Skip to content

Update ffmpeg to 8.1 from 8.0.1#481

Closed
rob93c wants to merge 4 commits intomainfrom
bump-ffmpeg-8.1
Closed

Update ffmpeg to 8.1 from 8.0.1#481
rob93c wants to merge 4 commits intomainfrom
bump-ffmpeg-8.1

Conversation

@rob93c
Copy link
Member

@rob93c rob93c commented Mar 19, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Reinforced CI/CD pipeline security by explicitly configuring write permissions and streamlining authentication token management across all deployment workflows
    • Updated FFmpeg dependency version in Docker builds to incorporate latest improvements and enhanced multimedia codec support for containerised deployments

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Mar 19, 2026
edited
Loading

📝 Walkthrough

Walkthrough

Updates CI/CD workflows and Docker configuration: adds explicit contents: write permissions and authentication token to the bump workflow, updates FFmpeg version reference in the bump comment, and upgrades the FFmpeg binary source from tag 8.0.1 to 8.1 in the Dockerfile.

Changes

Cohort / File(s) Summary
Workflow Configuration
.github/workflows/bump.yaml		 Added explicit contents: write permissions at workflow level and supplied explicit authentication token (secrets.BUMP_TOKEN) to actions/checkout@v6 step for consistent token handling.
CI/CD References
.github/workflows/unit-test.yml		 Updated inline version-detection comment from ffmpeg-ci to ffmpeg in bump pattern reference.
Docker Dependency
Dockerfile		 Updated FFmpeg binary source from mwader/static-ffmpeg:8.0.1 to mwader/static-ffmpeg:8.1.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

Suggested labels

dependencies, docker, cicd

Suggested reviewers

  • MartelliEnrico

Poem

🐰 A bump in the token, a version that grew,
FFmpeg ascends from eight-point-oh to new,
With permissions declared and checksums aligned,
The workflows now sparkle with security refined!

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'Update ffmpeg to 8.1 from 8.0.1' accurately and clearly summarizes the main change across all modified files—updating ffmpeg from version 8.0.1 to 8.1.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

📝 Coding Plan
  • Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Base automatically changed from fix-bump-action to main March 19, 2026 21:11
coderabbitai[bot]
coderabbitai bot requested changes Mar 20, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
Dockerfile (1)

6-6: Pin the FFmpeg image by digest for reproducible builds.

Using only 8.1 allows silent upstream tag retargeting. Please pin a digest to lock CI/CD and release artefacts.

Proposed change 
-COPY --from=mwader/static-ffmpeg:8.1 /ff* /usr/bin/
+COPY --from=mwader/static-ffmpeg:8.1@sha256:<resolved_digest> /ff* /usr/bin/
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Dockerfile` at line 6, Replace the floating tag in the multi-stage copy
source with a pinned digest: locate the COPY line referencing
"mwader/static-ffmpeg:8.1" (the line COPY --from=mwader/static-ffmpeg:8.1 /ff*
/usr/bin/) and change the source to the exact image digest
(mwader/static-ffmpeg@sha256:<digest>) obtained from the registry (e.g., via
docker pull or the image registry UI) so CI/repro builds always use the same
immutable image.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/unit-test.yml:
- Around line 29-30: CI is installing ffmpeg-version: 8.0.1 which mismatches the
runtime Docker image mwader/static-ffmpeg:8.1; update the ffmpeg-version entry
in .github/workflows/unit-test.yml from 8.0.1 to 8.1 so the unit-test workflow
uses the same FFmpeg release as the Dockerfile (confirm by locating the
mwader/static-ffmpeg:8.1 reference in the Dockerfile and keeping both versions
in sync).

---

Nitpick comments:
In `@Dockerfile`:
- Line 6: Replace the floating tag in the multi-stage copy source with a pinned
digest: locate the COPY line referencing "mwader/static-ffmpeg:8.1" (the line
COPY --from=mwader/static-ffmpeg:8.1 /ff* /usr/bin/) and change the source to
the exact image digest (mwader/static-ffmpeg@sha256:<digest>) obtained from the
registry (e.g., via docker pull or the image registry UI) so CI/repro builds
always use the same immutable image.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7b499e60-466f-471f-946f-8f4e0825ca0b

📥 Commits

Reviewing files that changed from the base of the PR and between 7970c2a and b794708.

📒 Files selected for processing (3)
  • .github/workflows/bump.yaml
  • .github/workflows/unit-test.yml
  • Dockerfile

.github/workflows/unit-test.yml
Comment on lines +29 to 30
# bump: ffmpeg /ffmpeg-version: ([\d.]+)/ docker:mwader/static-ffmpeg|/\d+\./|*
ffmpeg-version: 8.0.1
Copy link
Contributor

@coderabbitai coderabbitai bot Mar 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify FFmpeg version references in Dockerfile and workflows
set -euo pipefail
rg -n --type=yaml --type=dockerfile 'ffmpeg-version|mwader/static-ffmpeg'

Repository: Stickerifier/Stickerify

Length of output: 101

🏁 Script executed:

#!/bin/bash
# Verify FFmpeg version references across configuration files
set -euo pipefail

echo "=== Searching for ffmpeg-version in YAML files ==="
rg -n 'ffmpeg-version' --type yaml

echo ""
echo "=== Searching for mwader/static-ffmpeg in all files ==="
rg -n 'mwader/static-ffmpeg'

echo ""
echo "=== Checking Dockerfile for FFmpeg references ==="
fd -e Dockerfile -e dockerfile | head -5

Repository: Stickerifier/Stickerify

Length of output: 117

🏁 Script executed:

#!/bin/bash
# Check if the workflow file exists and read it
echo "=== Checking .github/workflows/unit-test.yml ==="
if [ -f ".github/workflows/unit-test.yml" ]; then
  wc -l ".github/workflows/unit-test.yml"
  echo ""
  sed -n '25,35p' ".github/workflows/unit-test.yml"
else
  echo "File not found"
fi

echo ""
echo "=== Find all YAML files in .github/workflows ==="
find .github/workflows -name "*.yml" -o -name "*.yaml" 2>/dev/null | head -10

Repository: Stickerifier/Stickerify

Length of output: 625

🏁 Script executed:

#!/bin/bash
# Check setup-ffmpeg action and Dockerfile
echo "=== Checking .github/actions/setup-ffmpeg/action.yml ==="
if [ -f ".github/actions/setup-ffmpeg/action.yml" ]; then
  cat -n ".github/actions/setup-ffmpeg/action.yml"
else
  echo "File not found"
fi

echo ""
echo "=== Find Dockerfile ==="
find . -name "Dockerfile" -type f

echo ""
echo "=== Check for any Docker image references ==="
rg 'mwader/static-ffmpeg' -n --no-heading

Repository: Stickerifier/Stickerify

Length of output: 2654

Align CI FFmpeg version with runtime (8.1).

Unit tests install ffmpeg-version: 8.0.1, while the Dockerfile deploys mwader/static-ffmpeg:8.1. This mismatch can allow regressions specific to 8.1 to slip through CI.

Proposed change 
-          ffmpeg-version: 8.0.1
+          ffmpeg-version: 8.1
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# bump: ffmpeg /ffmpeg-version: ([\d.]+)/ docker:mwader/static-ffmpeg|/\d+\./|*
ffmpeg-version: 8.0.1
# bump: ffmpeg /ffmpeg-version: ([\d.]+)/ docker:mwader/static-ffmpeg|/\d+\./|*
ffmpeg-version: 8.1
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/unit-test.yml around lines 29 - 30, CI is installing
ffmpeg-version: 8.0.1 which mismatches the runtime Docker image
mwader/static-ffmpeg:8.1; update the ffmpeg-version entry in
.github/workflows/unit-test.yml from 8.0.1 to 8.1 so the unit-test workflow uses
the same FFmpeg release as the Dockerfile (confirm by locating the
mwader/static-ffmpeg:8.1 reference in the Dockerfile and keeping both versions
in sync).

@rob93c rob93c closed this Mar 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rob93c