silverwind
0e7e5bad30
Add JSON linting ( #36192 )
...
Uses https://github.com/eslint/json to lint all JSON and JSONC files in the repo.
2025-12-19 06:27:21 +00:00
silverwind
9346820507
Bump setup-node to v6, re-enable cache ( #36207 )
2025-12-19 02:07:34 +00:00
GiteaBot
eac603b0db
[skip ci] Updated translations via Crowdin
2025-12-19 00:39:05 +00:00
Sebastian Ertz
14df4dc9c2
Update chroma to v2.21.1 ( #36201 )
...
https://github.com/alecthomas/chroma/releases/tag/v2.21.1
2025-12-18 23:26:18 +00:00
silverwind
2a80e23380
Disable dependabot automatic labels ( #36203 )
...
Disable dependabot's [automatic
labels](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#labels-- ),
we have `actions/labeler` to do this job. After this is merged, I will
delete the labels `dependencies` and `github_actions` that dependabot
had created.
2025-12-18 23:56:08 +01:00
dependabot[bot]
fbc2e8102b
Bump astral-sh/setup-uv from 6 to 7 ( #36198 )
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6
to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/setup-uv/releases ">astral-sh/setup-uv's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0 🌈 node24 and a lot of bugfixes</h2>
<h2>Changes</h2>
<p>This release comes with a load of bug fixes and a speed up. Because
of switching from node20 to node24 it is also a breaking change. If you
are running on GitHub hosted runners this will just work, if you are
using self-hosted runners make sure, that your runners are up to date.
If you followed the normal installation instructions your self-hosted
runner will keep itself updated.</p>
<p>This release also removes the deprecated input
<code>server-url</code> which was used to download uv releases from a
different server.
The <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#manifest-file ">manifest-file</a>
input supersedes that functionality by adding a flexible way to define
available versions and where they should be downloaded from.</p>
<h3>Fixes</h3>
<ul>
<li>The action now respects when the environment variable
<code>UV_CACHE_DIR</code> is already set and does not overwrite it. It
now also finds <a
href="https://docs.astral.sh/uv/reference/settings/#cache-dir ">cache-dir</a>
settings in config files if you set them.</li>
<li>Some users encountered problems that <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#disable-cache-pruning ">cache
pruning</a> took forever because they had some <code>uv</code> processes
running in the background. Starting with uv version <code>0.8.24</code>
this action uses <code>uv cache prune --ci --force</code> to ignore the
running processes</li>
<li>If you just want to install uv but not have it available in path,
this action now respects <code>UV_NO_MODIFY_PATH</code></li>
<li>Some other actions also set the env var <code>UV_CACHE_DIR</code>.
This action can now deal with that but as this could lead to unwanted
behavior in some edgecases a warning is now displayed.</li>
</ul>
<h3>Improvements</h3>
<p>If you are using minimum version specifiers for the version of uv to
install for example</p>
<pre lang="toml"><code>[tool.uv]
required-version = ">=0.8.17"
</code></pre>
<p>This action now detects that and directly uses the latest version.
Previously it would download all available releases from the uv repo
to determine the highest matching candidate for the version specifier,
which took much more time.</p>
<p>If you are using other specifiers like <code>0.8.x</code> this action
still needs to download all available releases because the specifier
defines an upper bound (not 0.9.0 or later) and "latest" would
possibly not satisfy that.</p>
<h2>🚨 Breaking changes</h2>
<ul>
<li>Use node24 instead of node20 <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/608 ">#608</a>)</li>
<li>Remove deprecated input server-url <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/607 ">#607</a>)</li>
</ul>
<h2>🐛 Bug fixes</h2>
<ul>
<li>Respect UV_CACHE_DIR and cache-dir <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/612 ">#612</a>)</li>
<li>Use --force when pruning cache <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/611 ">#611</a>)</li>
<li>Respect UV_NO_MODIFY_PATH <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/603 ">#603</a>)</li>
<li>Warn when <code>UV_CACHE_DIR</code> has changed <a
href="https://github.com/jamesbraza "><code>@jamesbraza</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/601 ">#601</a>)</li>
</ul>
<h2>🚀 Enhancements</h2>
<ul>
<li>Shortcut to latest version for minimum version specifier <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/598 ">#598</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>Bump dependencies <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/613 ">#613</a>)</li>
<li>Fix test-uv-no-modify-path <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/604 ">#604</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="681c641abahttps://redirect.github.com/astral-sh/setup-uv/issues/712 ">#712</a>)</li>
<li><a
href="2e85713bb0https://redirect.github.com/astral-sh/setup-uv/issues/715 ">#715</a>)</li>
<li><a
href="58b6d7b303https://redirect.github.com/astral-sh/setup-uv/issues/716 ">#716</a>)</li>
<li><a
href="e8b52af86ehttps://redirect.github.com/astral-sh/setup-uv/issues/714 ">#714</a>)</li>
<li><a
href="ed21f2f24fhttps://redirect.github.com/astral-sh/setup-uv/issues/695 ">#695</a>)</li>
<li><a
href="93202d8fbehttps://redirect.github.com/astral-sh/setup-uv/issues/709 ">#709</a>)</li>
<li><a
href="5ce090076dhttps://redirect.github.com/astral-sh/setup-uv/issues/708 ">#708</a>)</li>
<li><a
href="4180991cd9https://redirect.github.com/astral-sh/setup-uv/issues/707 ">#707</a>)</li>
<li><a
href="0439606c8ehttps://redirect.github.com/astral-sh/setup-uv/issues/698 ">#698</a>)</li>
<li><a
href="7dd56c18e9https://redirect.github.com/astral-sh/setup-uv/issues/706 ">#706</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/setup-uv/compare/v6...v7 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-18 22:41:25 +00:00
Lunny Xiao
30b5981338
Front port changelog ( #36193 )
...
Signed-off-by: silverwind <me@silverwind.io >
Co-authored-by: silverwind <me@silverwind.io >
2025-12-18 14:05:49 -08:00
dependabot[bot]
796d8b48ce
Bump dev-hanz-ops/install-gh-cli-action from 0.1.0 to 0.2.1 ( #36195 )
...
Bumps
[dev-hanz-ops/install-gh-cli-action](https://github.com/dev-hanz-ops/install-gh-cli-action )
from 0.1.0 to 0.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/releases ">dev-hanz-ops/install-gh-cli-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.1 - arm64 support</h2>
<ul>
<li>support arm64 architecture - <a
href="https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/pull/10 ">dev-hanz-ops/install-gh-cli-action#10</a>
(by <a
href="https://github.com/whatthefinemanual "><code>@whatthefinemanual</code></a>)</li>
</ul>
<h2>v0.2.0 - update to node20</h2>
<ul>
<li><a
href="8fff9050daaf38ce09b1eef2976cedhttps://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/10 ">#10</a>)</li>
<li><a
href="2d19dc38f3https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/8 ">#8</a>)</li>
<li><a
href="8fff9050da67bfd053934474568036https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/3 ">#3</a>)</li>
<li>See full diff in <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/compare/v0.1.0...v0.2.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 21:37:06 +00:00
dependabot[bot]
30bd81b563
Bump aws-actions/configure-aws-credentials from 4 to 5 ( #36196 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials )
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/releases ">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<p>NOTE: This release tag originally pointed to
59b441846ad109fa4a1549b73ef4e149c4bfb53b, but a critical bug was
discovered shortly after publishing. We updated this tag to
d0834ad3a60a024346910e522a81b0002bd37fea to prevent anyone using the
4.3.0 tag from encountering the bug, and we published 4.3.1 to allow
workflows to auto update correctly.</p>
<h3>Features</h3>
<ul>
<li>dependency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b05b3c89504637fe9a740bcbea70821e3f7c218721https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.0...v4.2.1 ">4.2.1</a>
(2025-05-14)</h2>
<h3>Bug Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md ">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1 ">5.1.1</a>
(2025-11-24)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>release 5.1.1 (<a
href="56d6a583f0https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0 ">5.1.0</a>
(2025-10-06)</h2>
<h3>Features</h3>
<ul>
<li>Add global timeout support (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487 ">#1487</a>)
(<a
href="1584b8b0e2https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="dde9b22a8ehttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485 ">#1485</a>)
(<a
href="97ef425d73https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486 ">#1486</a>)
(<a
href="cea42985achttps://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.1...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<h3>Features</h3>
<ul>
<li>depenency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b061815dcd50https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1564 ">#1564</a>)</li>
<li><a
href="56d6a583f04a54c24244https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1563 ">#1563</a>)</li>
<li><a
href="b2793c943dhttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1559 ">#1559</a>)</li>
<li><a
href="8c230bf21df7a5b07d53https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1558 ">#1558</a>)</li>
<li><a
href="730fc04382https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1555 ">#1555</a>)</li>
<li><a
href="bc0dd36aechttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1556 ">#1556</a>)</li>
<li><a
href="f2964c7281cf464951behttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1548 ">#1548</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4...v5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 20:59:23 +00:00
dependabot[bot]
e36a09fc44
Bump docker/build-push-action from 5 to 6 ( #36197 )
...
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action )
from 5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Export build record and generate <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">build
summary</a> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1120 ">docker/build-push-action#1120</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1132 ">docker/build-push-action#1132</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1136 ">docker/build-push-action#1136</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1138 ">docker/build-push-action#1138</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1137 ">docker/build-push-action#1137</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This major release adds support for generating <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">Build
summary</a> and exporting build record for your build. You can disable
this feature by setting <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary ">
<code>DOCKER_BUILD_SUMMARY: false</code> environment variable in your
workflow</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 ">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 </a></p>
<h2>v5.4.0</h2>
<ul>
<li>Show builder information before building by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1128 ">docker/build-push-action#1128</a></li>
<li>Handle attestations correctly with provenance and sbom inputs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1086 ">docker/build-push-action#1086</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1088 ">docker/build-push-action#1088</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1105 ">docker/build-push-action#1105</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1121 ">docker/build-push-action#1121</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1127 ">docker/build-push-action#1127</a></li>
<li>Bump undici from 5.28.3 to 5.28.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1090 ">docker/build-push-action#1090</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 ">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 </a></p>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080 ">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 ">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 </a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074 ">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia "><code>@favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019 ">docker/build-push-action#1019</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070 ">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057 ">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 ">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 </a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992 ">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren "><code>@elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980 ">docker/build-push-action#980</a></li>
<li>Bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991 ">docker/build-push-action#991</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990 ">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006 ">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 ">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318dhttps://redirect.github.com/docker/build-push-action/issues/1381 ">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e010bb1f27d6b5f9dbf956c0788c444d8https://redirect.github.com/docker/build-push-action/issues/1375 ">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f41dc7386353https://redirect.github.com/docker/build-push-action/issues/1364 ">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="9c9803f364db1f6c46e8721e8c79dehttps://github.com/docker/build-push-action/compare/v5...v6 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 20:09:24 +00:00
silverwind
b167de65b5
Enable dependabot for actions ( #36191 )
...
Enable dependabot for actions only. These should always be safe to
update as long as CI passes and some of them are lagging behind.
2025-12-18 20:12:29 +01:00
silverwind
f49e2b7294
Bump alpine to 3.23 ( #36185 )
2025-12-18 00:11:59 -05:00
Lunny Xiao
15df1f02ee
Use gitRepo as parameter instead of repopath when invoking sign functions ( #36162 )
...
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-17 21:55:08 +00:00
Lunny Xiao
c20415fd9f
Fix bug when creating pull request ( #36166 )
...
Extract from #36105
Fix #36116
Fix #35912
Fix #20906
2025-12-17 21:21:04 +00:00
silverwind
7d6a6d7fb4
Bump golangci-lint to 2.7.2, enable modernize stringsbuilder ( #36180 )
...
Fixes were done automatically by `make lint-go-fix`. These modernize
fixes are very readable.
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-17 20:50:53 +00:00
Lunny Xiao
8bf2ce31ea
Use a migration test instead of a wrong test which populated the meta test repositories and fix a migration bug ( #36160 )
...
The test `TestGiteaUploadUpdateGitForPullRequest` modified the shared
meta test repositories directly, so this PR removes that test and
replaces it with an integration test that migrates a real repository
from gitea.com into a local test instance.
This PR also fixes a bug where pull-request migrations were not
correctly syncing head branches to the database.
2025-12-17 12:00:07 -08:00
silverwind
2a648a1b01
Update JS deps and eslint enhancements ( #36147 )
...
- Update all JS deps
- Tested affected `dependencies`
- Replace eslint `unstable_native_nodejs_ts_config` with optional `jiti`
dependency. This will be more compatible with editor integrations that
may not pass this flag.
- Enable additional eslint rules, no new issues
- Move `typescript` to `devDependencies` because `make frontend` works
without it
2025-12-17 17:35:33 +00:00
silverwind
a821ee1c60
Add git.DIFF_RENAME_SIMILARITY_THRESHOLD option ( #36164 )
...
Make the threshold value passed to `git diff --find-renames` configurable
2025-12-17 10:02:32 +00:00
wxiaoguang
6cb9fe052a
Fix OrgAssignment opts ( #36174 )
...
Fix #36084
2025-12-17 17:19:22 +08:00
Dawid Góra
d591ccf053
Automatic generation of release notes ( #35977 )
...
Similar to GitHub, release notes can now be generated automatically.
The generator is server-side and gathers the merged PRs and contributors
and returns the corresponding Markdown text.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-17 02:01:19 +00:00
Sebastian Ertz
09287d10ab
Update chroma to v2.21.0 ( #36171 )
...
https://github.com/alecthomas/chroma/releases/tag/v2.21.0
2025-12-17 01:07:44 +00:00
GiteaBot
80ee9d8f90
[skip ci] Updated translations via Crowdin
2025-12-17 00:37:08 +00:00
Lunny Xiao
e78c56bcc7
Move blame to gitrepo ( #36161 )
2025-12-16 16:14:14 -08:00
silverwind
c79923a869
Enable bodyclose linter ( #36168 )
...
Enabe
[`bodyclose`](https://golangci-lint.run/docs/linters/configuration/#bodyclose ).
The only issue in non-test code (`services/migrations/dump.go`) was a
false-positive and I think there are a number of undetected cases, but I
guess it's still better than not having it.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-16 14:08:43 +01:00
TheFox0x7
2a2af2b7d6
fix nilnil in onedev downloader ( #36154 )
...
onedev migration never used the migration transport, it now uses it the
same way gogs one does
---
cuts 3 nilnils for https://github.com/go-gitea/gitea/issues/36152
2025-12-16 02:16:58 +00:00
a1012112796
c73ef08bbb
fix webAuthn insecure error view ( #36165 )
...
as you seen, in cureent status `initUserAuthWebAuthn` will prcheck
`window.isSecureContext`, if not ok, will hide the `passkey` btton and
return directly. I think it's not right, first, not show any error
message looks not a good ui, and it's looks will make an empty container
was show if the registion button was disabled also (maybe f-i-x #36115 ),
then initUserAuthWebAuthn has `window.isSecureContext` check also which
looks duplcate ref:
907d6c44cf/web_src/js/features/user-auth-webauthn.ts (L202-L206)https://github.com/user-attachments/assets/0eff43a0-18a6-4978-aa27-b4574fcf2601 )
Signed-off-by: a1012112796 <1012112796@qq.com >
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-15 21:03:52 +01:00
Lunny Xiao
9a432f3d33
Some small refactors ( #36163 )
2025-12-15 11:55:44 -08:00
Lunny Xiao
907d6c44cf
Remove undocumented support of signing key in the repository git configuration file ( #36143 )
...
Per-repository signing keys have never been officially supported, as
they would require users to modify the repository’s config file.
At this point, it is clear that only global signing keys (GPG or SSH)
should be allowed. If we want to introduce per-repository signing keys
in the future, it will require a complete design proposal.
The endpoint will not be removed for repository special signing key, but
it will reference the global signing key.
---------
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: delvh <dev.lh@web.de >
2025-12-14 17:34:45 +00:00
silverwind
4ed9be5603
Enable gocheckcompilerdirectives linter ( #36156 )
...
Enable
[`gocheckcompilerdirectives`](https://github.com/leighmcculloch/gocheckcompilerdirectives )
to validate compiler directives, no current violation.
2025-12-14 13:35:19 +00:00
wxiaoguang
58a48bce04
Fix code highlighting on blame page ( #36157 )
...
1. Full file highlighting (fix the legacy todo "we should instead
highlight the whole file at once")
* Fix #24383
2. Correctly covert file content encoding
3. Remove dead code, split large for-loop into small functions/blocks to
make code maintainable
2025-12-14 12:40:55 +02:00
Lunny Xiao
372d2e3968
Check user visibility when redirecting to a renamed user ( #36148 )
...
Fix #34169
2025-12-14 03:14:18 +01:00
Lunny Xiao
e106ce4b02
Fix bug when viewing the commit diff page with non-ANSI files ( #36149 )
...
Fix #35504
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-13 21:54:03 +08:00
silverwind
2c24ec84d4
Refactor FileTreeItem type ( #36137 )
2025-12-13 13:03:51 +00:00
wxiaoguang
658ac12f29
Fix various bugs ( #36139 )
...
* Fix #35768
* Fix #36064
* Fix #36051
* Fix cherry-pick panic
2025-12-12 18:56:05 +00:00
silverwind
638712ce73
Fix issue close timeline icon ( #36138 )
...
Previously there was a icon mismatch between a issue's label and the
timeline close event icon
2025-12-12 18:12:35 +00:00
silverwind
1a9de2c2cb
Add permissions tofiles-changed jobs ( #36142 )
...
Followup to https://github.com/go-gitea/gitea/pull/36140 .
`files-changed` is a job that imports another workflow via `uses`
statement but CodeQL still complains about lack of permissions on these
jobs, so add it. This will fix the remaining [3 CodeQL
issues](https://github.com/go-gitea/gitea/security/code-scanning?query=is%3Aopen+branch%3Amain+permissions ).
2025-12-12 18:38:59 +01:00
silverwind
7c3bd15b5e
Add explicit permissions to all actions workflows ( #36140 )
...
Explicitely specify all workflow
[`permissions`](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#permissions ).
This will fix [26 CodeQL
alerts](https://github.com/go-gitea/gitea/security/code-scanning?query=permissions+is%3Aopen+branch%3Amain+ ).
2025-12-12 16:48:29 +00:00
silverwind
4c36159da4
Bump actions/checkout to v6 ( #36136 )
...
https://github.com/actions/checkout#checkout-v6
Result of `perl -p -i -e
's#actions\/checkout\@v5#actions/checkout\@v6#g' .github/workflows/*`
2025-12-12 16:44:53 +01:00
Lunny Xiao
ccfe4df53c
Hide RSS icon when viewing a file not under a branch ( #36135 )
...
Fix #35855
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-12 10:26:15 +01:00
silverwind
86d6a8922e
Fix SVG size calulation, only use style attribute ( #36133 )
...
Fixes: https://github.com/go-gitea/gitea/issues/35863
The old code had a conflict between using HTML attributes vs. style
properties where the style was overriding the previously set HTML
attributes:
```html
<img width="300" height="277.02439470988946" style="width: 275px; height: 0px;">
```
I made it so in all cases only `style` properties are used and the
previous width/height values are now set via `style`. Also I did a
number of much-needed typescript improvements to the file.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-12 09:39:02 +02:00
junoberryferry
4bd80af4b9
Add sorting/filtering to admin user search API endpoint ( #36112 )
2025-12-12 05:12:06 +01:00
Lunny Xiao
8da7167869
Move some functions to gitrepo package to reduce RepoPath reference directly ( #36126 )
2025-12-12 01:15:40 +01:00
wxiaoguang
07b1da33ed
Make Golang correctly delete temp files during uploading ( #36128 )
...
Fix #36127
2025-12-11 19:59:42 +01:00
GiteaBot
1b85e13ebb
[skip ci] Updated translations via Crowdin
2025-12-11 00:39:32 +00:00
Lunny Xiao
8ebc6423ae
Support updating branch via API ( #35951 )
...
Resolve #35368
2025-12-10 19:23:26 +00:00
Lunny Xiao
19fc2650b4
Use gitrepo's clone and push when possible ( #36093 )
...
1 Move `IsRepositoryModelOrDirExist` and `CheckCreateRepository` to
service layer
2 Use `gitrepo.Pushxxx` instead of `git.Push` when possible
3 use `gitrepo.Clonexxx` instead of `gitrepo.Clone` when possible
2025-12-10 09:41:01 -08:00
wxiaoguang
feb0caf74a
Improve math rendering ( #36124 )
...
Fix #36108
Fix #36107
2025-12-10 15:49:24 +00:00
silverwind
7e1420a795
Add matching pair insertion to markdown textarea ( #36121 )
...
1. Our textarea already has some editor-like feature like tab
indentation, so I thought why not also add insertion of matching closing
quotes/brackets over selected text. This does that.
2. `textareaInsertText` is replaced with `replaceTextareaSelection`
which does the same but create a new edit history entry in the textarea
so CTRL-Z works. The button that inserts tables into the textarea can
now also be reverted via CTRL-Z, which was not possible before.
2025-12-10 07:30:50 +00:00
Ger Schinkel
e74d43a933
Changed a small typo in an error message and code comments. ( #36117 )
2025-12-09 10:14:05 -05:00
Lunny Xiao
9c197d6ed9
Fix possible bug when migrating issues/pull requests ( #33487 )
...
When migrating issues or pull requests from a big repository, some
issue/pull request maybe deleted when migrating. So that there will be
duplicated issues/pull requests because we are get information with
pagination. This PR introduced a map to record all migrated issue pull
request index when migrating to avoid the failure because of duplicated
records.
2025-12-07 23:09:10 -08:00
