main
57886 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
75923222c6 |
fix(pihole): update image ghcr.io/pi-hole/pihole 2026.07.1 → 2026.07.2 (#49989)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/pi-hole/pihole](https://redirect.github.com/pi-hole/docker-pi-hole) | patch | `3dd9cd9` → `f7d1be8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (ghcr.io/pi-hole/pihole)</summary> ### [`v2026.07.2`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.07.2) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.07.1...2026.07.2) <!-- Release notes generated using configuration in .github/release.yml at master --> Missing commit from previous release which is the docker-equivalent of the fix for [pi-hole/pi-hole/security/advisories/GHSA-h8w9-qx2v-wrww](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-h8w9-qx2v-wrww) - Move logrotate file to /etc/logrotate.d/pihole [`14b661a`](https://redirect.github.com/pi-hole/docker-pi-hole/commit/14b661a7471d755ed63b48bd2cb9a36149ba7213) by [@​yubiuser](https://redirect.github.com/yubiuser) **Full Changelog**: <https://github.com/pi-hole/docker-pi-hole/compare/2026.07.1...2026.07.2> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9waWhvbGUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
6b14566bcc |
fix(renovate): update image oci.trueforge.org/containerforge/renovate 43.252.5 → 43.252.8 (#49976)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [oci.trueforge.org/containerforge/renovate](https://ghcr.io/trueforge-org/renovate) ([source](https://redirect.github.com/renovate/renovate)) | patch | `2c0d811` → `8180958` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZW5vdmF0ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
6e86c8aa3e |
chore(tubesync): update image ghcr.io/meeb/tubesync digest to f1d04e9 (#49974)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/meeb/tubesync | digest | `c2cbeaf` → `f1d04e9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dWJlc3luYyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
80f8b09732 |
chore(memcached): update image docker.io/bitnamisecure/memcached digest to 8040a22 (#49973)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/memcached | digest | `19fe9b9` → `8040a22` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tZW1jYWNoZWQiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
0eea031ad9 |
chore(mariadb): update image docker.io/bitnamisecure/mariadb digest to a1b946e (#49972)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/mariadb | digest | `946c00e` → `a1b946e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tYXJpYWRiIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
410f634c8a |
chore(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine digest to 39f7fc9 (#49970)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | digest | `22f3041` → `39f7fc9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
1c186ce7d1 |
chore(lyrion-music-server): update image docker.io/lmscommunity/lyrionmusicserver digest to 620cb68 (#49971)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/lmscommunity/lyrionmusicserver | digest | `2f3c3dd` → `620cb68` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9seXJpb24tbXVzaWMtc2VydmVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
7c750dcdb0 |
feat(pihole): update image ghcr.io/pi-hole/pihole 2026.06.0 → 2026.07.1 (#49969)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/pi-hole/pihole](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `8ea9513` → `3dd9cd9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (ghcr.io/pi-hole/pihole)</summary> ### [`v2026.07.1`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.07.1) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.07.0...2026.07.1) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed - Restore --no-cache flag for apk by [@​casperklein](https://redirect.github.com/casperklein) in [#​2056](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2056) **Full Changelog**: <https://github.com/pi-hole/docker-pi-hole/compare/2026.07.0...2026.07.1> ### [`v2026.07.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.07.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.06.0...2026.07.0) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (Docker Specific) - Add ShellCheck CI and fix reported issues by [@​lightswitch05](https://redirect.github.com/lightswitch05) in [#​2039](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2039) - Make crond and cron job output visible in "docker log" by [@​casperklein](https://redirect.github.com/casperklein) in [#​2035](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2035) - feat: optimize Docker build caching by [@​lightswitch05](https://redirect.github.com/lightswitch05) in [#​2038](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2038) - remove buildkit cache mount from apk add layer by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​2049](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2049) **Full Changelog**: <https://github.com/pi-hole/docker-pi-hole/compare/2026.04.1...2026.07.0> <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (FTL v6.7) - Performance optimizations and bug fixes by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2816](https://redirect.github.com/pi-hole/FTL/pull/2816) - fix: check NULL returns from strdup/calloc in rotate\_files() by [@​jluzzi123](https://redirect.github.com/jluzzi123) in [pi-hole/FTL#2875](https://redirect.github.com/pi-hole/FTL/pull/2875) - Make error messages more human friendly by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2878](https://redirect.github.com/pi-hole/FTL/pull/2878) - Harden API/database races in civetweb and DB threads by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2881](https://redirect.github.com/pi-hole/FTL/pull/2881) - Update embedded SQLite3 to v3.53.1 by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2891](https://redirect.github.com/pi-hole/FTL/pull/2891) - Fix build on Fedora 44 by [@​darkexplosiveqwx](https://redirect.github.com/darkexplosiveqwx) in [pi-hole/FTL#2893](https://redirect.github.com/pi-hole/FTL/pull/2893) - macvendor: resolve sub-allocated blocks (MA-M/MA-S) via longest-prefix match by [@​RamSet](https://redirect.github.com/RamSet) in [pi-hole/FTL#2907](https://redirect.github.com/pi-hole/FTL/pull/2907) - Update embedded dnsmasq to v2.93 by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2890](https://redirect.github.com/pi-hole/FTL/pull/2890) - fix OOB write in FTL\_parse\_pseudoheaders when optlen is 0 by [@​rdevshp](https://redirect.github.com/rdevshp) in [pi-hole/FTL#2910](https://redirect.github.com/pi-hole/FTL/pull/2910) - Update a single text description "PRIVATE KEY" by [@​DoctorD90](https://redirect.github.com/DoctorD90) in [pi-hole/FTL#2884](https://redirect.github.com/pi-hole/FTL/pull/2884) - add optional dnsmasq features to cmake by [@​darkexplosiveqwx](https://redirect.github.com/darkexplosiveqwx) in [pi-hole/FTL#2874](https://redirect.github.com/pi-hole/FTL/pull/2874) - Fix building on alpine 3.24 by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2911](https://redirect.github.com/pi-hole/FTL/pull/2911) - Bats by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2872](https://redirect.github.com/pi-hole/FTL/pull/2872) - Improve crash backtraces for non-reproducible faults by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2880](https://redirect.github.com/pi-hole/FTL/pull/2880) - Fix gzip.c inflate\_buffer CRC signed left shift undefined behavior by [@​rdevshp](https://redirect.github.com/rdevshp) in [pi-hole/FTL#2916](https://redirect.github.com/pi-hole/FTL/pull/2916) - Fix for iCloud Private Relay zones by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2919](https://redirect.github.com/pi-hole/FTL/pull/2919) - fix tar parsing by [@​rdevshp](https://redirect.github.com/rdevshp) in [pi-hole/FTL#2914](https://redirect.github.com/pi-hole/FTL/pull/2914) - Allow using local `manuf`s to generate macvendor.db by [@​darkexplosiveqwx](https://redirect.github.com/darkexplosiveqwx) in [pi-hole/FTL#2918](https://redirect.github.com/pi-hole/FTL/pull/2918) - Use custom message for UNIQUE constraint error message by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/FTL#2879](https://redirect.github.com/pi-hole/FTL/pull/2879) - Re-resolve client groups event-driven, drop periodic recheck by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2922](https://redirect.github.com/pi-hole/FTL/pull/2922) - Guard against invalid gzip data in gzip.c inflate\_buffer by [@​rdevshp](https://redirect.github.com/rdevshp) in [pi-hole/FTL#2915](https://redirect.github.com/pi-hole/FTL/pull/2915) - Fix BATS test of no ERRORS in FTL.log to allow capturing the output by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2927](https://redirect.github.com/pi-hole/FTL/pull/2927) - fix(cli): warn when --config cannot read pihole.toml ([#​2849](https://redirect.github.com/pi-hole/docker-pi-hole/issues/2849)) by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2930](https://redirect.github.com/pi-hole/FTL/pull/2930) - fix(api-docs): correct three OpenAPI spec issues ([#​2867](https://redirect.github.com/pi-hole/docker-pi-hole/issues/2867)) by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2929](https://redirect.github.com/pi-hole/FTL/pull/2929) - fix: avoid segfault in dnsmasq-test on unreadable config file by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2928](https://redirect.github.com/pi-hole/FTL/pull/2928) - Fix prefix-match bug and improve fallthrough logging in redirect\_root\_handler by [@​slmingol](https://redirect.github.com/slmingol) in [pi-hole/FTL#2933](https://redirect.github.com/pi-hole/FTL/pull/2933) - Swap misaligned comments for domain-needed and expand-hosts. by [@​0xpsyduck](https://redirect.github.com/0xpsyduck) in [pi-hole/FTL#2932](https://redirect.github.com/pi-hole/FTL/pull/2932) - Code review July 2026 by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2935](https://redirect.github.com/pi-hole/FTL/pull/2935) - Pi-hole FTL v6.7 by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [pi-hole/FTL#2936](https://redirect.github.com/pi-hole/FTL/pull/2936) #### New Contributors - [@​jluzzi123](https://redirect.github.com/jluzzi123) made their first contribution in [pi-hole/FTL#2875](https://redirect.github.com/pi-hole/FTL/pull/2875) - [@​RamSet](https://redirect.github.com/RamSet) made their first contribution in [pi-hole/FTL#2907](https://redirect.github.com/pi-hole/FTL/pull/2907) - [@​rdevshp](https://redirect.github.com/rdevshp) made their first contribution in [pi-hole/FTL#2910](https://redirect.github.com/pi-hole/FTL/pull/2910) - [@​DoctorD90](https://redirect.github.com/DoctorD90) made their first contribution in [pi-hole/FTL#2884](https://redirect.github.com/pi-hole/FTL/pull/2884) - [@​slmingol](https://redirect.github.com/slmingol) made their first contribution in [pi-hole/FTL#2933](https://redirect.github.com/pi-hole/FTL/pull/2933) - [@​0xpsyduck](https://redirect.github.com/0xpsyduck) made their first contribution in [pi-hole/FTL#2932](https://redirect.github.com/pi-hole/FTL/pull/2932) **Full Changelog**: <https://github.com/pi-hole/FTL/compare/v6.6.2...v6.7> <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (Core v6.4.3) - Also hardcode the PID file location in utils.sh to prevent `readonly variable` warning by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [pi-hole/pi-hole#6613](https://redirect.github.com/pi-hole/pi-hole/pull/6613) - Use `awk` to compare curl versions by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6621](https://redirect.github.com/pi-hole/pi-hole/pull/6621) - Explicitly add `gawk` to APK dependencies by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6622](https://redirect.github.com/pi-hole/pi-hole/pull/6622) - Prevent double error message output in gravity run with invalid file by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [pi-hole/pi-hole#6607](https://redirect.github.com/pi-hole/pi-hole/pull/6607) - Replace pytest/tox with direct in-container BATS by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [pi-hole/pi-hole#6598](https://redirect.github.com/pi-hole/pi-hole/pull/6598) - Add Fedora 44 and Ubuntu 26.04 LTS to tests by [@​darkexplosiveqwx](https://redirect.github.com/darkexplosiveqwx) in [pi-hole/pi-hole#6623](https://redirect.github.com/pi-hole/pi-hole/pull/6623) - Add gravity tests by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6639](https://redirect.github.com/pi-hole/pi-hole/pull/6639) - Set BATS pretty output flag depending on the terminal and improve failure output by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6644](https://redirect.github.com/pi-hole/pi-hole/pull/6644) - fix: check return codes in gravity\_build\_tree and database\_recovery() by [@​jluzzi123](https://redirect.github.com/jluzzi123) in [pi-hole/pi-hole#6630](https://redirect.github.com/pi-hole/pi-hole/pull/6630) - Include alpine 3.24 in tests by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6654](https://redirect.github.com/pi-hole/pi-hole/pull/6654) - installer: fix custom DNS entry when only one upstream server is provided by [@​Gilmoursa](https://redirect.github.com/Gilmoursa) in [pi-hole/pi-hole#6638](https://redirect.github.com/pi-hole/pi-hole/pull/6638) - Fix BATS gravity test on curl version >=8.21 by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6661](https://redirect.github.com/pi-hole/pi-hole/pull/6661) - avoid copytruncate in logrotate by [@​darkexplosiveqwx](https://redirect.github.com/darkexplosiveqwx) in [pi-hole/pi-hole#6642](https://redirect.github.com/pi-hole/pi-hole/pull/6642) #### New Contributors - [@​jluzzi123](https://redirect.github.com/jluzzi123) made their first contribution in [pi-hole/pi-hole#6630](https://redirect.github.com/pi-hole/pi-hole/pull/6630) - [@​Gilmoursa](https://redirect.github.com/Gilmoursa) made their first contribution in [pi-hole/pi-hole#6638](https://redirect.github.com/pi-hole/pi-hole/pull/6638) **Full Changelog**: <https://github.com/pi-hole/pi-hole/compare/v6.4.2...v6.4.3> <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (Web v6.6) - Improve DHCP static leases interface (alternative) by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3766](https://redirect.github.com/pi-hole/web/pull/3766) - Lists page - Improve hints and help text by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3798](https://redirect.github.com/pi-hole/web/pull/3798) - Update daterangepicker ranges everytime the picker is shown by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3793](https://redirect.github.com/pi-hole/web/pull/3793) - Better user interface to edit reverse DNS servers (dns.revServers) by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3769](https://redirect.github.com/pi-hole/web/pull/3769) **Full Changelog**: <https://github.com/pi-hole/web/compare/v6.5.1...v6.6> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9waWhvbGUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |
||
|
|
b76e2c0393 | fix(tailscale): update image docker.io/tailscale/tailscale v1.98.4 → v1.98.8 (#49968) | ||
|
|
213c5d2127 |
fix(kubernetes-reflector): update image ghcr.io/emberstack/kubernetes-reflector 10.0.55 → 10.0.56 (#49965)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/emberstack/kubernetes-reflector](https://redirect.github.com/emberstack/kubernetes-reflector) | patch | `5dcceff` → `92ed094` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>emberstack/kubernetes-reflector (ghcr.io/emberstack/kubernetes-reflector)</summary> ### [`v10.0.56`](https://redirect.github.com/emberstack/kubernetes-reflector/releases/tag/v10.0.56) [Compare Source](https://redirect.github.com/emberstack/kubernetes-reflector/compare/v10.0.55...v10.0.56) The release process is automated. #### What's Changed - build(deps): bump gittools/actions from 4.5.0 to 4.6.0 in the all-dependencies group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​675](https://redirect.github.com/emberstack/kubernetes-reflector/pull/675) - build(deps): bump gittools/actions from 4.6.0 to 4.7.0 in the all-dependencies group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​677](https://redirect.github.com/emberstack/kubernetes-reflector/pull/677) - Bump the all-dependencies group with 7 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​678](https://redirect.github.com/emberstack/kubernetes-reflector/pull/678) - Bump the all-dependencies group with 6 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​679](https://redirect.github.com/emberstack/kubernetes-reflector/pull/679) **Full Changelog**: <https://github.com/emberstack/kubernetes-reflector/compare/v10.0.55...v10.0.56> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9rdWJlcm5ldGVzLXJlZmxlY3RvciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
dd94823dc3 |
fix(grav): update image ghcr.io/linuxserver/grav 2.0.7 → 2.0.8 (#49964)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/grav](https://redirect.github.com/linuxserver/docker-grav/packages) ([source](https://redirect.github.com/linuxserver/docker-grav)) | patch | `04d8b11` → `51b694f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ncmF2IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
bd1459b4a7 |
fix(pocketmine-mp): update image ghcr.io/pmmp/pocketmine-mp 5.44.2 → 5.44.3 (#49967)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/pmmp/pocketmine-mp | patch | `82aea44` → `58bc978` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9wb2NrZXRtaW5lLW1wIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
ead2cd5272 |
chore(searxng): update image docker.io/searxng/searxng digest to 368b4ec (#49962)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/searxng/searxng | digest | `b7492e1` → `368b4ec` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zZWFyeG5nIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
f5fd62759d | chore(mongodb): update image docker.io/bitnamisecure/mongodb digest to c65378e (#49961) | ||
|
|
c4e06d1d86 |
chore(it-tools): update image oci.trueforge.org/containerforge/it-tools digest to 378da3b (#49960)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [oci.trueforge.org/containerforge/it-tools](https://ghcr.io/trueforge-org/it-tools) ([source](https://redirect.github.com/CorentinTh/it-tools)) | digest | `bf09afe` → `378da3b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9pdC10b29scyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
d12cfd46ea |
chore(dashy): update image ghcr.io/lissy93/dashy digest to 7e35627 (#49959)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/lissy93/dashy | digest | `cab27aa` → `7e35627` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kYXNoeSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
91e5cf264d |
fix(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine 2.23.3 → 2.23.4 (#49963)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | patch | `1f73856` → `22f3041` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>automatic-ripping-machine/automatic-ripping-machine (docker.io/automaticrippingmachine/automatic-ripping-machine)</summary> ### [`v2.23.4`](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/releases/tag/2.23.4) [Compare Source](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/compare/2.23.3...2.23.4) #### What's Changed - Bump docker/login-action from 4.2.0 to 4.4.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1783](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/pull/1783) - Bump docker/metadata-action from 6.1.0 to 6.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1781](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/pull/1781) - Bump docker/setup-buildx-action from 4.1.0 to 4.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1780](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/pull/1780) - Bump actions/checkout from 6 to 7 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1775](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/pull/1775) - Bump arm-dependencies from `e944a51` to `1773f53` by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1773](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/pull/1773) - Bump automaticrippingmachine/arm-dependencies from 1.7.3 to 1.7.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1772](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine/pull/1772) **Full Changelog**: <https://github.com/automatic-ripping-machine/automatic-ripping-machine/compare/2.23.3...2.23.4> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
69fcbc794d |
fix(local-ai): update image docker.io/localai/localai v4.6.1 → v4.6.2 (#49966)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/localai/localai](https://redirect.github.com/mudler/LocalAI) | patch | `dfe2e6c` → `d07e9b7` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>mudler/LocalAI (docker.io/localai/localai)</summary> ### [`v4.6.2`](https://redirect.github.com/mudler/LocalAI/releases/tag/v4.6.2) [Compare Source](https://redirect.github.com/mudler/LocalAI/compare/v4.6.1...v4.6.2) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### 👒 Dependencies - chore(deps): bump actions/cache from 4 to 6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​10704](https://redirect.github.com/mudler/LocalAI/pull/10704) ##### Other Changes - refactor: use slices.Contains to simplify code by [@​weifanglab](https://redirect.github.com/weifanglab) in [#​10702](https://redirect.github.com/mudler/LocalAI/pull/10702) - fix(ci): shard single-arch backend matrix under GitHub's 256-job limit by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10703](https://redirect.github.com/mudler/LocalAI/pull/10703) - chore(model gallery): add MiniCPM series models by [@​ZMXJJ](https://redirect.github.com/ZMXJJ) in [#​10699](https://redirect.github.com/mudler/LocalAI/pull/10699) #### New Contributors - [@​weifanglab](https://redirect.github.com/weifanglab) made their first contribution in [#​10702](https://redirect.github.com/mudler/LocalAI/pull/10702) - [@​ZMXJJ](https://redirect.github.com/ZMXJJ) made their first contribution in [#​10699](https://redirect.github.com/mudler/LocalAI/pull/10699) **Full Changelog**: <https://github.com/mudler/LocalAI/compare/v4.6.1...v4.6.2> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9sb2NhbC1haSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
4065d16a1e | feat(victoriametrics): update image docker.io/victoriametrics/victoria-metrics v1.146.0 → v1.147.0 (#49955) | ||
|
|
320719db9c |
fix(renovate): update image oci.trueforge.org/containerforge/renovate 43.252.1 → 43.252.5 (#49954)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [oci.trueforge.org/containerforge/renovate](https://ghcr.io/trueforge-org/renovate) ([source](https://redirect.github.com/renovate/renovate)) | patch | `7daa696` → `2c0d811` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZW5vdmF0ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
d17817ed76 |
feat(wekan): update image docker.io/wekanteam/wekan v9.78 → v9.80 (#49956)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `bb5d0be` → `9b55511` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.80`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v980-2026-07-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.79...v9.80) This release adds the following new features: - **[Admin Panel Domains table: pagination, column sort and search (like the Board Table view)](https://redirect.github.com/wekan/wekan/issues/5850)**: The Admin Panel > People > Domains table loaded every domain (aggregated from all users) into the browser at once, with a fixed order and no search. It now behaves like the Board Table view: the server aggregates the domains and returns only one small page, so the whole list is never sent to the browser. You can order by the Domain or Users column (click the header to toggle ascending / descending, with a ▲/▼ indicator) and filter with a search box; prev/next controls page through the results. The search + sort + slice runs in the new pure, unit-tested `models/lib/domainTablePage.js` behind a new `getDomainsWithUserCountsPage` admin method (`server/models/users.js`), and the `domainGeneral` template (`client/components/settings/peopleBody.{jade,js,css}`) is now self-contained and fetches only the current page. Covered by `tests/domainTablePage.test.cjs`. Thanks to xet7. and adds the following tests: - **[Verified and added a regression test for the board-invitation email language](https://redirect.github.com/wekan/wekan/commit/dfa6c78d4f032a698f6feaad189c86da903d27fb)**: Confirmed that a board-invitation email is localised in the existing recipient's own profile language, or — when the invitee is a new account created by the invite — in the inviter's profile language, defaulting to `en` (`en.i18n.json`) when none is set. The behaviour was already correct; the language choice is now extracted into the pure, unit-tested `models/lib/inviteEmailLanguage.js` used by `inviteUserToBoard`, and locked in by `tests/inviteEmailLanguage.test.cjs`. Thanks to xet7. and fixes the following bugs: - **[Linked-card minicard now shows the cover image of the real card](https://redirect.github.com/wekan/wekan/commit/9ef7f4a07a6b40a2582af24b27fe133119adcd18)**: A linked card (created by "Link card to this card") on one board did not show the cover image of the real card it points at on another board, even though the card's other fields did. A linked card is only a placeholder — its real content lives on the card at `linkedId` — and every other minicard getter resolves through the real card (`getTitle`/`getReceived`/`getDue`/…), but the cover helpers read `this.coverId` directly, and a linked card has no `coverId` of its own. The real card's cover attachment is already published to the linking board (see the "linked cards" / "attachments for linked cards" children of the `board` publication), so this was purely a client-side resolution gap. `Card.cover()` and the minicard `cover()` helper now resolve the cover id through the real card via the pure, unit-tested `models/lib/linkedCardCover.js`; normal cards are unaffected. Covered by `tests/linkedCardCover.test.cjs`. Thanks to 32Dexter and xet7. - **[Fix date-picker calendar stays fully visible when opened low on a scrolled page](https://redirect.github.com/wekan/wekan/commit/7a0eb61c0a4d3ace60f95cfbda7c1d70dff665ef)**: Opening a date field (due/start/end date, or a date custom field) low on the screen showed the calendar popup extending past the visible area, and — because the pop-over is `position: absolute` (document coordinates) — scrolling to reach it moved the calendar along with the page, so the full calendar could never be seen (the workaround was to close it, drag the field to the center and reopen). `Popup._getOffset` computed the space above/below the opener and the clamped `top` from the opener's DOCUMENT offset mixed with the VIEWPORT height, ignoring the page scroll, so on a scrolled page the anchored popup landed outside the visible viewport. The geometry now runs in viewport coordinates (subtracting the page scroll) and clamps the popup fully within the visible viewport, then converts back to document coordinates for the absolute style; when the page is not scrolled the output is unchanged. Extracted the math into the pure, unit-tested `client/lib/popupOffset.js`, used by `client/lib/popup.js`. Covered by `tests/popupOffset.test.cjs`. Thanks to MarcusDger and xet7. Thanks to above GitHub users for their contributions and translators for their translations. ### [`v9.79`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v979-2026-07-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.78...v9.79) This release fixes the following bugs: - **[Fix #​6439: Custom (drag order) sort on All Boards page now reorders via drag-and-drop](https://redirect.github.com/wekan/wekan/commit/f8e31745d8104c58dc7bbcb4c1e4c615141a8e82)**: On the All Boards page the jQuery-ui sortable that reordered boards in the "Custom (drag order)" mode was removed when the page switched to HTML5 drag-and-drop for workspaces, and nothing replaced it, so dragging a board showed a not-allowed cursor and never updated `profile.boardSortIndex`. Added HTML5 `dragover`/`drop` reorder handlers on the board tiles in `client/components/boards/boardsList.js` (active only in the custom sort mode), a `setBoardSortIndexes` helper in `models/users.js` to persist the new order in one write, a drop-hint style in `client/components/boards/boardsList.css`, and extracted the reorder decision/index math into the pure, unit-tested `models/lib/boardSortReorder.js`. Covered by `tests/boardSortReorder.test.cjs`. Thanks to jullbo and xet7. - **[Fix #​6440: '+' add-item button on minicard checklist does nothing](https://redirect.github.com/wekan/wekan/commit/dd90995db74593228d40bc504405620ec09c175d)**: On the minicard the checklist add-item `<form>` is rendered inside the `a.minicard-wrapper` anchor, so the native form `submit` event never reached the Blaze event map — the [#​5565](https://redirect.github.com/wekan/wekan/issues/5565) minicard-checklist work wired only a `submit .js-add-checklist-item` handler (which never fires there) and gave the Save button no click handler, so clicking "+" Save did nothing. Added an explicit `click .js-submit-add-checklist-item-form` handler in `client/components/cards/minicard.js` (mirroring the working edit-item button) that inserts the item, with the blank-input guard and title parsing extracted into the pure, Meteor-free `models/lib/checklistItemTitles.js`. Card-detail checklists are unaffected. Covered by `tests/checklistItemTitles.test.cjs`. Thanks to jullbo and xet7. - **[Fix #​6441: label filter now applies board-wide across all swimlanes](https://redirect.github.com/wekan/wekan/commit/9dca403782d476eb3c593fe614848ef02bb7f5a3)**: A label filter hid non-matching cards in one swimlane (e.g. "Focus") but left another swimlane (e.g. "Background") unfiltered. Each list scopes its cards to the current swimlane while also showing shared/orphaned cards that have no swimlane; that fallback was written as a bare top-level `$or`, which competes with the board Filter's own top-level `$or` (label/member criteria) when the two selectors are combined — dropping the label criterion in every swimlane except the default one. The swimlane-membership fallback is now a single `swimlaneId: { $in: [id, null, ''] }` clause (the same form already used in `sidebarFilters.js`, `cardDetails.js` and `dialogWithBoardSwimlaneList.js`), extracted to the pure, unit-tested `models/lib/swimlaneFilter.js` and used by `client/components/lists/listBody.js` and `models/lists.js`, so no second `$or` exists and the filter is always `$and`-combined and applied board-wide. Covered by `tests/swimlaneFilter.test.cjs`. Thanks to jullbo and xet7. - **[Fix flaky server-side Mocha test (i18n zh-CN "is not a spy")](https://redirect.github.com/wekan/wekan/commit/fc4eadedc9109602ee029b60c44eeda869aa98c3)**: The server-side Mocha suite intermittently reported "1 failing" on the [#​5756](https://redirect.github.com/wekan/wekan/issues/5756) `imports/i18n/i18n.test.js` region-tag test with `TypeError: [Function] is not a spy`. The assertion re-read `TAPi18n.i18n.addResourceBundle`, and the sinon-chai matcher (routed through chai-as-promised) could evaluate after this suite's `afterEach` had already run `sinon.restore()` — at which point the property is the original function, not the stub. The `.loadLanguage` tests now assert on the captured stub reference (restore unwraps the property but leaves the spy intact), which is deterministic. Reproduced and verified with a standalone sinon/chai script. Thanks to xet7. Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
516361d787 | fix(healthchecks): update image ghcr.io/linuxserver/healthchecks 4.2.20260629 → 4.2.20260706 (#49952) | ||
|
|
4543f6a7f5 |
fix(local-ai): update image docker.io/localai/localai v4.6.0 → v4.6.1 (#49953)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/localai/localai](https://redirect.github.com/mudler/LocalAI) | patch | `8c6f107` → `dfe2e6c` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>mudler/LocalAI (docker.io/localai/localai)</summary> ### [`v4.6.1`](https://redirect.github.com/mudler/LocalAI/releases/tag/v4.6.1) [Compare Source](https://redirect.github.com/mudler/LocalAI/compare/v4.6.0...v4.6.1) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Other Changes - fix(auth): log the real cause of OIDC/OAuth user-info failures by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10679](https://redirect.github.com/mudler/LocalAI/pull/10679) - feat(api): add GET /v1/models/capabilities endpoint by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10687](https://redirect.github.com/mudler/LocalAI/pull/10687) - chore: :arrow\_up: Update CrispStrobe/CrispASR to `1109cb3fcae2e242c2b3d42ec0e3fd6e813f2ce7` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10685](https://redirect.github.com/mudler/LocalAI/pull/10685) - chore: :arrow\_up: Update ggml-org/llama.cpp to `665892536dfb1b7532161e3182304bd35c33e768` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10681](https://redirect.github.com/mudler/LocalAI/pull/10681) - chore(model-gallery): :arrow\_up: update checksum by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10686](https://redirect.github.com/mudler/LocalAI/pull/10686) - chore: :arrow\_up: Update vllm-metal (darwin) to `v0.3.0.dev20260704102955` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10668](https://redirect.github.com/mudler/LocalAI/pull/10668) - fix(ui): center the home empty-state wizard by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10691](https://redirect.github.com/mudler/LocalAI/pull/10691) - docs: :arrow\_up: update docs version mudler/LocalAI by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10680](https://redirect.github.com/mudler/LocalAI/pull/10680) - chore: :arrow\_up: Update CrispStrobe/CrispASR to `09df654e304947f7521e1f52992ceacccf03c300` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10693](https://redirect.github.com/mudler/LocalAI/pull/10693) - chore: :arrow\_up: Update ServeurpersoCom/omnivoice.cpp to `daedb763fd442e0916eb130a479fdd74947291c0` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10682](https://redirect.github.com/mudler/LocalAI/pull/10682) - chore: :arrow\_up: Update ServeurpersoCom/qwentts.cpp to `73fe0c67bbf0898ba2999535e0680a02a7f8537d` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10683](https://redirect.github.com/mudler/LocalAI/pull/10683) - feat(agents): native Prometheus metrics for agent chat runs by [@​walcz-de](https://redirect.github.com/walcz-de) in [#​10689](https://redirect.github.com/mudler/LocalAI/pull/10689) - chore: :arrow\_up: Update ggml-org/llama.cpp to `2da668617612d2df773f966e3b0ee22dc2beef7b` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10694](https://redirect.github.com/mudler/LocalAI/pull/10694) - fix(reasoning): don't persist request-scoped reasoning\_effort as an operator disable ([#​10622](https://redirect.github.com/mudler/LocalAI/issues/10622)) by [@​Anai-Guo](https://redirect.github.com/Anai-Guo) in [#​10623](https://redirect.github.com/mudler/LocalAI/pull/10623) - fix(startup): scope generated-content and upload dirs to the current user by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10698](https://redirect.github.com/mudler/LocalAI/pull/10698) - fix(config): cap auto-derived context to fit VRAM by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10696](https://redirect.github.com/mudler/LocalAI/pull/10696) - fix(llama-cpp): cap single-pass embedding batch to fit VRAM by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​10695](https://redirect.github.com/mudler/LocalAI/pull/10695) **Full Changelog**: <https://github.com/mudler/LocalAI/compare/v4.6.0...v4.6.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9sb2NhbC1haSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
cf0e2462ac |
chore(piwigo): update image ghcr.io/linuxserver/piwigo digest to d6ceb40 (#49950)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/piwigo](https://redirect.github.com/linuxserver/docker-piwigo/packages) ([source](https://redirect.github.com/linuxserver/docker-piwigo)) | digest | `9b26612` → `d6ceb40` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9waXdpZ28iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
2c9ad1360d |
chore(jellyfin): update image docker.io/alpine/socat digest to 188fe0a (#49949)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/alpine/socat | digest | `b991911` → `188fe0a` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9qZWxseWZpbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
a4b82f1b50 |
chore(grocy): update image ghcr.io/linuxserver/grocy digest to 20aaee6 (#49948)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/grocy](https://redirect.github.com/linuxserver/docker-grocy/packages) ([source](https://redirect.github.com/linuxserver/docker-grocy)) | digest | `53084ba` → `20aaee6` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ncm9jeSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
c098af8c7b |
chore(tachidesk-docker): update image ghcr.io/suwayomi/tachidesk digest to 19e91c3 (#49951)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/suwayomi/tachidesk | digest | `2b16eed` → `19e91c3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90YWNoaWRlc2stZG9ja2VyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
fcbffde774 |
fix(blocky): update image ghcr.io/k8s-gateway/k8s_gateway 1.8.1 → 1.8.2 (#49942)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/k8s-gateway/k8s_gateway](https://ghcr.io/k8s-gateway/k8s_gateway) | patch | `88baf16` → `e7d334b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ibG9ja3kiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
0ed2c7fcc6 |
feat(wekan): update image docker.io/wekanteam/wekan v9.77 → v9.78 (#49947)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `cd425bb` → `bb5d0be` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.78`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v978-2026-07-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.77...v9.78) This release fixes the following bugs: - **[Fix "Internal Server Error" when signing up despite the account being created](https://redirect.github.com/wekan/wekan/commit/b1b414e850c5494dd3849f8dab6db44fecef0196)**: Registering a new account showed a red "Internal server error" on the sign-up form even though the account was created and could sign in — which typically happens when SMTP is not configured. Root cause: useraccounts' `ATCreateUserServer` creates the account and then calls `Accounts.sendVerificationEmail()` (because `sendVerificationEmail: true`); when SMTP is missing/misconfigured that send throws **after** the user row is inserted, and with no try/catch the exception leaves the createUser method as an opaque HTTP 500. The verification email is best-effort at sign-up, so `Accounts.sendVerificationEmail` is now wrapped to log and swallow a transport failure — registration completes and redirects to sign-in — while an "already verified" error is re-thrown so the resend-verification flow still reports it. This mirrors the [#​5706](https://redirect.github.com/wekan/wekan/issues/5706) reset-password hardening. Covered by `tests/verificationEmail.test.cjs`. Thanks to Firas-Git and xet7. - **[Fix can not add members to a Linked Card](https://redirect.github.com/wekan/wekan/commit/cb9c8973092df5aa3112d3d59e3da4d8793c628b)**: A **linked card** (created by "Link card to this card") is only a placeholder on the board that links it — its members are stored on the **real card** it points at (`linkedId`), which lives on another board, and `Card.getMembers()` / `assignMember()` / `unassignMember()` already read and write that real card. But the member **picker** listed the members of the board you were *viewing* the linked card on, not the board the real card lives on. So on a board that links a card from another board, the picker offered the wrong set of members and toggling them did not behave as a consistent add/remove — "can not add members to the linked card". The picker now resolves a linked card to its real card's board and offers *that* board's active members (matching where the membership is actually stored), falling back to the current board for normal cards or when the real card isn't loaded yet. Extracted the target-card/target-board resolution into `models/lib/linkedCardMembers.js`, covered by `tests/linkedCardMembers.test.cjs`. Thanks to ITT5 and xet7. - **[Fix can't search numbers in custom fields](https://redirect.github.com/wekan/wekan/commit/001c258f967caa502bf1d1ebb147b8506596f4bf)**: Searching a board for the value of a **number** or **currency** custom field (e.g. a transaction number `2025001`, or a currency amount `123`) found nothing. Those field types store their value as a JS **Number** (the inputs save `parseInt(...)` / `Number(...)`), but `Board.searchCards()` only matched custom fields with `{ value: <regex> }` — and a MongoDB / Minimongo regex only matches **string** values, so it silently skipped every numeric custom field. The search now also adds an exact numeric-equality clause when the term is a plain number (a comma is accepted as a decimal separator, matching the currency input), so numeric custom fields match too; text/title/description matching is unchanged. Card search runs against Minimongo on the client, which — like MongoDB — cannot regex a numeric field, so equality is the correct cross-environment match. Covered by `tests/cardSearch.test.cjs`. Thanks to MarcusDger and xet7. - **[Fix "Removed nonexistent document" crash during notification\_cleanup](https://redirect.github.com/wekan/wekan/commit/2242da4176edcd7ed6bbdd779fe2bafab8457b7c)**: The scheduled notification-tray cleanup logged `Exception in removed observeChanges callback: Error: Removed nonexistent document …`. The crash itself came from the old `cottz:publish-relations` package (since replaced by `reywood:publish-composite`), but the cleanup that provoked it still fired one **un-awaited** `removeNotification()` per expired notification — a separate `Users.update` `$pull` each time — so a user with K stale notifications produced K writes to the Users collection, and every publication that republishes user documents re-ran its observers K times in quick bursts (the churn that surfaced the removed-document error), while any rejected write went unhandled. The cleanup now scans only users that have notifications and prunes each user's stale notifications in a single awaited `$pull … $in`. It also removes an activity's notifications only when *every* entry for that activity is read and past its removal age (so a freshly re-created unread notification sharing an activity id is not dropped), and guards missing/invalid `read` timestamps. Covered by `tests/notificationCleanup.test.cjs`. Thanks to xet7. - **[Fix impossible to select another board in rules](https://redirect.github.com/wekan/wekan/issues/5698)**: In the IFTTT-Rules "Move card to the board" and "Link card to the board" actions, the board dropdown was empty for some users — the current board included — while colleagues in the same company could pick boards normally. Root cause: the dropdown filtered the (already access-scoped) client cache with `'members.userId': me`, i.e. it only kept boards where the user has a *direct* member entry. A user who reaches a board through an Organization, Team or email-domain share — but is not listed individually in `board.members` — matched nothing, so the whole selector came up empty. The dropdown now filters by the same visibility rule as `Boards.userBoards()` (public OR active member OR active org OR active team OR active domain), so org/team/domain-shared boards appear too, while archived boards, template containers, the user's templates board and internal helper boards stay excluded. Thanks to Augustin356 and xet7. - **[Fix board disappeared after adding another user](https://redirect.github.com/wekan/wekan/commit/933aad87fca6fc8b17efce577127e0b1fddf17f2)**: A board admin adding another user could make the whole board silently vanish from a user's board list, with no archive and "nothing out of order" in the logs. Root cause: the `setBoardTeams` server method (used by the board Teams/Members management popups) blindly overwrote the board's entire `members` array with a snapshot sent by the client. When that client's board document was stale — e.g. a member had just been added via `inviteUserToBoard` on the server and the change had not yet propagated to the client — the overwrite dropped members, and in the worst case the board's own admin, so the board no longer matched the board-list publication (which requires an active membership) and disappeared. Because a wholesale `$set: { members }` never passes through `foreachRemovedMember()`, no `removeBoardMember` activity was logged and no card/watcher/star cleanup ran, which is why the logs looked normal. `setBoardTeams` now reconciles against the authoritative server-side members instead of trusting the client snapshot: it never drops an active admin, keeps every existing member the client still lists, adds the members the client introduces, and only removes non-admin members the client explicitly omitted (an intentional team-leave) — logging and cleaning up each such removal so it is auditable rather than silent. Thanks to DVNBLMHC and xet7. Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
05cbbc8dfd |
fix(wizarr): update image ghcr.io/wizarrrr/wizarr v2026.7.0 → v2026.7.1 (#49946)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/wizarrrr/wizarr](https://redirect.github.com/astral-sh/uv) | patch | `873900b` → `606f9b8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93aXphcnIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
43ba518a34 | chore(mysql-workbench): update image ghcr.io/linuxserver/mysql-workbench digest to 0f01eea (#49941) | ||
|
|
2efb760ce4 |
fix(homarr): update image ghcr.io/homarr-labs/homarr v1.69.1 → v1.69.2 (#49944)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/homarr-labs/homarr](https://redirect.github.com/homarr-labs/homarr) | patch | `fbc43fc` → `b65f8b1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>homarr-labs/homarr (ghcr.io/homarr-labs/homarr)</summary> ### [`v1.69.2`](https://redirect.github.com/homarr-labs/homarr/releases/tag/v1.69.2) [Compare Source](https://redirect.github.com/homarr-labs/homarr/compare/v1.69.1...v1.69.2) ##### Bug Fixes - **layout:** raise AppShellHeader z-index above Indicator dots ([687edb9](https://redirect.github.com/homarr-labs/homarr/commit/687edb9226307cb83986097abb24fe7f672e1778)), closes [#​6194](https://redirect.github.com/homarr-labs/homarr/issues/6194) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ob21hcnIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
06197bd742 |
fix(docuseal): update image docker.io/docuseal/docuseal 3.1.2 → 3.1.3 (#49943)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/docuseal/docuseal | patch | `b585c37` → `f7c078a` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kb2N1c2VhbCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
d5f7330437 |
fix(n8n): update image ghcr.io/n8n-io/n8n 2.29.5 → 2.29.6 (#49945)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/n8n-io/n8n](https://n8n.io) ([source](https://redirect.github.com/n8n-io/n8n)) | patch | `c01a2f9` → `5f0b438` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9uOG4iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
854a5ef93e |
chore(cops): update image lscr.io/linuxserver/cops digest to 0ac79f0 (#49940)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [lscr.io/linuxserver/cops](https://redirect.github.com/linuxserver/docker-cops/packages) ([source](https://redirect.github.com/linuxserver/docker-cops)) | digest | `d2c79df` → `0ac79f0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jb3BzIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
aca3ea1596 |
chore(cloudflareddns): update image oci.trueforge.org/containerforge/cloudflareddns digest to 163648f (#49939)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [oci.trueforge.org/containerforge/cloudflareddns](https://ghcr.io/trueforge-org/cloudflareddns) ([source](https://www.hotio.dev)) | digest | `1943de4` → `163648f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jbG91ZGZsYXJlZGRucyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
3bab3a91a7 |
feat(wekan): update image docker.io/wekanteam/wekan v9.76 → v9.77 (#49938)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `6ed534c` → `cd425bb` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.77`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v977-2026-07-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.76...v9.77) This release adds the following updates: - Updated Code of Conduct. [Part 1](https://redirect.github.com/wekan/wekan/commit/209cb8b43d84f7382d181a9f5d1e96ff32f2634d), [Part 2](https://redirect.github.com/wekan/wekan/commit/574dd5bedd4f7c584b0fbbfaf57df86f286607fa). Thanks to xet7. - **[Retry snapcraft install in the release-all.yml snap job](https://redirect.github.com/wekan/wekan/commit/0d4e48ddd6b9ee086f0aa10d9f7c9893fe1637e4)**: The v9.76 release's `snap` job failed at `sudo snap install snapcraft --classic` with `error: cannot install "snapcraft": too many requests` — a transient Snap Store rate limit (429-style throttle) that instantly failed the whole job before any build ran. The install now retries up to 5 times with 30s backoff, so one store throttle no longer fails the release (matching the `remote-build` retry already in the same job). Thanks to xet7. Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
ce41b40326 | chore(syslog-ng): update image docker.io/balabit/syslog-ng digest to 78ad81d (#49936) | ||
|
|
a0f27f70d2 | chore(openvscode-server): update image ghcr.io/linuxserver/openvscode-server digest to 3b76e1c (#49934) | ||
|
|
3721da062f |
chore(yacy): update image docker.io/yacy/yacy_search_server digest to 4e9a87d (#49937)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/yacy/yacy_search_server | digest | `20835e4` → `4e9a87d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95YWN5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
e77c0d9264 |
chore(pyload-ng): update image lscr.io/linuxserver/pyload-ng digest to 5051a7c (#49935)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | lscr.io/linuxserver/pyload-ng | digest | `dfd8bd9` → `5051a7c` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9weWxvYWQtbmciLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
b314ce6738 |
chore(firefox): update image ghcr.io/linuxserver/firefox digest to e04d829 (#49932)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/firefox](https://redirect.github.com/linuxserver/docker-firefox/packages) ([source](https://redirect.github.com/linuxserver/docker-firefox)) | digest | `8539df3` → `e04d829` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maXJlZm94IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
819d758cbc |
chore(babybuddy): update image ghcr.io/linuxserver/babybuddy digest to f141b2f (#49931)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/babybuddy](https://redirect.github.com/linuxserver/docker-babybuddy/packages) ([source](https://redirect.github.com/linuxserver/docker-babybuddy)) | digest | `39a1b52` → `f141b2f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9iYWJ5YnVkZHkiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
dbac2214aa |
chore(freshrss): update image ghcr.io/linuxserver/freshrss digest to 1181ef1 (#49933)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/freshrss](https://redirect.github.com/linuxserver/docker-freshrss/packages) ([source](https://redirect.github.com/linuxserver/docker-freshrss)) | digest | `b67eb8d` → `1181ef1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9mcmVzaHJzcyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
e03ecdf5ca |
Commit daily changes
Signed-off-by: TrueCharts-Bot <bot@truecharts.org> |
||
|
|
a18aefbf9d | feat(nvidia-gpu-exporter): update image docker.io/utkuozdemir/nvidia_gpu_exporter 1.9.1 → 1.10.0 (#49928) | ||
|
|
b39ddc543a |
feat(wekan): update image docker.io/wekanteam/wekan v9.74 → v9.76 (#49930)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `12c6429` → `6ed534c` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.76`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v976-2026-07-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.75...v9.76) This release adds the following fixes: - **[Fix notification emails linked to `/b/undefined/board/<cardId>` instead of the real board](https://redirect.github.com/wekan/wekan/commit/8b21158736f9e1360332903707c100bce3d6b164)**: On the server `ReactiveCache.getBoard()` is async and returns a Promise, but `Cards.board()` did not await it, so the synchronous `Card.originRelativeUrl()`/`absoluteUrl()` interpolated a Promise — `board._id` and `board.slug` were `undefined`, producing `/b/undefined/board/<cardId>` in card activity notification emails (the client UI was unaffected because `this.board()` is synchronous there). Fixed by making `Card.originRelativeUrl(board)`/`absoluteUrl(board)` accept an already-resolved board and fall back to `this.boardId` (always available synchronously) when the board is a Promise, and by passing the awaited board from `server/models/activities.js` so the correct board id and slug are used. Thanks to titver968 and xet7. - **[Release workflow: publish the Helm chart only after the Docker image is pushed](https://redirect.github.com/wekan/wekan/commit/a2802a850b57ef7ac183ddb581be666d14d43705)**: In `.github/workflows/release-all.yml` the `charts` job now depends on the `docker` job (`needs: docker`) instead of running in parallel right after `bump`. GitHub Actions runs a job only when all of its `needs` jobs succeed, so the wekan/charts Helm chart is published only after the multi-arch image is live on Docker Hub / Quay.io / GHCR (and is skipped if `docker` fails). This prevents ArtifactHub from scanning a freshly published chart whose image tag does not exist yet and emailing the maintainer about the missing Docker image. Thanks to xet7. - **[Fix thousands of unsolicited empty "Default" swimlanes created on some boards](https://redirect.github.com/wekan/wekan/commit/45fb54794755663307ef89636e2822ef9c65428d)**: `Board.getDefaultSwimline()`/`getDefaultSwimlineAsync()` self-heal a missing default swimlane by reading the board's swimlanes and inserting one if none exist. That check-then-insert is a race: concurrent or repeated server calls for a swimlane-less board each saw zero swimlanes and each inserted a new one, so some boards accumulated 30 000+ empty "Default" swimlanes and became unloadable (the `key 'default (en)' returned an object instead of string` log is a harmless i18n side effect — the title correctly falls back to the string `Default`). Follow-up to the client-side [#​6382](https://redirect.github.com/wekan/wekan/issues/6382) fix, which only stopped the browser from auto-creating them. Fixed by making the server self-heal **idempotent**: the default swimlane is now upserted with a deterministic `_id` (`<boardId>-default`), so the `_id` unique index guarantees at most one default swimlane per board no matter how many times, or how concurrently, the getters run. `archived`/`type` are set explicitly in the `$setOnInsert` because their schema autoValue/defaultValue only fire on insert, not upsert. Note: this prevents new duplicates; boards that already accumulated thousands still need a one-off cleanup. Thanks to brlin-tw and xet7. - **[Reduce card flicker on drag by only writing changed fields on a card move](https://redirect.github.com/wekan/wekan/commit/2e7c4ede2a6429048882e68084bb286aedbc42a5)**: `Card.move()` wrote `boardId`/`swimlaneId`/`listId` into the update unconditionally, even for a same-board drag to another list (the reported case). Keeping `boardId` in the `$set` on every drag re-ran the `boardId`-gated `Cards.after.update` hook that re-syncs the card's checklists and checklist items via `multi` updates, ran the cross-board consistency guard and the `denyCrossBoardMove` deny-rule DB lookup, and invalidated more reactive dependents than necessary — server work and reactivity churn that contributed to a \~1s card flicker on large boards. `Card.move()` now writes **only the fields that actually change** (via the pure `computeCardMoveModifier` helper) and skips the write entirely when a card is dropped back in the same place, so a same-board move no longer touches boardId or the cross-board hooks. The `moveCard`/`moveCardBoard` activity generators already re-check `doc.X !== oldX`, so trimming the modifier does not drop any activity. Note: this reduces the drag-time work behind the flicker; the residual reactive re-render cost on very large boards is a separate performance topic. Thanks to mimZD and xet7. - **[Fix `DEFAULT_AUTHENTICATION_METHOD` env var ignored, and Admin Panel Layout save hanging](https://redirect.github.com/wekan/wekan/commit/d5596f05b7ee63a114d3479c34e930f0d9d5549c)**: Two related problems with the default login authentication method. - **Env var ignored:** the stored setting was only ever seeded as `password` and `DEFAULT_AUTHENTICATION_METHOD` was never applied, so operators setting it (e.g. Kubernetes/Helm `DEFAULT_AUTHENTICATION_METHOD: ldap`) saw no effect. Startup now applies the env var authoritatively: it seeds the value on a fresh install and, on existing installs, keeps the stored `defaultAuthenticationMethod` in sync with the env var on every boot (the operator's env is the source of truth), so the method can be configured entirely by env without the Admin Panel. The value is normalized (trimmed + lower-cased), so `DEFAULT_AUTHENTICATION_METHOD=LDAP` works. - **Layout save hanging / not persisting:** the authentication-method `<select>` is populated by an async `Meteor.call`, so clicking **Admin Panel > Layout > Save** before it loaded sent an empty value for the **required** `defaultAuthenticationMethod` field, which silently failed validation — the save looked stuck and nothing changed. The save now falls back to the currently stored method when the select is empty, so a real value is never overwritten by `''`. Both paths share one pure helper (`resolveDefaultAuthenticationMethod`) that never resolves to an empty string. Thanks to joe-speedboat and xet7. - **[Fix #​5808: linking a card to another linked card made both cards inaccessible](https://redirect.github.com/wekan/wekan/commit/878a24f586d698307bc3af1e65c903147f87a59a)**: The "Link to this card" target picker only excluded template cards, so an existing **linked** card (or a card that already links back to the current board) could be chosen as a link target. That builds a chain/cycle of `linkedId` pointers, but the card helpers (`getTitle`/`getBoardTitle`/`getRealId`) resolve `linkedId` only **one hop**, so such a card renders as an empty/broken pointer and becomes effectively inaccessible (the reported freeze). As the reporter suggested, the fix **prevents the configuration** rather than allowing it: only a real card — not a linked card/linked board, not one of the linking board's own cards, and not a card that links back to one of them — may now be a link target. This is enforced both in the picker's query and re-checked at creation time (the options can be stale), via the pure `isLinkableCardTarget` guard, mirroring the existing [#​3328](https://redirect.github.com/wekan/wekan/issues/3328) parent/subtask cycle guard. Note: this stops new inaccessible links; any already-created ones still need manual cleanup. Thanks to the reporter and xet7. - **[Fix the "Board not found" flicker (stale-while-revalidate for the client board cache)](https://redirect.github.com/wekan/wekan/commit/d00dc6056b241b0b3e383bb5b4e75ba10ed78f56)**: While viewing a board, the board view could briefly flash the **"Board not found"** shell — and on WebKit throw a Blaze `Can't select in removed DomRange` error tearing down the card view. Root cause: the client board cache (`imports/lib/dataCache.js`) re-fetches its value inside a reactive computation, and when the board doc is momentarily absent from minimongo (a subscription stops and restarts, so Meteor transiently removes the doc) the re-fetch returns `undefined` and that empty value is surfaced immediately. It self-recovers when the subscription re-delivers the doc, so it presents as a flicker — reliably reproduced only on Firefox/WebKit, where the reactive-render timing hits the window (Chromium did not, which is why it surfaced as browser-specific Playwright failures in `14-voting-watchers` and `24-feature-issues`). Fixed with an opt-in **stale-while-revalidate** mode on `DataCache`, enabled only for `getBoard`: a transient miss over an already-cached board keeps the last value and re-checks after a short delay, surfacing an empty result only if the board is still gone then (a genuine deletion / access loss). First-ever loads and caches that did not opt in are unchanged. Core decision extracted to the pure `shouldDeferCacheMiss` helper with unit tests. Thanks to above GitHub users for their contributions and translators for their translations. ### [`v9.75`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v975-2026-07-05-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.74...v9.75) This release fixes the following CRITICAL SECURITY ISSUE of [ScannerBleed](https://wekan.fi/hall-of-fame/scannerbleed/): - **[ScannerBleed](https://redirect.github.com/wekan/wekan/commit/0137924d7ee0b28102f671e1badf5ed21d6ab22f): shell injection (RCE) via a malicious upload filename in the external antivirus scanner command path** ([GHSA-x3xm-pxrv-jg7p](https://redirect.github.com/wekan/wekan/security/advisories/GHSA-x3xm-pxrv-jg7p), CWE-78 OS Command Injection). Same RCE class as [AvatarBleed](https://wekan.fi/hall-of-fame/avatarbleed/) (CVE-2026-52891, GHSA-35j7-h385-2q9g) and its follow-up regression (CVE-2026-53447 / GHSA-qfqv-42qw-vvwh area), but in a code path that was **never** covered by those fixes. In `models/fileValidation.js`, when an admin has configured an external scanner (antivirus) command line with a `{file}` placeholder, the uploaded file path was interpolated into the command and run through `asyncExec` (`promisify(exec)`), which spawns `/bin/sh -c` and interprets **all** shell metacharacters: ```js await asyncExec(externalCommandLine.replace("{file}", '"' + fileObj.path + '"')); ``` Wrapping the path in double quotes is not a shell boundary — inside double quotes the shell still expands `$(...)`, backticks and `\`, so a filename such as ``a`id`.png`` or `$(touch /tmp/pwn).png` escaped the argument and executed as the Wekan server process. Any **authenticated** user who can upload an attachment could trigger it, on servers that have an external scanner configured. Unlike the sibling MIME-detection path (`detectMimeFromFile`, which already uses `execFile` with no shell) and unlike the AvatarBleed fix (which strips non-alphanumeric characters from the filename), this scanner path had **zero** sanitization. - **Fixed** by POSIX single-quote-escaping the interpolated file path via a new `shellQuote()` helper (wrap in single quotes, escape embedded `'` as `'\''`). Inside single quotes the shell interprets no metacharacters, so a malicious filename can no longer break out of the argument or inject commands, while the admin's arbitrary command line and the exact on-disk path are both preserved. CVSS:3.1 9.9 Critical (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). - Affected Wekan v9.06 and earlier through the current release; fixed at the upcoming WeKan release. Reported by **DavidCarliez**. Thanks to DavidCarliez and xet7! Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
c5cd961edd |
feat(openhab): update image docker.io/openhab/openhab 5.1.4 → 5.2.0 (#49929)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/openhab/openhab](https://www.openhab.org/) ([source](https://redirect.github.com/openhab/openhab-docker)) | minor | `d583a28` → `450d217` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vcGVuaGFiIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==--> |
||
|
|
1f37148782 |
fix(semaphore): update image docker.io/semaphoreui/semaphore v2.18.18 → v2.18.20 (#49927)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/semaphoreui/semaphore](https://redirect.github.com/semaphoreui/semaphore) | patch | `c393396` → `9d9eaaf` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>semaphoreui/semaphore (docker.io/semaphoreui/semaphore)</summary> ### [`v2.18.20`](https://redirect.github.com/semaphoreui/semaphore/releases/tag/v2.18.20) [Compare Source](https://redirect.github.com/semaphoreui/semaphore/compare/v2.18.19...v2.18.20) #### Bugfixes - Validate playbook path ### [`v2.18.19`](https://redirect.github.com/semaphoreui/semaphore/releases/tag/v2.18.19) [Compare Source](https://redirect.github.com/semaphoreui/semaphore/compare/v2.18.18...v2.18.19) #### v2.18.19 Release Summary This patch release includes several important security and validation fixes. ##### Security fixes - Added validation for Git repository URLs to prevent Git option injection. - Added `--end-of-options` to Git commands to make repository URL and branch handling safer. - Fixed branch override handling: task-level Git branch override is now applied only when the template explicitly allows it. - Prevented custom roles from shadowing built-in role slugs such as owner or manager. - Fixed permission resolution so built-in roles always use their built-in permissions instead of database-defined custom roles. - Added validation to prevent access keys from being updated with a different ID or moved to another project. ##### Reliability and tests - Added tests for Git URL validation and Git command injection protection. - Added tests for access key update validation. - Added tests for custom role validation and reserved role slugs. - Refactored Git branch resolution into a dedicated helper to make task behavior more consistent. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zZW1hcGhvcmUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
0c66dfde69 |
chore(tvheadend): update image ghcr.io/linuxserver/tvheadend digest to e8715f1 (#49925)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/linuxserver/tvheadend | digest | `62ce7b5` → `e8715f1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dmhlYWRlbmQiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |