb 5, 2026

What Changed

  • Simplified .dockerignore by replacing individual documentation file exclusions with a single docs directory exclusion and removing exclusions for build artifacts, caches, example files, test files, and various markdown/yaml files
  • Updated GOVULNCHECK_GO_VERSION from 1.25.6 to 1.25.7 in .github/.env.base
  • Updated GO_COVERAGE_VERSION from v1.1.17 to v1.2.0 in .github/.env.base
  • Updated MAGE_X_VERSION from v1.18.7 to v1.19.2 in .github/.env.base

Why It Was Necessary

  • Streamline Docker build context by consolidating exclusion patterns, reducing maintenance overhead while achieving the same result
  • Incorporate latest vulnerability scanning capabilities and bug fixes from newer Go version
  • Adopt latest versions of tooling dependencies to benefit from improvements and security updates

Testing Performed

  • Verify Docker builds complete successfully with updated .dockerignore patterns
  • Confirm CI workflows execute correctly with updated tool versions
  • Validate that documentation files are still properly excluded from Docker context

Impact / Risk

  • Breaking Change: None - changes are limited to build configuration and tooling versions
  • Risk: Low - tooling updates are minor version bumps with backwards compatibility
  • Performance: Potentially improved Docker build times due to simplified .dockerignore pattern matching

@mrz1836 mrz1836 self-assigned this Feb 5, 2026
@mrz1836 mrz1836 added automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps labels Feb 5, 2026
@github-actions github-actions Bot added size/M Medium change (51–200 lines) update General updates labels Feb 5, 2026
@mrz1836
fix: exclude CVE-2026-24051 from Nancy vulnerability scan
4355850 
- Add CVE-2026-24051 to NANCY_EXCLUDES and MAGE_X_CVE_EXCLUDES
- Vulnerability affects go.opentelemetry.io/otel/sdk@v1.39.0
- macOS-only PATH hijacking vulnerability (CVSS 7.0)
- Requires local access with ability to modify PATH environment
- Low risk for server/container deployments
@mrz1836
fix: include docs directory in Docker build
35dce6d 
- Remove docs from .dockerignore
- The docs package is required by cmd/arcade/main.go for OpenAPI documentation
- Fixes Docker build failure: "no required module provides package github.com/bsv-blockchain/arcade/docs"
@mrz1836 mrz1836 merged commit 0c3b6f6 into main Feb 6, 2026
45 checks passed
@github-actions github-actions Bot deleted the chore/sync-files-bsv-blockchain-services-20260205-183326-1299e85 branch February 6, 2026 00:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mrz1836 mrz1836

Labels

automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps size/M Medium change (51–200 lines) update General updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mrz1836