8 Commits

Author	SHA1	Message	Date
lerko	32982228b0	fix(security): patch Docker Scout CVEs and remove unused openssh-client (#41) ... ## Summary - Upgrade `golang.org/x/net` v0.54.0 → v0.55.0 — patches 6 CVEs including critical CVE-2026-41589 (CVSS 9.6) - Remove `openssh-client` from Docker image — unused (uptop uses pure Go SSH), eliminates 4 CVEs - Add `apk upgrade` to Dockerfile for remaining Alpine package CVEs ## CVEs Resolved | CVE | Severity | Package | Fix | |-----|----------|---------|-----| | CVE-2026-41589 | 9.6 Critical | golang.org/x/net | upgraded to v0.55.0 | | CVE-2025-60876 | 6.5 Medium | golang.org/x/net | upgraded to v0.55.0 | | CVE-2026-42502 | 6.1 Medium | golang.org/x/net | upgraded to v0.55.0 | | CVE-2026-42506 | 6.1 Medium | golang.org/x/net | upgraded to v0.55.0 | | CVE-2026-25681 | 6.1 Medium | golang.org/x/net | upgraded to v0.55.0 | | CVE-2026-35414 | 6.1 Medium | golang.org/x/net | upgraded to v0.55.0 | | CVE-2026-25680 | 7.5 High | alpine/openssh | removed openssh-client | | CVE-2026-35386 | 3.6 Low | alpine/openssh | removed openssh-client | | CVE-2026-35387 | 3.1 Low | alpine/openssh | removed openssh-client | | CVE-2026-35388 | 2.5 Low | alpine/openssh | removed openssh-client | | CVE-2026-27136 | 6.5 Medium | alpine/busybox | apk upgrade | ## Not Addressed (not exploitable) CVE-2026-35385 (charmbracelet/wish v1.4.7, CVSS 9.6) — path traversal in wish's SCP middleware. uptop does not use the SCP middleware, only wish core + bubbletea middleware. Vulnerable code path is never loaded. Migration to wish v2 tracked in #42. ## Test Plan - [x] `go build ./...` passes - [x] `go test ./...` passes - [ ] Rebuild Docker image, re-scan with Docker Scout Reviewed-on: #41	2026-05-30 00:33:20 +00:00
lerko	8f17deba67	chore: migrate module path to lerkolabs org ... Move Go module from gitea.lerkolabs.com/lerko/uptop to gitea.lerkolabs.com/lerkolabs/uptop. Updates all imports, go.mod, goreleaser owner, and README links.	2026-05-29 14:22:49 -04:00
lerko	b1935aa682	fix(deps): bump golang.org/x/crypto v0.47.0 → v0.52.0 ... Fixes 7 vulns (GO-2026-5014 through GO-2026-5023) found by govulncheck. Also bumps x/net, x/sys, x/text, x/sync, x/mod, x/tools to latest.	2026-05-26 20:20:23 -04:00
lerko	2cd3dcddb4	chore: bump Go 1.24.4 → 1.26.3, Alpine 3.21 → 3.23 ... Go 1.24 EOL since Feb 2026. Fixes 33 stdlib vulns found by govulncheck (database/sql, os/exec, net/http). Gets Green Tea GC.	2026-05-26 20:12:43 -04:00
lerko	9d12e3ecf1	chore: complete rename from go-upkeep to uptop ... - Module path: gitea.lerkolabs.com/lerko/uptop - Binary: cmd/uptop/ - All imports updated to full module path - Env vars: UPKEEP_* → UPTOP_* - Prometheus metrics: upkeep_* → uptop_* - Default DB: uptop.db - Docker image: lerko/uptop - All docs, compose files, CI updated Only remaining "go-upkeep" reference is the fork attribution in README.	2026-05-24 20:20:35 -04:00
lerko	5b01b9ee30	feat(config): add config-as-code YAML import/export ... Add declarative config-as-code support via YAML files. Monitors and alerts can be exported, version controlled, and applied across instances. - goupkeep export [-o file.yaml] dumps current state - goupkeep apply -f file.yaml creates/updates to match desired state - --dry-run shows planned changes without applying - --prune deletes monitors/alerts not in the YAML - Matching by name, alert references by name, nested group children - CLI refactored to subcommands (apply, export, serve) with backward compat - 24 tests covering apply, export, validation, round-trip idempotency	2026-05-15 20:40:49 -04:00
lerko	93fe372497	feat(monitor): add ping, port, and DNS check routines ... Implement checkPing (pro-bing ICMP), checkPort (TCP dial), and checkDNS (miekg/dns) with per-monitor timeout, configurable DNS record types, and fallback defaults. Groups skip checks entirely.	2026-05-14 17:22:57 -04:00
lerko	02f0a39d97	feat: initial commit — uptime monitor (forked from go-upkeep) ... Go-based uptime monitor with SQLite/Postgres storage, TUI dashboard, SSH server, alerting, and clustering support.	2026-05-14 11:05:10 -04:00