GiteaBot
f183be7ecf
[skip ci] Updated translations via Crowdin
2025-12-25 21:37:43 +00:00
Lunny Xiao
e0dc172668
Use flatten translation keys ( #36225 )
...
Crowdin does not remove empty lines in nested JSON translation files.
Therefore, we use flattened translation keys instead. We have also
updated the key-loading logic to ensure that empty values are not
applied during translation.
---------
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com >
Co-authored-by: silverwind <me@silverwind.io >
2025-12-25 12:51:33 -08:00
silverwind
2662f75022
Replace CSRF cookie with CrossOriginProtection ( #36183 )
...
Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection )
which relies purely on HTTP headers.
Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107
TODOs:
- [x] Fix tests
- [ ] Ideally add tests to validates the protection
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com >
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-25 12:33:34 +02:00
silverwind
463af5289b
Remove fomantic form module ( #36222 )
...
- Replace fomantic form CSS with custom module
- Moved code in `form.css` to `modules/form.css`, removed around 70% of
the previous module.
- Moved captcha styles previously in `form.css` to its own file.
There is probably more unused CSS, like form error state colors which to
my knowledge is not used anywhere, but I'm not sure about that one so I
kept it.
One notable change is the removal of `type` combinator here, which
lowers the selector specificity and I noticed one issue where selector
`.ui.search > .prompt` was winning, so I added a workaround for that
until the `search` module can be removed as well.
```css
.ui.form .fields.error .field input:not([type])
.ui.form .fields.error .field input[type="date"]
```
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-23 18:21:47 +01:00
Max P.
15eabceaa6
Fix panic in blame view when a file has only a single commit ( #36230 )
...
This PR fixes a panic in the repository blame view that occurs when
rendering files whose blame history consists of only a single commit.
2025-12-23 14:26:29 +08:00
DaanSelen
15183a26a8
fix: spelling error in migrate-storage cmd utility ( #36226 )
...
Added closing quote which looks to be forgotten
Signed-off-by: DaanSelen <80752476+DaanSelen@users.noreply.github.com >
2025-12-22 10:55:41 +00:00
silverwind
d13e624d1d
Fix WebAuthn error checking ( #36219 )
...
Fixes: https://github.com/go-gitea/gitea/issues/36216
Now `detectWebAuthnSupport` returns the error type and lets the caller
decide whether they call `webAuthnError` and show the error. It no
longer shows the error during page load when the user has not even
interacted with the feature.
The bug affects all users on HTTP, so I think a quick fix release for
this might be good.
2025-12-21 18:24:41 +00:00
GiteaBot
c0e9221d63
[skip ci] Updated translations via Crowdin
2025-12-21 17:09:57 +00:00
Gregorius Bima Kharisma Wicaksana
0c09add843
refactor: extract helper functions from SearchIssues ( #36158 )
...
## Summary
This PR refactors the `SearchIssues` function in
`routers/api/v1/repo/issue.go` by extracting common logic into reusable
helper functions:
- `parseIssueIsClosed()`: Parses the "state" query parameter and returns
the corresponding `isClosed` option
- `parseIssueIsPull()`: Parses the "type" query parameter and returns
the corresponding `isPull` option
- `buildSearchIssuesRepoIDs()`: Builds the list of repository IDs for
issue search based on query parameters
### Benefits:
- Improved code readability
- Smaller, more focused functions
- Easier to test individual components
- Potential for reuse in other handlers
### Changes:
- Extracted 3 helper functions from the ~292 line `SearchIssues`
function
- No functional changes - behavior remains the same
- Proper error handling preserved
## Test plan
- [ ] Verify existing API tests pass
- [ ] Manual testing of `/repos/issues/search` endpoint
Ref: #35015
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-20 17:57:41 -08:00
GiteaBot
6b6e426ebd
[skip ci] Updated translations via Crowdin
2025-12-21 00:42:41 +00:00
Lunny Xiao
d6769a2c61
Revert "[skip ci] Updated translations via Crowdin"
...
This reverts commit a146f1c740
2025-12-20 09:15:26 -08:00
Scion
84ace48390
Closed milestones with no issues now show as 100% completed ( #36220 )
...
Closed milestones with 0 issues currently display as having 0%
completion. This makes sense if the milestone is still open, but if the
milestone is closed it seems like that it should show 100% completeness
instead.
Before:
<img width="1708" height="252" alt="image"
src="https://github.com/user-attachments/assets/0b58c78f-0609-44ee-8d58-bd67534c6164 "
/>
After:
<img width="1716" height="263" alt="image"
src="https://github.com/user-attachments/assets/3fb0044f-d76c-4888-9d60-640f2ca5fec6 "
/>
2025-12-20 16:16:20 +00:00
bytedream
160c4832c0
Show edit page confirmation dialog on tree view file change ( #36130 )
...
Currently, when editing or deleting a file and the edit/commit form has
changes, navigating the file tree will discard all changes without any
warning. This PR prevents partial reloading when the edit form has
unsaved changes, which will trigger a browser native warning dialog.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-20 02:29:39 +01:00
Peter Verraedt
b18ef611af
Fix regression in writing authorized principals ( #36213 )
...
Add additional logic with tests to restore the
previous behaviour when writing the principals file.
Fixes : #36212
---------
Signed-off-by: Peter Verraedt <peter.verraedt@kuleuven.be >
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-20 01:24:59 +00:00
GiteaBot
a146f1c740
[skip ci] Updated translations via Crowdin
2025-12-20 00:37:17 +00:00
Lunny Xiao
fa3a3b87d2
Convert locale files from ini to json format ( #35489 )
...
Migrate from the current INI format to JSON for translations. JSON is
widely supported, including by platforms such as Crowdin and Weblate.
2025-12-19 09:50:48 -08:00
dependabot[bot]
96a9925ee9
Bump crowdin/github-action from 1 to 2 ( #36204 )
...
Bumps [crowdin/github-action](https://github.com/crowdin/github-action )
from 1 to 2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crowdin/github-action/releases ">crowdin/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.0</h2>
<h2>What's Changed</h2>
<h3>Features</h3>
<ul>
<li>Now the Action uses the new <a
href="https://crowdin.github.io/crowdin-cli/blog/2024/05/28/cli-v4 ">CLI
v4</a></li>
</ul>
<h3>Deprecations</h3>
<p>Removed deprecated options:</p>
<ul>
<li><code>add_crowdin_branch</code></li>
<li><code>new_branch_title</code></li>
<li><code>new_branch_export_pattern</code></li>
<li><code>new_branch_priority</code></li>
<li><code>delete_crowdin_branch</code></li>
</ul>
<p>Instead, use the <code>command: branch add <name></code> to
create a new branch.</p>
<ul>
<li><code>identity</code> - this option doesn't make much sense in the
context of the GitHub action, where environment variables are a de facto
standard for credentials loading.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.4...v2.0.0 ">https://github.com/crowdin/github-action/compare/v1.20.4...v2.0.0 </a></p>
<h2>v1.20.4</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI <a
href="https://github.com/crowdin/crowdin-cli/releases/tag/3.19.4 ">3.19.4</a>
by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a></li>
<li>ci: upgrade actions by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a>
in <a
href="https://redirect.github.com/crowdin/github-action/pull/226 ">crowdin/github-action#226</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.3...v1.20.4 ">https://github.com/crowdin/github-action/compare/v1.20.3...v1.20.4 </a></p>
<h2>v1.20.3</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI <a
href="https://github.com/crowdin/crowdin-cli/releases/tag/3.19.3 ">3.19.3</a>
by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a></li>
<li>chore: deprecate the 'identity' option by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a>
in <a
href="https://redirect.github.com/crowdin/github-action/pull/224 ">crowdin/github-action#224</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.2...v1.20.3 ">https://github.com/crowdin/github-action/compare/v1.20.2...v1.20.3 </a></p>
<h2>v1.20.2</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI <a
href="https://github.com/crowdin/crowdin-cli/releases/tag/3.19.2 ">3.19.2</a>
by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.1...v1.20.2 ">https://github.com/crowdin/github-action/compare/v1.20.1...v1.20.2 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60debf382ehttps://redirect.github.com/crowdin/github-action/issues/298 ">#298</a>)</li>
<li><a
href="96b44e669708713f00a5https://redirect.github.com/crowdin/github-action/issues/294 ">#294</a>)</li>
<li><a
href="fb221ac1c8https://redirect.github.com/crowdin/github-action/issues/291 ">#291</a>)</li>
<li><a
href="0749939f639787f4fcb6590c05e09a9fd07c1c5b297234bae037201e27eehttps://redirect.github.com/crowdin/github-action/issues/283 ">#283</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/crowdin/github-action/compare/v1...v2 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: silverwind <me@silverwind.io >
2025-12-19 13:49:30 +00:00
dependabot[bot]
df50137833
Bump appleboy/git-push-action from 0.0.3 to 1.0.0 ( #36194 )
...
Bumps
[appleboy/git-push-action](https://github.com/appleboy/git-push-action )
from 0.0.3 to 1.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/appleboy/git-push-action/releases ">appleboy/git-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.0</h2>
<h2>Changelog</h2>
<h3>Enhancements</h3>
<ul>
<li>50ae8aaf06c6fc08b3d13da3aa03deb50d970125: chore(docker): improve
overall system performance and API integration (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>feea2e25baaa5ea24a9689a8af03f229ec1dd1a2: ci: improve testing
workflow and API usage (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>5d65d1094eb0415898554ba83c4f3196778f9a85: ci: improve testing
workflow and API usage (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>b31dd8d6e7ba1e80a96a4772d8c4290fe7bac0ce: build: update base image
in Dockerfile (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>fc585cfea49d10c08f8009f674c05961a0934647: ci(goreleaser): implement
automated release process with GoReleaser (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>b1e5e3d76ccb4afd43bc0859672a6f9113fa0458: ci(test): optimize CI
workflow and test configurations (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>8f1f45876617e5d74085a38164c421be39f099b3: docs(readme): refactor
codebase and improve test coverage (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b1e5e3d76c8f1f458766fc585cfea450ae8aaf06b31dd8d6e75d65d1094efeea2e25bahttps://github.com/appleboy/git-push-action/compare/v0.0.3...v1.0.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-19 11:28:11 +00:00
silverwind
6d163d3f5d
Fix labeler config for stylelint ( #36199 )
...
Followup to rename in
6603517025 (diff-cb3b3f608024ee0bd45ea10b08ca6d3fcf40523a3d40182a438937231d8b8072)
2025-12-19 09:47:03 +00:00
silverwind
d16f5f192e
Add modifies/dependencies label to dependabot ( #36206 )
...
`actions/labeler` can not detect dependency updates in actions because
it works on file level, so we need to let dependabot set this label.
2025-12-19 08:49:26 +00:00
silverwind
1d57f2b5d1
Add date to "No Contributions" tooltip ( #36190 )
...
Fixes https://github.com/go-gitea/gitea/issues/36188 via
52bbfd7a15https://github.com/user-attachments/assets/f06ca7d6-a141-499f-b6da-e46064a44846 "
/>
After:
<img width="292" height="78" alt="Screenshot 2025-12-18 at 17 08 36"
src="https://github.com/user-attachments/assets/b80f7391-7960-44ad-8184-ffab4c9a4ea7 "
/>
If there will be more changes in the future, we should vendor this
module.
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-19 09:48:53 +01:00
silverwind
0dc9cfbb54
Revert "Bump alpine to 3.23 ( #36185 )" ( #36202 )
...
Unbreak the release pipelines. The issue is caused by
https://gitlab.alpinelinux.org/alpine/aports/-/issues/17775 which
supposedly fixed in 3.23.2 and our build did use that version from what
I see, but maybe it's not fixed yet for `riscv`. We should try this
upgrade again later.
2025-12-18 23:18:01 -08:00
silverwind
0e7e5bad30
Add JSON linting ( #36192 )
...
Uses https://github.com/eslint/json to lint all JSON and JSONC files in the repo.
2025-12-19 06:27:21 +00:00
silverwind
9346820507
Bump setup-node to v6, re-enable cache ( #36207 )
2025-12-19 02:07:34 +00:00
GiteaBot
eac603b0db
[skip ci] Updated translations via Crowdin
2025-12-19 00:39:05 +00:00
Sebastian Ertz
14df4dc9c2
Update chroma to v2.21.1 ( #36201 )
...
https://github.com/alecthomas/chroma/releases/tag/v2.21.1
2025-12-18 23:26:18 +00:00
silverwind
2a80e23380
Disable dependabot automatic labels ( #36203 )
...
Disable dependabot's [automatic
labels](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#labels-- ),
we have `actions/labeler` to do this job. After this is merged, I will
delete the labels `dependencies` and `github_actions` that dependabot
had created.
2025-12-18 23:56:08 +01:00
dependabot[bot]
fbc2e8102b
Bump astral-sh/setup-uv from 6 to 7 ( #36198 )
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6
to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/setup-uv/releases ">astral-sh/setup-uv's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0 🌈 node24 and a lot of bugfixes</h2>
<h2>Changes</h2>
<p>This release comes with a load of bug fixes and a speed up. Because
of switching from node20 to node24 it is also a breaking change. If you
are running on GitHub hosted runners this will just work, if you are
using self-hosted runners make sure, that your runners are up to date.
If you followed the normal installation instructions your self-hosted
runner will keep itself updated.</p>
<p>This release also removes the deprecated input
<code>server-url</code> which was used to download uv releases from a
different server.
The <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#manifest-file ">manifest-file</a>
input supersedes that functionality by adding a flexible way to define
available versions and where they should be downloaded from.</p>
<h3>Fixes</h3>
<ul>
<li>The action now respects when the environment variable
<code>UV_CACHE_DIR</code> is already set and does not overwrite it. It
now also finds <a
href="https://docs.astral.sh/uv/reference/settings/#cache-dir ">cache-dir</a>
settings in config files if you set them.</li>
<li>Some users encountered problems that <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#disable-cache-pruning ">cache
pruning</a> took forever because they had some <code>uv</code> processes
running in the background. Starting with uv version <code>0.8.24</code>
this action uses <code>uv cache prune --ci --force</code> to ignore the
running processes</li>
<li>If you just want to install uv but not have it available in path,
this action now respects <code>UV_NO_MODIFY_PATH</code></li>
<li>Some other actions also set the env var <code>UV_CACHE_DIR</code>.
This action can now deal with that but as this could lead to unwanted
behavior in some edgecases a warning is now displayed.</li>
</ul>
<h3>Improvements</h3>
<p>If you are using minimum version specifiers for the version of uv to
install for example</p>
<pre lang="toml"><code>[tool.uv]
required-version = ">=0.8.17"
</code></pre>
<p>This action now detects that and directly uses the latest version.
Previously it would download all available releases from the uv repo
to determine the highest matching candidate for the version specifier,
which took much more time.</p>
<p>If you are using other specifiers like <code>0.8.x</code> this action
still needs to download all available releases because the specifier
defines an upper bound (not 0.9.0 or later) and "latest" would
possibly not satisfy that.</p>
<h2>🚨 Breaking changes</h2>
<ul>
<li>Use node24 instead of node20 <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/608 ">#608</a>)</li>
<li>Remove deprecated input server-url <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/607 ">#607</a>)</li>
</ul>
<h2>🐛 Bug fixes</h2>
<ul>
<li>Respect UV_CACHE_DIR and cache-dir <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/612 ">#612</a>)</li>
<li>Use --force when pruning cache <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/611 ">#611</a>)</li>
<li>Respect UV_NO_MODIFY_PATH <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/603 ">#603</a>)</li>
<li>Warn when <code>UV_CACHE_DIR</code> has changed <a
href="https://github.com/jamesbraza "><code>@jamesbraza</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/601 ">#601</a>)</li>
</ul>
<h2>🚀 Enhancements</h2>
<ul>
<li>Shortcut to latest version for minimum version specifier <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/598 ">#598</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>Bump dependencies <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/613 ">#613</a>)</li>
<li>Fix test-uv-no-modify-path <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/604 ">#604</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="681c641abahttps://redirect.github.com/astral-sh/setup-uv/issues/712 ">#712</a>)</li>
<li><a
href="2e85713bb0https://redirect.github.com/astral-sh/setup-uv/issues/715 ">#715</a>)</li>
<li><a
href="58b6d7b303https://redirect.github.com/astral-sh/setup-uv/issues/716 ">#716</a>)</li>
<li><a
href="e8b52af86ehttps://redirect.github.com/astral-sh/setup-uv/issues/714 ">#714</a>)</li>
<li><a
href="ed21f2f24fhttps://redirect.github.com/astral-sh/setup-uv/issues/695 ">#695</a>)</li>
<li><a
href="93202d8fbehttps://redirect.github.com/astral-sh/setup-uv/issues/709 ">#709</a>)</li>
<li><a
href="5ce090076dhttps://redirect.github.com/astral-sh/setup-uv/issues/708 ">#708</a>)</li>
<li><a
href="4180991cd9https://redirect.github.com/astral-sh/setup-uv/issues/707 ">#707</a>)</li>
<li><a
href="0439606c8ehttps://redirect.github.com/astral-sh/setup-uv/issues/698 ">#698</a>)</li>
<li><a
href="7dd56c18e9https://redirect.github.com/astral-sh/setup-uv/issues/706 ">#706</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/setup-uv/compare/v6...v7 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-18 22:41:25 +00:00
Lunny Xiao
30b5981338
Front port changelog ( #36193 )
...
Signed-off-by: silverwind <me@silverwind.io >
Co-authored-by: silverwind <me@silverwind.io >
2025-12-18 14:05:49 -08:00
dependabot[bot]
796d8b48ce
Bump dev-hanz-ops/install-gh-cli-action from 0.1.0 to 0.2.1 ( #36195 )
...
Bumps
[dev-hanz-ops/install-gh-cli-action](https://github.com/dev-hanz-ops/install-gh-cli-action )
from 0.1.0 to 0.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/releases ">dev-hanz-ops/install-gh-cli-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.1 - arm64 support</h2>
<ul>
<li>support arm64 architecture - <a
href="https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/pull/10 ">dev-hanz-ops/install-gh-cli-action#10</a>
(by <a
href="https://github.com/whatthefinemanual "><code>@whatthefinemanual</code></a>)</li>
</ul>
<h2>v0.2.0 - update to node20</h2>
<ul>
<li><a
href="8fff9050daaf38ce09b1eef2976cedhttps://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/10 ">#10</a>)</li>
<li><a
href="2d19dc38f3https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/8 ">#8</a>)</li>
<li><a
href="8fff9050da67bfd053934474568036https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/3 ">#3</a>)</li>
<li>See full diff in <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/compare/v0.1.0...v0.2.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 21:37:06 +00:00
dependabot[bot]
30bd81b563
Bump aws-actions/configure-aws-credentials from 4 to 5 ( #36196 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials )
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/releases ">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<p>NOTE: This release tag originally pointed to
59b441846ad109fa4a1549b73ef4e149c4bfb53b, but a critical bug was
discovered shortly after publishing. We updated this tag to
d0834ad3a60a024346910e522a81b0002bd37fea to prevent anyone using the
4.3.0 tag from encountering the bug, and we published 4.3.1 to allow
workflows to auto update correctly.</p>
<h3>Features</h3>
<ul>
<li>dependency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b05b3c89504637fe9a740bcbea70821e3f7c218721https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.0...v4.2.1 ">4.2.1</a>
(2025-05-14)</h2>
<h3>Bug Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md ">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1 ">5.1.1</a>
(2025-11-24)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>release 5.1.1 (<a
href="56d6a583f0https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0 ">5.1.0</a>
(2025-10-06)</h2>
<h3>Features</h3>
<ul>
<li>Add global timeout support (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487 ">#1487</a>)
(<a
href="1584b8b0e2https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="dde9b22a8ehttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485 ">#1485</a>)
(<a
href="97ef425d73https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486 ">#1486</a>)
(<a
href="cea42985achttps://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.1...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<h3>Features</h3>
<ul>
<li>depenency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b061815dcd50https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1564 ">#1564</a>)</li>
<li><a
href="56d6a583f04a54c24244https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1563 ">#1563</a>)</li>
<li><a
href="b2793c943dhttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1559 ">#1559</a>)</li>
<li><a
href="8c230bf21df7a5b07d53https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1558 ">#1558</a>)</li>
<li><a
href="730fc04382https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1555 ">#1555</a>)</li>
<li><a
href="bc0dd36aechttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1556 ">#1556</a>)</li>
<li><a
href="f2964c7281cf464951behttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1548 ">#1548</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4...v5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 20:59:23 +00:00
dependabot[bot]
e36a09fc44
Bump docker/build-push-action from 5 to 6 ( #36197 )
...
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action )
from 5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Export build record and generate <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">build
summary</a> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1120 ">docker/build-push-action#1120</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1132 ">docker/build-push-action#1132</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1136 ">docker/build-push-action#1136</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1138 ">docker/build-push-action#1138</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1137 ">docker/build-push-action#1137</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This major release adds support for generating <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">Build
summary</a> and exporting build record for your build. You can disable
this feature by setting <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary ">
<code>DOCKER_BUILD_SUMMARY: false</code> environment variable in your
workflow</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 ">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 </a></p>
<h2>v5.4.0</h2>
<ul>
<li>Show builder information before building by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1128 ">docker/build-push-action#1128</a></li>
<li>Handle attestations correctly with provenance and sbom inputs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1086 ">docker/build-push-action#1086</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1088 ">docker/build-push-action#1088</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1105 ">docker/build-push-action#1105</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1121 ">docker/build-push-action#1121</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1127 ">docker/build-push-action#1127</a></li>
<li>Bump undici from 5.28.3 to 5.28.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1090 ">docker/build-push-action#1090</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 ">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 </a></p>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080 ">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 ">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 </a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074 ">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia "><code>@favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019 ">docker/build-push-action#1019</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070 ">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057 ">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 ">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 </a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992 ">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren "><code>@elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980 ">docker/build-push-action#980</a></li>
<li>Bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991 ">docker/build-push-action#991</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990 ">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006 ">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 ">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318dhttps://redirect.github.com/docker/build-push-action/issues/1381 ">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e010bb1f27d6b5f9dbf956c0788c444d8https://redirect.github.com/docker/build-push-action/issues/1375 ">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f41dc7386353https://redirect.github.com/docker/build-push-action/issues/1364 ">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="9c9803f364db1f6c46e8721e8c79dehttps://github.com/docker/build-push-action/compare/v5...v6 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 20:09:24 +00:00
silverwind
b167de65b5
Enable dependabot for actions ( #36191 )
...
Enable dependabot for actions only. These should always be safe to
update as long as CI passes and some of them are lagging behind.
2025-12-18 20:12:29 +01:00
silverwind
f49e2b7294
Bump alpine to 3.23 ( #36185 )
2025-12-18 00:11:59 -05:00
Lunny Xiao
15df1f02ee
Use gitRepo as parameter instead of repopath when invoking sign functions ( #36162 )
...
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-17 21:55:08 +00:00
Lunny Xiao
c20415fd9f
Fix bug when creating pull request ( #36166 )
...
Extract from #36105
Fix #36116
Fix #35912
Fix #20906
2025-12-17 21:21:04 +00:00
silverwind
7d6a6d7fb4
Bump golangci-lint to 2.7.2, enable modernize stringsbuilder ( #36180 )
...
Fixes were done automatically by `make lint-go-fix`. These modernize
fixes are very readable.
Co-authored-by: Giteabot <teabot@gitea.io >
2025-12-17 20:50:53 +00:00
Lunny Xiao
8bf2ce31ea
Use a migration test instead of a wrong test which populated the meta test repositories and fix a migration bug ( #36160 )
...
The test `TestGiteaUploadUpdateGitForPullRequest` modified the shared
meta test repositories directly, so this PR removes that test and
replaces it with an integration test that migrates a real repository
from gitea.com into a local test instance.
This PR also fixes a bug where pull-request migrations were not
correctly syncing head branches to the database.
2025-12-17 12:00:07 -08:00
silverwind
2a648a1b01
Update JS deps and eslint enhancements ( #36147 )
...
- Update all JS deps
- Tested affected `dependencies`
- Replace eslint `unstable_native_nodejs_ts_config` with optional `jiti`
dependency. This will be more compatible with editor integrations that
may not pass this flag.
- Enable additional eslint rules, no new issues
- Move `typescript` to `devDependencies` because `make frontend` works
without it
2025-12-17 17:35:33 +00:00
silverwind
a821ee1c60
Add git.DIFF_RENAME_SIMILARITY_THRESHOLD option ( #36164 )
...
Make the threshold value passed to `git diff --find-renames` configurable
2025-12-17 10:02:32 +00:00
wxiaoguang
6cb9fe052a
Fix OrgAssignment opts ( #36174 )
...
Fix #36084
2025-12-17 17:19:22 +08:00
Dawid Góra
d591ccf053
Automatic generation of release notes ( #35977 )
...
Similar to GitHub, release notes can now be generated automatically.
The generator is server-side and gathers the merged PRs and contributors
and returns the corresponding Markdown text.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-12-17 02:01:19 +00:00
Sebastian Ertz
09287d10ab
Update chroma to v2.21.0 ( #36171 )
...
https://github.com/alecthomas/chroma/releases/tag/v2.21.0
2025-12-17 01:07:44 +00:00
GiteaBot
80ee9d8f90
[skip ci] Updated translations via Crowdin
2025-12-17 00:37:08 +00:00
Lunny Xiao
e78c56bcc7
Move blame to gitrepo ( #36161 )
2025-12-16 16:14:14 -08:00
silverwind
c79923a869
Enable bodyclose linter ( #36168 )
...
Enabe
[`bodyclose`](https://golangci-lint.run/docs/linters/configuration/#bodyclose ).
The only issue in non-test code (`services/migrations/dump.go`) was a
false-positive and I think there are a number of undetected cases, but I
guess it's still better than not having it.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-16 14:08:43 +01:00
TheFox0x7
2a2af2b7d6
fix nilnil in onedev downloader ( #36154 )
...
onedev migration never used the migration transport, it now uses it the
same way gogs one does
---
cuts 3 nilnils for https://github.com/go-gitea/gitea/issues/36152
2025-12-16 02:16:58 +00:00
a1012112796
c73ef08bbb
fix webAuthn insecure error view ( #36165 )
...
as you seen, in cureent status `initUserAuthWebAuthn` will prcheck
`window.isSecureContext`, if not ok, will hide the `passkey` btton and
return directly. I think it's not right, first, not show any error
message looks not a good ui, and it's looks will make an empty container
was show if the registion button was disabled also (maybe f-i-x #36115 ),
then initUserAuthWebAuthn has `window.isSecureContext` check also which
looks duplcate ref:
907d6c44cf/web_src/js/features/user-auth-webauthn.ts (L202-L206)https://github.com/user-attachments/assets/0eff43a0-18a6-4978-aa27-b4574fcf2601 )
Signed-off-by: a1012112796 <1012112796@qq.com >
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-15 21:03:52 +01:00
Lunny Xiao
9a432f3d33
Some small refactors ( #36163 )
2025-12-15 11:55:44 -08:00
Lunny Xiao
907d6c44cf
Remove undocumented support of signing key in the repository git configuration file ( #36143 )
...
Per-repository signing keys have never been officially supported, as
they would require users to modify the repository’s config file.
At this point, it is clear that only global signing keys (GPG or SSH)
should be allowed. If we want to introduce per-repository signing keys
in the future, it will require a complete design proposal.
The endpoint will not be removed for repository special signing key, but
it will reference the global signing key.
---------
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: delvh <dev.lh@web.de >
2025-12-14 17:34:45 +00:00
