From 1068b943c7f0b40de97b72edfe8520f3bcd54919 Mon Sep 17 00:00:00 2001 From: Anton Date: Wed, 11 Mar 2026 18:02:44 +0000 Subject: [PATCH] Remove shenxn funding, update SECURITY.md, deb Dockerfile to trixie, add acknowledgments to README --- .github/FUNDING.yml | 12 ------------ README.md | 17 +++++++++++++---- SECURITY.md | 4 +++- deb/Dockerfile | 4 ++-- 4 files changed, 18 insertions(+), 19 deletions(-) delete mode 100644 .github/FUNDING.yml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index 8be4aa5..0000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,12 +0,0 @@ -# These are supported funding model platforms - -github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] -patreon: # Replace with a single Patreon username -open_collective: # Replace with a single Open Collective username -ko_fi: # Replace with a single Ko-fi username -tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel -community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry -liberapay: # Replace with a single Liberapay username -issuehunt: # Replace with a single IssueHunt username -otechie: # Replace with a single Otechie username -custom: ['https://www.buymeacoffee.com/shenxn'] diff --git a/README.md b/README.md index 9fb66bb..52ff6fa 100644 --- a/README.md +++ b/README.md @@ -4,19 +4,21 @@ ![build badge](https://github.com/trent-maetzold/protonmail-bridge-docker/workflows/build%20from%20source/badge.svg) -This is an unofficial Docker container of the [ProtonMail Bridge](https://protonmail.com/bridge/). Some of the scripts are based on [Hendrik Meyer's work](https://gitlab.com/T4cC0re/protonmail-bridge-docker). +This is an unofficial Docker container of the [ProtonMail Bridge](https://protonmail.com/bridge/). GHCR: `ghcr.io/trent-maetzold/protonmail-bridge` ## Changes from upstream - Fixed build for proton-bridge v3.22+ (added `libfido2` dependency) +- Switched base image from `debian:sid` to `debian:trixie` (stable) - Removed DockerHub publishing (GHCR only) - Removed Gitee mirror workflow +- Merged version check into build workflow with scheduled auto-update - Updated all GitHub Actions to current versions - Replaced deprecated Anchore scan with Trivy - Default docker-compose binds to localhost only (security) -- Updated maintainer labels +- Updated maintainer labels and security policy ## ARM Support @@ -30,8 +32,7 @@ There are two types of images: | tag | description | | -- | -- | -| `latest` | latest `deb` image | -| `[version]` | `deb` images | +| `latest` | latest `build` image | | `build` | latest `build` image | | `[version]-build` | `build` images | @@ -81,3 +82,11 @@ To build locally: cd build docker build --build-arg version=v3.22.0 . ``` + +## Acknowledgments + +This project is a fork of [shenxn/protonmail-bridge-docker](https://github.com/shenxn/protonmail-bridge-docker) by [Xiaonan Shen](https://github.com/shenxn), which provided the original Dockerfiles, entrypoint scripts, and CI pipeline. Some scripts are based on [Hendrik Meyer's work](https://gitlab.com/T4cC0re/protonmail-bridge-docker). + +## License + +[GPLv3](LICENSE) diff --git a/SECURITY.md b/SECURITY.md index ac1a029..0e93770 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,4 +2,6 @@ ## Reporting a Vulnerability -Before reporting any vulnerability, make sure that it is caused by this project (i.e., this is not a vulnarability of the bridge itself). To report a vulnerabilitiy, you can send me an email (s@sxn.dev). My PGP public key is available [here](https://api.protonmail.ch/pks/lookup?op=get&search=s@sxn.dev). +Before reporting any vulnerability, make sure that it is caused by this project (i.e., not a vulnerability of the bridge itself). + +To report a vulnerability, please [open a private security advisory](https://github.com/trent-maetzold/protonmail-bridge-docker/security/advisories/new) on this repository. diff --git a/deb/Dockerfile b/deb/Dockerfile index 07e1f43..383f8b7 100644 --- a/deb/Dockerfile +++ b/deb/Dockerfile @@ -1,7 +1,7 @@ ### The Deb install is just a repack of the official ProtonMail Bridge deb package with less dependencies. ### I recommend you don't use this. It's here for legacy reasons. -FROM debian:sid-slim AS build +FROM debian:trixie-slim AS build COPY install.sh PACKAGE / RUN apt-get update && apt-get install -y wget binutils @@ -9,7 +9,7 @@ RUN apt-get update && apt-get install -y wget binutils # Repack deb (removes unnecessary dependencies and produces /protonmail.deb) RUN bash /install.sh -FROM debian:sid-slim +FROM debian:trixie-slim LABEL maintainer="Trent Maetzold " LABEL org.opencontainers.image.source="https://github.com/trent-maetzold/protonmail-bridge-docker"