github amayer1983/docksentry v1.17.7
v1.17.7 — Critical: protect against self-kill (closes #16)
on GitHub

2 hours ago

⚠️ Critical fix — please upgrade

Reported by @NotRetarded in #16. If you'd ever added DockSentry to its own /autoupdate list, or clicked "Update all" on a Telegram notification that included DockSentry, or hit "Update" on DockSentry's row in the Web UI, the bot would call docker stop against its own container — killing PID 1 before the rename + docker run recreate steps could execute. Container ended up stopped on the new image and never came back up. Pulling v1.17.7 fixes the bug and migrates the bad state automatically.

What changed

Three-layer defense:

  1. More robust self-detection. The old HOSTNAME-only path silently missed in some compose / orchestrator setups. New _own_container_id() uses HOSTNAME then /etc/hostname to resolve via docker inspect, caches the full container ID, and uses that ID (not the name) for self-comparison.

  2. update_container() bottleneck. Every code path that issues docker stop flows through this method, and it refuses with a clear message pointing to /selfupdate when the target container ID matches our own. Even if a future feature or third-party caller bypasses the upstream filter, the bottleneck catches it.

  3. Boot-time migration. If a previous version saved DockSentry into autoupdate_containers.json, the entry is stripped on next start. A one-shot Telegram / Discord / webhook notification explains what happened:

    🛡 Heads up: this Docksentry container was on its own auto-update list. Auto-updating ourselves through the regular flow killed the process before recreate could happen. Removed from the list. Use /selfupdate (manual) or AUTO_SELFUPDATE=true (env) for self-updates instead.

The dedicated self-update paths — manual /selfupdate command and the AUTO_SELFUPDATE=true cron-driven flow — were never affected and continue to work as before.

What you need to do

Just pull. If you previously had DockSentry in your auto-update list, the migration will clean it up automatically and tell you it did: 

docker pull amayer1983/docksentry:latest
docker compose up -d

After upgrade, switch to either:

  • AUTO_SELFUPDATE=true env var (recommended — runs on every cron tick), or
  • Manual /selfupdate from Telegram when you want it
Check out latest releases or
releases around amayer1983/docksentry v1.17.7

Don't miss a new docksentry release

NewReleases is sending notifications on new releases.

Get notifications