Commit Graph

54203 Commits

Author SHA1 Message Date
TrueCharts Bot 338532e39f chore(lyrion-music-server): update image docker.io/lmscommunity/lyrionmusicserver digest to 893d412 (#46307) 2026-03-22 18:11:06 +01:00
TrueCharts Bot f36fff2614 fix(cloudcommander): update image ghcr.io/coderaiser/cloudcmd 19.8.0 → 19.8.1 (#46303) 2026-03-22 06:06:20 +01:00
TrueCharts Bot 00fe55bd94 chore(wordpress): update image docker.io/bitnamisecure/wordpress digest to 40c6341 (#46302) 2026-03-22 06:06:15 +01:00
TrueCharts Bot 7ba5fe1bb7 chore(steam-headless): update image docker.io/josh5/steam-headless digest to 5e959e5 (#46301) 2026-03-22 06:06:03 +01:00
TrueCharts Bot 61db76d9e9 chore(medusa): update image ghcr.io/linuxserver/medusa digest to 8f568c3 (#46298)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/medusa](https://redirect.github.com/linuxserver/docker-medusa/packages)
([source](https://redirect.github.com/linuxserver/docker-medusa)) |
digest | `4fbad9f` → `8f568c3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvbWVkdXNhIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-03-22 06:05:56 +01:00
TrueCharts Bot 60e2ca40a0 chore(jellyfin): update image docker.io/alpine/socat digest to 376403a (#46297) 2026-03-22 06:05:27 +01:00
TrueCharts Bot fec0e17ebe chore(iyuuplus): update image docker.io/iyuucn/iyuuplus digest to a5ff844 (#46296) 2026-03-22 06:05:15 +01:00
TrueCharts Bot b79650364f chore(pyload-ng): update image lscr.io/linuxserver/pyload-ng digest to e039ef1 (#46300) 2026-03-22 06:04:59 +01:00
TrueCharts Bot 074a76762a chore(piwigo): update image ghcr.io/linuxserver/piwigo digest to c984f66 (#46299) 2026-03-22 06:04:34 +01:00
TrueCharts Bot 4a5c1f3b00 chore(firefox): update image ghcr.io/linuxserver/firefox digest to 4b2668b (#46295) 2026-03-22 06:04:17 +01:00
TrueCharts Bot 1ebc791b62 fix(multus-cni): update image docker.io/alpine/crane 0.21.2 → 0.21.3 (#46305) 2026-03-22 06:03:58 +01:00
TrueCharts Bot 22e0bf88e4 chore(digikam): update image ghcr.io/linuxserver/digikam digest to 725b456 (#46294) 2026-03-22 06:03:10 +01:00
TrueCharts-Bot 4ccec338d4 Commit daily changes
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2026-03-22 00:19:47 +00:00
TrueCharts Bot 89406a3ecf feat(wekan): update image docker.io/wekanteam/wekan v8.39 → v8.40 (#46293) 2026-03-21 23:59:44 +01:00
TrueCharts Bot 84d3ac8566 feat(atuin): update image ghcr.io/atuinsh/atuin v18.12.0 → v18.13.3 (#46292)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/atuinsh/atuin | minor | `e953fa9` → `9a3bf22` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvYXR1aW4iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->
2026-03-21 23:59:31 +01:00
TrueCharts Bot 8476758cc7 fix(wallos): update image ghcr.io/ellite/wallos 4.7.2 → 4.7.3 (#46291)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/ellite/wallos](https://redirect.github.com/ellite/Wallos) |
patch | `7bb6c96` → `e558da4` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>ellite/Wallos (ghcr.io/ellite/wallos)</summary>

###
[`v4.7.3`](https://redirect.github.com/ellite/Wallos/blob/HEAD/CHANGELOG.md#473-2026-03-21)

[Compare
Source](https://redirect.github.com/ellite/Wallos/compare/v4.7.3...v4.7.3)

##### Bug Fixes

- image search failing to save
([4fd87c3](https://redirect.github.com/ellite/Wallos/commit/4fd87c30144ae9cc38a68d4c3a30df181f8e1827))
- session expiration on pwa on android
([#&#8203;1023](https://redirect.github.com/ellite/Wallos/issues/1023))
([4fd87c3](https://redirect.github.com/ellite/Wallos/commit/4fd87c30144ae9cc38a68d4c3a30df181f8e1827))

###
[`v4.7.3`](https://redirect.github.com/ellite/Wallos/releases/tag/v4.7.3)

[Compare
Source](https://redirect.github.com/ellite/Wallos/compare/v4.7.2...v4.7.3)

##### Bug Fixes

- image search failing to save
([4fd87c3](https://redirect.github.com/ellite/Wallos/commit/4fd87c30144ae9cc38a68d4c3a30df181f8e1827))
- session expiration on pwa on android
([#&#8203;1023](https://redirect.github.com/ellite/Wallos/issues/1023))
([4fd87c3](https://redirect.github.com/ellite/Wallos/commit/4fd87c30144ae9cc38a68d4c3a30df181f8e1827))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvd2FsbG9zIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==-->
2026-03-21 23:59:01 +01:00
TrueCharts Bot 43a7dbcbef chore(valkey): update image docker.io/bitnamisecure/valkey digest to f842e03 (#46289) 2026-03-21 23:58:40 +01:00
TrueCharts Bot 60705216f1 fix(qbitmanage): update image docker.io/bobokun/qbit_manage v4.6.5 → v4.6.6 (#46290) 2026-03-21 23:58:24 +01:00
TrueCharts Bot dbb7d68846 chore(nitter): update image docker.io/zedeus/nitter digest to 98d94bd (#46288) 2026-03-21 23:56:16 +01:00
astro-stan 64bcd06754 fix(grafana): Reduce default Grafana k8s-sidecar resources (#46287)
**Description**

The default Grafana chart requests and limits for the `k8s-sidecar`
containers are a bit over the top:

```bash
kubectl resource-capacity --namespace grafana --pods -uc 
NODE            POD                       CONTAINER             CPU REQUESTS   CPU LIMITS     CPU UTIL   MEMORY REQUESTS   MEMORY LIMITS   MEMORY UTIL

...                                                                                                                                         
k8s-control-1   grafana-9554bbdd8-ph6vq   grafana-alerts        75m (0%)       1500m (10%)    2m (0%)    200Mi (0%)        2400Mi (2%)     272Mi (0%)
k8s-control-1   grafana-9554bbdd8-ph6vq   grafana-dashboards    75m (0%)       1500m (10%)    1m (0%)    200Mi (0%)        2400Mi (2%)     275Mi (0%)
k8s-control-1   grafana-9554bbdd8-ph6vq   grafana-datasources   75m (0%)       1500m (10%)    1m (0%)    200Mi (0%)        2400Mi (2%)     272Mi (0%)
k8s-control-1   grafana-9554bbdd8-ph6vq   grafana-notifiers     75m (0%)       1500m (10%)    1m (0%)    200Mi (0%)        2400Mi (2%)     272Mi (0%)
k8s-control-1   grafana-9554bbdd8-ph6vq   grafana-plugins       75m (0%)       1500m (10%)    1m (0%)    200Mi (0%)        2400Mi (2%)     272Mi (0%)
...
```

I have never seen them use more than 10m CPU or go over 300Mi of memory.

So I think it makes sense to assign lower default resources than what
the `common` defaults are.

⚒️ Fixes  # <!--(issue)-->

**⚙️ Type of change**

- [ ] ⚙️ Feature/App addition
- [X] 🪛 Bugfix
- [ ] ⚠️ Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] 🔃 Refactor of current code
- [ ] 📜 Documentation Changes

**🧪 How Has This Been Tested?**
<!--
Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration
-->

**📃 Notes:**
<!-- Please enter any other relevant information here -->

**✔️ Checklist:**

- [X] ⚖️ My code follows the style guidelines of this project
- [X] 👀 I have performed a self-review of my own code
- [ ] #️⃣ I have commented my code, particularly in hard-to-understand
areas
- [ ] 📄 I have made changes to the documentation
- [ ] 🧪 I have added tests to this description that prove my fix is
effective or that my feature works
- [x] ⬆️ I increased versions for any altered app according to semantic
versioning
- [X] I made sure the title starts with `feat(chart-name):`,
`fix(chart-name):`, `chore(chart-name):`, `docs(chart-name):` or
`fix(docs):`

** App addition**

If this PR is an app addition please make sure you have done the
following.

- [ ] 🖼️ I have added an icon in the Chart's root directory called
`icon.png`

---

_Please don't blindly check all the boxes. Read them and only check
those that apply.
Those checkboxes are there for the reviewer to see what is this all
about and
the status of this PR with a quick glance._
2026-03-21 19:02:48 +00:00
TrueCharts Bot e690725e0f feat(wekan): update image docker.io/wekanteam/wekan v8.38 → v8.39 (#46286) 2026-03-21 17:55:24 +01:00
TrueCharts Bot 4f621b7a19 fix(tinymediamanager): update image docker.io/tinymediamanager/tinymediamanager 5.2.9 → 5.2.10 (#46285)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/tinymediamanager/tinymediamanager](https://www.tinymediamanager.org/)
| patch | `bbfc0d6` → `2d2fa42` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvdGlueW1lZGlhbWFuYWdlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-03-21 17:54:34 +01:00
TrueCharts Bot 9697444808 fix(metube): update image ghcr.io/alexta69/metube 2026.03.20 → 2026.03.21 (#46284) 2026-03-21 17:54:22 +01:00
TrueCharts Bot 9c0fd4ff0d fix(helm-deps): update chart mongodb 17.0.0 → 17.0.1 (#46279)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[mongodb](https://trueforge.org/truetech/truecharts/charts/stable/mongodb)
([source](https://redirect.github.com/bitnami/bitnami-docker-mongodb)) |
patch | `17.0.0` → `17.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAveW91dHViZWRsLW1hdGVyaWFsIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==-->

Signed-off-by: Alfred Göppel <43101280+alfi0812@users.noreply.github.com>
Co-authored-by: Alfred Göppel <43101280+alfi0812@users.noreply.github.com>
2026-03-21 12:09:17 +01:00
TrueCharts Bot 96636d2862 fix(helm-deps): update chart mariadb 18.0.0 → 18.0.1 (#46269)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[mariadb](https://trueforge.org/truetech/truecharts/charts/stable/mariadb)
([source](https://redirect.github.com/bitnami/bitnami-docker-mariadb)) |
patch | `18.0.0` → `18.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAveW91cmxzIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==-->
2026-03-21 11:59:49 +01:00
TrueCharts Bot 16fc3f7e4f fix(paperless-ngx): update image ghcr.io/paperless-ngx/paperless-ngx 2.20.11 → 2.20.13 (#46280) 2026-03-21 11:54:13 +01:00
TrueCharts Bot e3cfcce65e fix(xen-orchestra): update image docker.io/ronivay/xen-orchestra 5.197.4 → 5.197.5 (#46281) 2026-03-21 11:54:08 +01:00
TrueCharts Bot 9fd5f7f0ee chore(tachidesk-docker): update image ghcr.io/suwayomi/tachidesk digest to bc7164c (#46276)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/suwayomi/tachidesk | digest | `de77d00` → `bc7164c` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvdGFjaGlkZXNrLWRvY2tlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19-->
2026-03-21 11:53:57 +01:00
TrueCharts Bot 3945496f0b feat(wekan): update image docker.io/wekanteam/wekan v8.37 → v8.38 (#46282) 2026-03-21 11:53:52 +01:00
TrueCharts Bot 4259628bd5 chore(valheim): update image ghcr.io/lloesche/valheim-server digest to 20fde51 (#46277) 2026-03-21 11:53:35 +01:00
TrueCharts Bot c088c54a16 chore(monica): update image monica digest to c81ceec (#46274)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| monica | digest | `c6d5dd7` → `c81ceec` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvbW9uaWNhIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-03-21 11:52:29 +01:00
TrueCharts Bot a7172ae63b chore(openvscode-server): update image ghcr.io/linuxserver/openvscode-server digest to 966533a (#46275)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/openvscode-server](https://redirect.github.com/linuxserver/docker-openvscode-server/packages)
([source](https://redirect.github.com/linuxserver/docker-openvscode-server))
| digest | `af1d620` → `966533a` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvb3BlbnZzY29kZS1zZXJ2ZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-03-21 11:51:44 +01:00
TrueCharts Bot a222221c31 chore(yourls): update image yourls digest to 40078cc (#46278) 2026-03-21 11:51:28 +01:00
TrueCharts Bot ccf3bc20a1 chore(friendica): update image friendica digest to 691fdbc (#46272) 2026-03-21 11:51:16 +01:00
TrueCharts Bot 1d8e33cac6 chore(generic-device-plugin): update image ghcr.io/squat/generic-device-plugin digest to 1e5a0c3 (#46273) 2026-03-21 11:49:59 +01:00
TrueCharts Bot db8ae10e1a fix(helm-deps): update chart memcached 17.0.1 → 17.0.2 (#46270)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[memcached](https://trueforge.org/truetech/truecharts/charts/stable/memcached)
([source](https://redirect.github.com/bitnami/bitnami-docker-memcached))
| patch | `17.0.1` → `17.0.2` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvZ2l0ZWEiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19-->
2026-03-20 23:41:19 +01:00
TrueCharts Bot b3cdc91198 fix(homarr): update image ghcr.io/homarr-labs/homarr v1.56.0 → v1.56.1 (#46271) 2026-03-20 23:40:47 +01:00
TrueCharts Bot a9b5682d9f fix(flexget): update image docker.io/wiserain/flexget 3.19.1 → 3.19.3 (#46268)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/wiserain/flexget](https://redirect.github.com/linuxserver/docker-baseimage-alpine/packages)
([source](https://redirect.github.com/wiserain/docker-flexget)) | patch
| `f6a1f8e` → `c8fd108` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvZmxleGdldCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-03-20 23:40:02 +01:00
TrueCharts Bot 5bbae5f82d chore(redis): update image docker.io/bitnamisecure/redis digest to 7b14fdb (#46266)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/bitnamisecure/redis | digest | `b8ec536` → `7b14fdb` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvcmVkaXMiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-03-20 23:39:39 +01:00
TrueCharts Bot d0b6ce7ac9 chore(searxng): update image docker.io/searxng/searxng digest to b6db575 (#46267)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/searxng/searxng | digest | `aa1dca9` → `b6db575` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvc2VhcnhuZyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19-->
2026-03-20 23:39:30 +01:00
TrueCharts Bot 59bc7e018a chore(mongodb): update image docker.io/bitnamisecure/mongodb digest to 63e4b4a (#46265) 2026-03-20 23:39:13 +01:00
TrueCharts Bot c6eb82b8fb fix(metube): update image ghcr.io/alexta69/metube 2026.03.18 → 2026.03.20 (#46259) 2026-03-20 17:38:38 +01:00
TrueCharts Bot 05a2c3c837 fix(helm-deps): update chart memcached 17.0.0 → 17.0.1 (#46258) 2026-03-20 17:38:37 +01:00
TrueCharts Bot 82a6976900 chore(memcached): update image docker.io/bitnamisecure/memcached digest to 4706972 (#46256) 2026-03-20 17:38:23 +01:00
TrueCharts Bot 15169d19e9 feat(cloudcommander): update image ghcr.io/coderaiser/cloudcmd 19.7.1 → 19.8.0 (#46261) 2026-03-20 17:38:21 +01:00
TrueCharts Bot eb7202e384 fix(nextcloud): update image docker.io/collabora/code 25.04.9.3.1 → 25.04.9.4.1 (#46260)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/collabora/code | patch | `0011be3` → `fe49c08` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvbmV4dGNsb3VkIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==-->
2026-03-20 17:38:16 +01:00
TrueCharts Bot b3f14694d0 feat(paperless-ngx): update image docker.io/gotenberg/gotenberg 8.27 → 8.28 (#46262)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/gotenberg/gotenberg](https://redirect.github.com/gotenberg/gotenberg)
| minor | `d71ab8c` → `f172b1c` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvcGFwZXJsZXNzLW5neCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-03-20 17:37:49 +01:00
TrueCharts Bot 383f56463f chore(mariadb): update image docker.io/bitnamisecure/mariadb digest to c0a68ab (#46255) 2026-03-20 17:36:31 +01:00
TrueCharts Bot 06eb9365ab feat(wekan): update image docker.io/wekanteam/wekan v8.36 → v8.37 (#46264)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) |
minor | `fd29270` → `ef87161` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>wekan/wekan (docker.io/wekanteam/wekan)</summary>

###
[`v8.37`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v837-2026-03-20-WeKan--release)

[Compare
Source](https://redirect.github.com/wekan/wekan/compare/v8.36...v8.37)

This release fixes the following bugs:

- [Fix card save does not
work](https://redirect.github.com/wekan/wekan/commit/37142f3bb9f4f10a3049a9837456c0753e6e329a).
  Thanks to comunidadplayasdetijuana, Janfy and xet7.

Thanks to above GitHub users for their contributions and translators for
their translations.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvd2VrYW4iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->
2026-03-20 17:36:23 +01:00
TrueCharts Bot 0ebc2eb110 feat(vikunja): update image docker.io/vikunja/vikunja 2.1.0 → 2.2.0 (#46263)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/vikunja/vikunja](https://redirect.github.com/go-vikunja/vikunja)
| minor | `f13103b` → `fefda8b` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>go-vikunja/vikunja (docker.io/vikunja/vikunja)</summary>

###
[`v2.2.0`](https://redirect.github.com/go-vikunja/vikunja/blob/HEAD/CHANGELOG.md#220---2026-03-20)

[Compare
Source](https://redirect.github.com/go-vikunja/vikunja/compare/v2.1.0...v2.2.0)

##### Bug Fixes

- *(attachments)* Sync kanban store and task ref on attachment changes
- *(auth)* Use SameSite=None for refresh token cookie to fix desktop app
- *(auth)* Make SameSite=None conditional on HTTPS for refresh cookie
- *(caldav)* Eliminate nested db session in CalDAV auth
- *(caldav)* Parse timestamps in configured timezone
- *(caldav)* Use /dav/projects/ as home to make iOS/MacOS reminders work
([#&#8203;2417](https://redirect.github.com/go-vikunja/vikunja/issues/2417))
- *(ci)* Remove HTML comments inside table that break markdown rendering
- *(cli)* Make user deletion confirmation check Windows compatible
([#&#8203;2339](https://redirect.github.com/go-vikunja/vikunja/issues/2339))
- *(db)* Prevent SQLite "database is locked" errors under concurrent
writes
- *(db)* Use immediate txlock for SQLite instead of MaxOpenConns(1)
- *(db)* Use WAL mode for SQLite and temp file for ephemeral databases
- *(desktop)* Disable nodeIntegration and enable
contextIsolation/sandbox
- *(desktop)* Validate URL schemes before shell.openExternal
- *(desktop)* Block same-window navigation to external origins
- *(docker)* Remove COPY for deleted patches directory
- *(e2e)* Drain event handlers and stop browser between tests
- *(events)* Defer task event dispatch until after transaction commit
- *(events)* Defer event dispatch for task sub-entities
- *(events)* Defer event dispatch for project operations
- *(events)* Defer event dispatch for team operations
- *(events)* Defer event dispatch for user creation and task positions
- *(events)* Dispatch pending events in CalDAV handlers after commit
- *(events)* Dispatch pending events in migration and export handlers
- *(frontend)* Add horizontal overflow handling to tables on mobile
- *(frontend)* Use semantic class instead of targeting Tailwind utility
- *(frontend)* Use mbs-2 utility class instead of scoped CSS
- *(gantt)* Always show relation arrows and fix arrow Y positioning
- *(gantt)* Update relation arrows in real-time during drag and resize
- *(gantt)* Make relation arrows smaller and dash precedes lines
- *(gantt)* Spread overlapping relation arrows at shared endpoints
- *(gantt)* Improve parent task bar styling and visual grouping
- *(gantt)* Make collapse/expand triangle smaller
- *(gantt)* Move parent diamonds outward with stroke and remove hover
effect
- *(gantt)* Only set hasDerivedDates when children have actual dates
- *(gantt)* Clamp collapse chevron x position to prevent negative offset
- *(gantt)* Remove unreachable hover rule on relation arrows
- *(gantt)* Render collapse chevron after bars for correct SVG paint
order
- *(menu)* Prevent dropdown from closing when cursor crosses offset gap
([#&#8203;2367](https://redirect.github.com/go-vikunja/vikunja/issues/2367))
- *(menu)* Show all project menu items in sidebar dropdown
- *(migration)* Support space-separated date format in TickTick importer
- *(nav)* Project drag handle position
- *(shortcuts)* Resolve lint errors in shortcut module
- *(shortcuts)* Track active sequences explicitly to prevent misfires
- *(tasks)* Support both expand and expand\[] query parameter formats
([#&#8203;2415](https://redirect.github.com/go-vikunja/vikunja/issues/2415))
- *(test)* Update mobile kanban test to use close button instead of back
button
- *(views)* Assign default position when creating new project views
- Use MinPositionSpacing threshold in calculateNewPositionForTask
([#&#8203;2320](https://redirect.github.com/go-vikunja/vikunja/issues/2320))
([3ca4913](3ca4913fcb6dc287adec552dd62024a3b63f477a))
- Remove invalidateAvatarCache call that broke request deduplication
([#&#8203;2317](https://redirect.github.com/go-vikunja/vikunja/issues/2317))
([7297682](7297682cadae3e2c48f2a09d20a6191b561c1eeb))
- Add /tmp directory to Docker image to fix data export
([84d563c](84d563c51b6cd15000f4af6e058362c5e45c8dc2))
- Update old kolaente.dev URLs to code.vikunja.io
([#&#8203;2342](https://redirect.github.com/go-vikunja/vikunja/issues/2342))
([a160048](a160048cc3259773405654746117bf6dc0565eee))
- Validate default settings timezone on startup
([#&#8203;2345](https://redirect.github.com/go-vikunja/vikunja/issues/2345))
([40bcf2b](40bcf2b36f777c6338a40581a472333974770c93))
- Correct package.json indentation after dependency removal
([f8763d8](f8763d812e2a7c7f9b2d28ff3e502693419f859e))
- Remove duplicate close button on mobile task detail view
([8a4f3a9](8a4f3a916f2eae71f0106c42d257b5ee4dc77928))
- Prevent nil pointer panic in mention notification listeners
([18f1687](18f16878a84952cf5d0ddb583385dc340d1f5ff3))
- Only drop Vikunja-owned tables in WipeEverything
([14e2c95](14e2c95a830eb4206390a58f85b4bc49068f23cd))
- Only dump Vikunja-owned tables
([cd7d405](cd7d40583aaa43e1d9445e9f54ea81d14eb12232))
- Remove debug log statements from task duplicate
([6da0f68](6da0f685624c66806027070d537648be9b100e29))
- Close source file handle when duplicating attachments
([7aad96b](7aad96b1991a981245cc119bce189de327ea36ce))
- Preserve cover image when duplicating task
([9c23e19](9c23e196440830d0b94ca18bfb1002a0db27b54c))
- Allow browser caching for file downloads
([#&#8203;2349](https://redirect.github.com/go-vikunja/vikunja/issues/2349))
([54d9775](54d977532e9e9a99281bc56965583d07f3913b21))
- Handle deleted user in saved filter view event listener
([7288483](72884838790db52852c8643ab17be5f6fc0067f0))
- Include remote IP address in HTTP request logs
([f9cb0a2](f9cb0a2de1d7ed64aa04f74f4209f117ea60186f))
- Use ParadeDB v2 fuzzy prefix matching for search
([#&#8203;2346](https://redirect.github.com/go-vikunja/vikunja/issues/2346))
([0a38ec0](0a38ec08388c9d2716f9e41185af0bcfb0ed7f8d))
- Prefer working directory for service.rootpath default
([d3cbc4f](d3cbc4fc4fb7d7fe054c4c022656f2b4d5c42bde))
- Ensure /tmp is writable by container user in Docker image
([f497e8b](f497e8bb6d78f3b01c2a87540e28d7727e17676e))
- Remove debounce from color picker to prevent stale color on save
([d196af0](d196af0503053d00e05afb8d2585a67b229a5144))
- Send account deletion notification before deleting user row
([79a612a](79a612aa5d95f89cd84148295146a92ccddefa74))
- Register bulk label route correctly for API token permissions
([e19bea8](e19bea8e3a2804485479748b1c91dc58719dbe11))
- Prevent authenticated UI flash when server rejects JWT session
([#&#8203;2387](https://redirect.github.com/go-vikunja/vikunja/issues/2387))
([28cc9e0](28cc9e0571c98bb04d216e5fe47aaa503a1e887b))
- Preserve CalDAV inverse relations when parent has no RELATED-TO
([#&#8203;2389](https://redirect.github.com/go-vikunja/vikunja/issues/2389))
([ada2eba](ada2ebab9e1738bb145db1c498d2dda84d11c10b))
- Collapse view buttons into dropdown when overflowing
([#&#8203;2306](https://redirect.github.com/go-vikunja/vikunja/issues/2306))
([7b6b432](7b6b4323015239098a55adcb134d12dc9785f5cb))
- Invalidate all sessions when enabling TOTP
([3bc0093](3bc009368628fb286632b456f9bf2d575a8bfa43))
- Make mage fmt skip gitignored files
([e74265d](e74265d921b9b12bf89882e791743758b42f5f3d))
- Ensure frontend dist directory exists for lint and fmt commands
([c62b7e6](c62b7e680f82253d89f8cefbfe4bb4b4bb64c5e9))
- Handle S3 backend in user export download
([b0ede53](b0ede53c051d45a3e861450187e64c5342be5362))
- Use file mime type instead of hardcoded application/zip in S3 export
([4cd63f9](4cd63f93a48d784dd2566c26a0642ec0c69d3d8f))
- Configure Echo IPExtractor to prevent rate limit bypass via spoofed
headers ([a498dd6](a498dd69915a006c07e9d82660a2185d7e8136ee))
- Block login for StatusAccountLocked users
([4c80932](4c80932b6475ad54a2e2a81541d89a3b8471a762))
- Prevent password reset from re-enabling admin-disabled accounts
([d8570c6](d8570c603da1f26635ce6048d6af85ede827abfb))
- Reject password reset token requests for disabled users
([708ccab](708ccab895a23ed59b330db4a58a441bf5fbfcb2))
- Prevent email confirmation from re-enabling admin-disabled accounts
([049f4a6](049f4a6be46f9460bd516f489ef9f569574bc70d))
- Update test expectations for new disabled user fixture
([89923eb](89923ebe7090038c57ee3ad23eca86858c9c2eca))
- Reject images exceeding 50M pixels before decode
([af61d0f](af61d0f1a0d6e9394546d2d64dff043cfbe641f7))
- Adapt image preview DoS protection to new FileStorage interface
([be0aaa7](be0aaa70601af919f68fa1153f76bcf6335bc0b5))
- Verify comment belongs to task in URL to prevent IDOR
([bc6d843](bc6d843ed4df82a6c89f10aa676a7a33d27bf2fd))
- Require CanUpdate for project background deletion
([f066eb3](f066eb3ea4d1648ef925a745836e48a71b600a5f))
- Only enforce task\_id check when TaskID is provided
([4941961](49419619bd0052bdd7e727404a9284acd928a903))
- Use require.Error instead of assert.Error for error assertions
([b7a1408](b7a14080983d2781e1428be9b77fae319e7788e4))
- Reject CalDAV basic auth when TOTP is enabled
([cdf5d30](cdf5d30a425d032f749b78b98b828f25ad882615))
- Use user10 instead of user1 for TOTP fixture to avoid breaking login
tests ([659e73a](659e73af05af154dda315d025e8b3a12705e4a7e))
- Update TOTP fixtures and tests to avoid conflicts with existing
enrollment tests ([1ed813c](1ed813caf00224d90c3c89c5b8078788f5730f51))

##### Dependencies

- *(deps)* Update dev-dependencies
- *(deps)* Upgrade serialize-javascript to 7.0.3
- *(deps)* Update dependency
[@&#8203;vue/tsconfig](https://redirect.github.com/vue/tsconfig) to
v0.9.0
- *(deps)* Use forked afero-s3 to fix S3 read performance regression
([#&#8203;2313](https://redirect.github.com/go-vikunja/vikunja/issues/2313))
- *(deps)* Update dependency flexsearch to v0.8.212
- *(deps)* Remove obsolete flexsearch 0.7.43 patch
- *(deps)* Remove
[@&#8203;github/hotkey](https://redirect.github.com/github/hotkey)
dependency
- *(deps)* Update dependency rollup-plugin-visualizer to v6.0.11
- *(deps)* Update dependency electron to v40.7.0
- *(deps)* Update immutable to 5.1.5
- *(deps)* Update svgo to 3.3.3
- *(deps)* Update tar to 7.5.10 and
[@&#8203;tootallnate/once](https://redirect.github.com/tootallnate/once)
to 3.0.1 in desktop
- *(deps)* Update dependency vite-svg-loader to v5.1.1
- *(deps)* Bump dompurify from 3.3.1 to 3.3.2 in /frontend
- *(deps)* Update dependency eslint to v9.39.4
- *(deps)* Update dev-dependencies to v8.57.0
- *(deps)* Update dependency sass-embedded to v1.98.0
- *(deps)* Update dev-dependencies
([#&#8203;2395](https://redirect.github.com/go-vikunja/vikunja/issues/2395))
- *(deps)* Update dependency caniuse-lite to v1.0.30001779
- *(deps)* Override flatted to 3.4.1 to fix unbounded recursion DoS
- *(deps)* Update tar override to 7.5.11 to fix symlink path traversal
- *(deps)* Update dependency vue-tsc to v3.2.6
- *(deps)* Update dependency electron to v40.8.3
- *(deps)* Update dev-dependencies to v4.2.2
- *(deps)* Add daenney/ssrf for webhook SSRF protection
- *(deps)* Update dependency stylelint to v17.5.0

##### Documentation

- Update user search endpoint description for external team bypass
([b5086fe](b5086febc71a80467302584b9d41e10459d9d77e))
- Update rootpath description to mention working directory default
([ddfc565](ddfc565c614761d3dda037902c8309bf5a27fdd1))
- Document database.schema config option for PostgreSQL
([8868b21](8868b214ca2f0b34a6506066af1c4c96e13ca40d))
- Document IP extraction and trusted proxy config options
([015a172](015a172c2a07d3fc3827645d9e1bfe986ee58a03))

##### Features

- *(ci)* Post preview deployment comment on PRs
- *(ci)* Enable merge queue trigger
- *(config)* Add webhooks.allownonroutableips setting
- *(events)* Add DispatchOnCommit/DispatchPending for deferred event
dispatch
- *(frontend)* Upgrade Tailwind CSS from v3 to v4
- *(frontend)* Highlight overdue tasks consistently
([#&#8203;958](https://redirect.github.com/go-vikunja/vikunja/issues/958))
- *(gantt)* Add expand=subtasks to Gantt API params
- *(gantt)* Add task tree builder utility for hierarchy
- *(gantt)* Add dependency arrow data builder
- *(gantt)* Integrate task tree into Gantt rendering with collapse
- *(gantt)* Add collapse/expand chevron and indent indicators
- *(gantt)* Render parent summary bars with diamond endpoints
- *(gantt)* Create arrow SVG overlay component for relations
- *(gantt)* Wire relation arrows into GanttChart with toggle
- *(handlers)* Dispatch pending events after transaction commit
- *(release)* Update frontend package.json version on release
- *(shortcuts)* Add event.code-based shortcut module
- *(webhooks)* Add built-in SSRF protection using daenney/ssrf
- Ensure forms submit on Enter
([#&#8203;959](https://redirect.github.com/go-vikunja/vikunja/issues/959))
([e1d1e7c](e1d1e7c848bb2f0062a5fa522c7a357a2d3c723f))
- Use offical vite plugin for sentry
([#&#8203;873](https://redirect.github.com/go-vikunja/vikunja/issues/873))
([0a9586e](0a9586e8d4351e47edacb63fa6667193d99ff7ee))
- Mini tiptap improvements
([b92735b](b92735b0e907bf7613b106ea633b82efa7f1781a))
- Surface API validation errors to registration form fields
([#&#8203;1902](https://redirect.github.com/go-vikunja/vikunja/issues/1902))
([c6f0d8b](c6f0d8babe6f36e6d25d22a932c9f0a075a5a359))
- Add table registration to db package
([d26936f](d26936f869c8489b06b0d9377af489236765a9e1))
- Register Vikunja tables with db package at init
([3dd2ba4](3dd2ba4aa4309b589e809621de2ecee89ee54159))
- Add RegisteredTableNames helper to db package
([0a8534d](0a8534ded9fca162fb1721a86d835677b30f2cdb))
- Add task duplicate backend model and tests
([d8f3a96](d8f3a96b06fc40d4b30954cc71a3bb43890f8cfc))
- Register task duplicate API route
([77fdf1b](77fdf1b84b27f80f4f332a26e9d7cf1ad032f211))
- Add task duplicate frontend model and service
([52bee37](52bee379d417d37b21b3d6f0cac8e67f83716925))
- Add duplicateTask action to task store
([2014d50](2014d50b953f86fb5a66bf32c74035b8d42c2e7a))
- Add duplicate button to task detail view
([6c9407c](6c9407c58f4ed01c0eac37aa51e7939cd5a11a1d))
- Bypass discoverability settings for external team members
([28b913f](28b913f29f812ef51f3b8fe967d5560c1d8ed927))
- Add InitEventsForTesting and Unfake for real event dispatch in tests
([1b1e8e5](1b1e8e5b19e9dd32a0d6089759d18c81883f8ffc))
- Add mage test:e2e-api target for e2e API tests
([24b800d](24b800d48d27a90447bfb9765f23093e5b9bde41))
- Add conversational email template and rendering
([d4b0302](d4b03026f0b98734a95e9cc22d3e77e89a7d3f4f))
- Convert notifications to conversational email style
([b3572c5](b3572c5932ba9eb7159e48129c1e52f0333cf96e))
- Add translation keys for conversational emails
([def73e2](def73e2f8eeadf807c9b2e2a422e2335444280dd))
- Add user\_id to webhooks and user-directed event infrastructure
([d4577c6](d4577c660f5550a59f1b90a2ef1f5fba49cb73c6))
- Extend WebhookListener for user-level webhooks
([dbbc80a](dbbc80aea613779d43b015479fef0f7301d8e7e2))
- Add API routes for user-level webhooks
([47a0775](47a0775c7378faf6c8b3af3cd1429d3be7c51e70))
- Add user-level webhooks settings page
([2e1648e](2e1648ef4c7b1d1a05542567cd2a682f1038b03c))
- Replace afero-s3 with minimal S3 afero.Fs implementation
([b065c62](b065c6200782bfd6e9eea889847e83f1dead906d))
- Add service.ipextractionmethod and service.trustedproxies config
options ([26324a7](26324a740a73d19748eea3c745c74f91f60cc86b))
- Add StatusAccountLocked user status for TOTP lockouts
([f42a045](f42a045bdc175fbffee4f8ee9592fa8dfedbc8aa))

##### Miscellaneous Tasks

- *(dev)* Update devenv
- *(i18n)* Update translations via Crowdin
- Remove feature request issue template
([06ead58](06ead58ea3bb366970473d587db82bb36db07887))

##### Other

- *(other)* \[skip ci] Updated swagger docs
- *(other)* Add e2e API tests to CI pipeline
- *(other)* Upgrade ParadeDB image to support v2 fuzzy search API

##### Refactor

- *(attachments)* Read from task prop instead of global store
- *(attachments)* Return uploaded attachments instead of writing to
store
- *(attachments)* Use local state instead of global attachment store
- *(attachments)* Remove global attachment store
- *(shortcuts)* Update directive to use new shortcut module
- *(shortcuts)* Update v-shortcut values to event.code format
- *(shortcuts)* Replace eventToHotkeyString with eventToShortcutString
- *(shortcuts)* Use event.code for raw keyboard handlers
- Batch label inserts during task duplication
([e07eeed](e07eeed21156ab2bdc6c02aceede9cbc91468a28))
- Use TaskRelation.Create for copy relation
([692357a](692357a648367f1beb9ba192e3ed3425f8648893))
- Move ListUsers tests from pkg/user to pkg/models
([54c7c4a](54c7c4aef2fbdf7d4c04630d75cd36a0d121daec))
- Enable golangci-lint on magefile, fix errors
([cea8c78](cea8c7807d060e0a187c37c80ba42d02d4aa7637))
- Fix contextcheck lint errors on magefile by passing mage context
([0a1104b](0a1104b75ce1a6fcadb0cd0678400cf3585a0eb1))
- Merge last unique build tag "tools" into go.mod tools section
([1b5f3f4](1b5f3f4ccd15a954d1b3ac4fa49a99c2f299deff))
- Add centralized ResolvePath for rootpath-relative paths
([2a7165a](2a7165aaba736c53be32bb8cf0cf77e6fb7cd501))
- Use config.ResolvePath for all rootpath-relative paths
([a043940](a043940e14f686faa15339ecc06f91dd191d22d1))
- Replace afero with FileStorage interface
([0e1f44e](0e1f44e57efe06d08a47d980fa49bdd260f5fac3))
- Use StatusAccountLocked for TOTP lockouts
([7792bf6](7792bf6cea36ede6c38b9966f587222b476176cb))
- Rename checkProjectBackgroundWriteRights to
checkProjectBackgroundWritePermissions
([4b91e5e](4b91e5efa173c90346567d4b296ab6233a9cc093))

##### Styling

- Fix alignment in config key declarations
([ddd9ef5](ddd9ef5f2206dc5936cc14d359c70312806de233))

##### Testing

- *(shortcuts)* Add unit tests for shortcut parsing logic
- *(webhooks)* Add SSRF protection tests
- *(webhooks)* Allow non-routable IPs in E2E tests
- Update event assertions to work with deferred dispatch
([f516bbe](f516bbe560a7b2a0d348e71ecdab00229c5cf554))
- Add web integration tests for task duplication
([4d494ba](4d494ba442b7bc6b4d7d06a3a3919f8d1bc6e066))
- Add user 11 to external team 14 for discoverability tests
([64e455a](64e455a613134b74c5734570eef19f3631253738))
- Add tests for external team user discoverability bypass
([3a73016](3a730165bc15f0fa2593aa8961e27192e93fcafb))
- Verify email masking for external team name search
([0661789](06617891fafa7c73c1c7110d404cb0a76812842d))
- Add e2e API test package with webhook pipeline verification
([1f3509b](1f3509bf27a9102ac96578d441d3731fb444dfa9))
- Add fixture task with compound word for prefix search testing
([275f714](275f714224cc93f0f9cd7b4590ba2b07a79398e4))
- Add web tests for prefix/substring search
([#&#8203;2346](https://redirect.github.com/go-vikunja/vikunja/issues/2346))
([892b38b](892b38b3b696e024e673dba3c0e302d5afa714fe))
- Rewrite MultiFieldSearch tests with SQL output verification
([ee2723d](ee2723d9cf3c603bd22be9e5411d67f1c9f38799))
- Call real MultiFieldSearch function and branch on db engine
([e6cbd67](e6cbd67ab52e92afadeaf0e9b3dbd96de3b3e1c1))
- Add task
[#&#8203;48](https://redirect.github.com/go-vikunja/vikunja/issues/48)
to expected results in feature tests
([3568aaa](3568aaacee6d102ec8b749409cb1c8ca73c096f8))
- Adjust ParadeDB search tests for fuzzy prefix match broadening
([6268c48](6268c48f15955d812c6a569edb9c2d56e454fc27))
- Fix lint and adjust project search test for ParadeDB fuzzy matching
([b69705e](b69705e64bc45b93a834f877936aea5a7886bd9a))
- Add result count assertions for ParadeDB search tests
([c7c63e8](c7c63e8eadb174d163516590ec5c7ed945670cd5))
- Fix non-ParadeDB project search count assertion
([df0e3a8](df0e3a84a9cdf94b8a3f581ab7bf1690d36a6fe9))
- Fix ParadeDB project search count to 27
([d36ac9d](d36ac9ddda5ddbc781a06017ee6d45ff2f8a45d8))
- Add tests for conversational email system
([aacf650](aacf650ec2c2817447107043620989d1b4c72130))
- Add e2e tests for user-level webhooks
([05cc65f](05cc65fe9e4fa448cda437d58480a9f3f19d69ed))
- Add web tests for bulk label task endpoint
([675dfb3](675dfb3ea47dd882de7e49ab1b0ace79a5e8bb9b))
- Add failing test for bulk label API token route registration
([554593c](554593cdb6bc0d31a1809c4b969b4fda9423edc3))
- Add FileStat assertion to validate storage path in attachment test
([17eccd8](17eccd848fd8688cd18f5dd46d1beb2c6ce96442))
- Add tests for disabled user password reset prevention
([241b0e8](241b0e80b6d9e91cda1f03a9e3a6368710d1fe36))
- Add web test for disabled user password reset rejection
([2260d76](2260d763b56290fcf8bfe5a9acfdee1a4332a65e))
- Add failing test for image preview with oversized dimensions
([f7592e2](f7592e2cfdc11fb06441007a4fb1d2ca5a2f1c5a))
- Add failing test for task comment IDOR
([2da8925](2da89258e53068253dcf8ef17d4dad141dba7d31))
- Add failing test for project background delete with read-only access
([f60f3af](f60f3af70b6d8258dd342a9ac15b71f48326e9af))
- Add TOTP fixture data for user1
([27ef92b](27ef92b9bf36f437b151df13f801a504e73bddc8))
- Add failing test for CalDAV 2FA bypass via basic auth
([bda16e7](bda16e770fa76f212d15b1faec5c83f9046a0bb3))
- Register totp fixture in test setup
([a66bda2](a66bda2f51d4f7df8d353066a100de2d8c0aab32))
- Verify CalDAV token auth bypasses TOTP check
([1f2aef7](1f2aef776ccdd0ac1405fc8bcbb47084091d42eb))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvdmlrdW5qYSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-03-20 17:35:57 +01:00