5191d8d8bbaa642ec72c2ddf4f8bdeb00a8eb0d9
56553 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
4ab47783b8 |
fix(openwebrxplus): update image docker.io/slechev/openwebrxplus-softmbe 1.2.114 → 1.2.115 (#48536)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/slechev/openwebrxplus-softmbe | patch | `0cd5b78` → `9eb59a7` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vcGVud2VicnhwbHVzIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
9f50fdcb3b |
chore(smokeping): update image ghcr.io/linuxserver/smokeping digest to 320bbb6 (#48535)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/smokeping](https://redirect.github.com/linuxserver/docker-smokeping/packages) ([source](https://redirect.github.com/linuxserver/docker-smokeping)) | digest | `ebfbbc3` → `320bbb6` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zbW9rZXBpbmciLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
4cc757b192 |
chore(orcaslicer): update image ghcr.io/linuxserver/orcaslicer digest to 159ee84 (#48534)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/orcaslicer](https://redirect.github.com/linuxserver/docker-orcaslicer/packages) ([source](https://redirect.github.com/linuxserver/docker-orcaslicer)) | digest | `bfd3c91` → `159ee84` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vcmNhc2xpY2VyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
f3bffc3532 |
feat(manyfold): update image ghcr.io/manyfold3d/manyfold 0.141.0 → v0.142.0 (#48532)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/manyfold3d/manyfold](https://redirect.github.com/manyfold3d/manyfold) | minor | `4ad9e3a` → `5a45d2f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>manyfold3d/manyfold (ghcr.io/manyfold3d/manyfold)</summary> ### [`v0.142.0`](https://redirect.github.com/manyfold3d/manyfold/releases/tag/v0.142.0) [Compare Source](https://redirect.github.com/manyfold3d/manyfold/compare/v0.142.0...v0.142.0) This release allows the use of videos in preview frames, so you can show off your models in a more dynamic fashion, and also adds indexer support for the upcoming DragonFruit resin slicer VOXL file format. There are also a number of fixes to metadata scanning and other background jobs, as well as a large behind-the-scenes refactor of presupported relationships which will lead to some new features in the next release. ##### What's Changed ##### ✨ New Features ✨ - Allow video files to be used as previews by [@​Floppy](https://redirect.github.com/Floppy) in [#​6194](https://redirect.github.com/manyfold3d/manyfold/pull/6194) - Add indexer support for DragonFruit VOXL files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6209](https://redirect.github.com/manyfold3d/manyfold/pull/6209) ##### 🐛 Bug Fixes 🐛 - Fix bug where updating ignored problems caused background job failure by [@​Floppy](https://redirect.github.com/Floppy) in [#​6205](https://redirect.github.com/manyfold3d/manyfold/pull/6205) - Always generate file derivatives when analysing files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6203](https://redirect.github.com/manyfold3d/manyfold/pull/6203) - Fall back to matching creators and collections by name when parsing datapackages by [@​Floppy](https://redirect.github.com/Floppy) in [#​6207](https://redirect.github.com/manyfold3d/manyfold/pull/6207) - Handle stack overflows during analysis of some 3MF files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6208](https://redirect.github.com/manyfold3d/manyfold/pull/6208) - Avoid IOErrors by reloading attachment data after detecting inefficient file formats by [@​Floppy](https://redirect.github.com/Floppy) in [#​6210](https://redirect.github.com/manyfold3d/manyfold/pull/6210) ##### 🌍 Internationalization 🌏 - Translations updated: de by [@​Floppy](https://redirect.github.com/Floppy) in [#​6226](https://redirect.github.com/manyfold3d/manyfold/pull/6226) - Translations updated: es by [@​Floppy](https://redirect.github.com/Floppy) in [#​6218](https://redirect.github.com/manyfold3d/manyfold/pull/6218) ##### 🛠️ Other Improvements 🛠️ - Add Relationship model to support generic relationships between models, files, links etc. by [@​Floppy](https://redirect.github.com/Floppy) in [#​6196](https://redirect.github.com/manyfold3d/manyfold/pull/6196) - Handle bad unicode when parsing README files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6206](https://redirect.github.com/manyfold3d/manyfold/pull/6206) - Change presupported file link to use new Relationship model by [@​Floppy](https://redirect.github.com/Floppy) in [#​6217](https://redirect.github.com/manyfold3d/manyfold/pull/6217) **Full Changelog**: <https://github.com/manyfold3d/manyfold/compare/v0.141.0...v0.142.0> ### [`v0.142.0`](https://redirect.github.com/manyfold3d/manyfold/releases/tag/v0.142.0) [Compare Source](https://redirect.github.com/manyfold3d/manyfold/compare/v0.141.0...v0.142.0) This release allows the use of videos in preview frames, so you can show off your models in a more dynamic fashion, and also adds indexer support for the upcoming DragonFruit resin slicer VOXL file format. There are also a number of fixes to metadata scanning and other background jobs, as well as a large behind-the-scenes refactor of presupported relationships which will lead to some new features in the next release. ##### What's Changed ##### ✨ New Features ✨ - Allow video files to be used as previews by [@​Floppy](https://redirect.github.com/Floppy) in [#​6194](https://redirect.github.com/manyfold3d/manyfold/pull/6194) - Add indexer support for DragonFruit VOXL files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6209](https://redirect.github.com/manyfold3d/manyfold/pull/6209) ##### 🐛 Bug Fixes 🐛 - Fix bug where updating ignored problems caused background job failure by [@​Floppy](https://redirect.github.com/Floppy) in [#​6205](https://redirect.github.com/manyfold3d/manyfold/pull/6205) - Always generate file derivatives when analysing files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6203](https://redirect.github.com/manyfold3d/manyfold/pull/6203) - Fall back to matching creators and collections by name when parsing datapackages by [@​Floppy](https://redirect.github.com/Floppy) in [#​6207](https://redirect.github.com/manyfold3d/manyfold/pull/6207) - Handle stack overflows during analysis of some 3MF files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6208](https://redirect.github.com/manyfold3d/manyfold/pull/6208) - Avoid IOErrors by reloading attachment data after detecting inefficient file formats by [@​Floppy](https://redirect.github.com/Floppy) in [#​6210](https://redirect.github.com/manyfold3d/manyfold/pull/6210) ##### 🌍 Internationalization 🌏 - Translations updated: de by [@​Floppy](https://redirect.github.com/Floppy) in [#​6226](https://redirect.github.com/manyfold3d/manyfold/pull/6226) - Translations updated: es by [@​Floppy](https://redirect.github.com/Floppy) in [#​6218](https://redirect.github.com/manyfold3d/manyfold/pull/6218) ##### 🛠️ Other Improvements 🛠️ - Add Relationship model to support generic relationships between models, files, links etc. by [@​Floppy](https://redirect.github.com/Floppy) in [#​6196](https://redirect.github.com/manyfold3d/manyfold/pull/6196) - Handle bad unicode when parsing README files by [@​Floppy](https://redirect.github.com/Floppy) in [#​6206](https://redirect.github.com/manyfold3d/manyfold/pull/6206) - Change presupported file link to use new Relationship model by [@​Floppy](https://redirect.github.com/Floppy) in [#​6217](https://redirect.github.com/manyfold3d/manyfold/pull/6217) **Full Changelog**: <https://github.com/manyfold3d/manyfold/compare/v0.141.0...v0.142.0> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tYW55Zm9sZCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
6396419164 |
feat(flaresolverr): update image ghcr.io/flaresolverr/flaresolverr v3.4.6 → v3.5.0 (#48531)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/flaresolverr/flaresolverr](https://redirect.github.com/FlareSolverr/FlareSolverr) | minor | `7962759` → `139dfee` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>FlareSolverr/FlareSolverr (ghcr.io/flaresolverr/flaresolverr)</summary> ### [`v3.5.0`](https://redirect.github.com/FlareSolverr/FlareSolverr/blob/HEAD/CHANGELOG.md#v350-20260526) [Compare Source](https://redirect.github.com/FlareSolverr/FlareSolverr/compare/v3.4.6...v3.5.0) - Add formatting to log file - Resolve turnstile captcha. Thanks [@​denis-svg](https://redirect.github.com/denis-svg) - Bump dependencies. Thanks [@​flower](https://redirect.github.com/flower) - Fix tar.gz having wrong uid/gid. Thanks [@​NikoCat233](https://redirect.github.com/NikoCat233) - Revert base image & Python </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9mbGFyZXNvbHZlcnIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |
||
|
|
3c3b070883 |
fix(slink): update image docker.io/anirdev/slink v1.11.5 → v1.11.6 (#48530)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/anirdev/slink](https://docs.slinkapp.io) ([source](https://redirect.github.com/andrii-kryvoviaz/slink)) | patch | `44cde1f` → `bd39664` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>andrii-kryvoviaz/slink (docker.io/anirdev/slink)</summary> ### [`v1.11.6`](https://redirect.github.com/andrii-kryvoviaz/slink/releases/tag/v1.11.6) [Compare Source](https://redirect.github.com/andrii-kryvoviaz/slink/compare/v1.11.5...v1.11.6) #### 📦 Patch Notes ##### 🛠️ Improvements & Fixes - **Animated Image Previews:** Animated images now play correctly on the explore and collection pages instead of freezing on the first frame. - **Maintenance:** Updated project dependencies. **Full Changelog**: <https://github.com/andrii-kryvoviaz/slink/compare/v1.11.5...v1.11.6> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zbGluayIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
b3ea46de7e |
fix(authelia): update image ghcr.io/authelia/authelia 4.39.19 → 4.39.20 (#48529)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/authelia/authelia](https://redirect.github.com/authelia/authelia/pkgs/container/authelia) ([source](https://redirect.github.com/authelia/authelia)) | patch | `0c824dc` → `1b363e9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>authelia/authelia (ghcr.io/authelia/authelia)</summary> ### [`v4.39.20`](https://redirect.github.com/authelia/authelia/releases/tag/v4.39.20) [Compare Source](https://redirect.github.com/authelia/authelia/compare/v4.39.19...v4.39.20) #### Security Fixes This release contains important security fixes. We encourage users to update as soon as practical. The following advisories accompany this release: - [Edge Case Access Control Rule Domain Miss Due to Lack of Canonicalization](https://redirect.github.com/authelia/authelia/security/advisories/GHSA-j748-h363-wqj8) reported by [@​j0hndo](https://redirect.github.com/j0hndo), fixed by [@​james-d-elliott](https://redirect.github.com/james-d-elliott), reviewed by [@​nightah](https://redirect.github.com/nightah) and [@​Crowley723](https://redirect.github.com/Crowley723) - [Missing Username Canonicalization in Basic Auth when using LDAP ](https://redirect.github.com/authelia/authelia/security/advisories/GHSA-hjj4-hfjm-fmrj) reported by [@​Nadav0077](https://redirect.github.com/Nadav0077), fixed by [@​james-d-elliott](https://redirect.github.com/james-d-elliott), reviewed by [@​nightah](https://redirect.github.com/nightah) and [@​Crowley723](https://redirect.github.com/Crowley723) ##### Bug Fixes - **authentication:** incorrect bind mode ([#​12094](https://redirect.github.com/authelia/authelia/issues/12094)) ([dc1d1d6](https://redirect.github.com/authelia/authelia/commit/dc1d1d6f1fa59890565fd06d94e6007414b4a465)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **authorization:** case-insensitive domain matching \[security] ([#​12169](https://redirect.github.com/authelia/authelia/issues/12169)) ([b6d1d60](https://redirect.github.com/authelia/authelia/commit/b6d1d60baa02f216fdb19f5dfeaf2e805829508a)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **authorization:** oauth2 client credentials considered anonymous ([#​12141](https://redirect.github.com/authelia/authelia/issues/12141)) ([54de0c9](https://redirect.github.com/authelia/authelia/commit/54de0c9b783a946882673b4d6b85ac9d85157573)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **configuration:** add default attributes to freeipa ([#​12155](https://redirect.github.com/authelia/authelia/issues/12155)) ([f8203be](https://redirect.github.com/authelia/authelia/commit/f8203beb780c79dbbd15b010fd473c4478699ff0)) by [@​kaysond](https://redirect.github.com/kaysond) - **configuration:** include specific warning about ports ([#​12145](https://redirect.github.com/authelia/authelia/issues/12145)) ([033533e](https://redirect.github.com/authelia/authelia/commit/033533ec9a60152544b77fd3534670b43e6158e1)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **configuration:** preserve dots in map key names during koanf remap ([#​11803](https://redirect.github.com/authelia/authelia/issues/11803)) ([211a4cd](https://redirect.github.com/authelia/authelia/commit/211a4cd1a4ac27a994dc70523e09a75e7064f95b)) by [@​nightah](https://redirect.github.com/nightah) - **expression:** add missing extensions ([#​11226](https://redirect.github.com/authelia/authelia/issues/11226)) ([4c7ffd3](https://redirect.github.com/authelia/authelia/commit/4c7ffd348c484f282e0828144e0ac46bf150a5c3)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **handlers:** basic auth username canonicalization \[security] ([#​12170](https://redirect.github.com/authelia/authelia/issues/12170)) ([b8985b5](https://redirect.github.com/authelia/authelia/commit/b8985b57b70acdff8f204ed426ff619e763461ad)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **handlers:** hoist issuer checks ([#​12160](https://redirect.github.com/authelia/authelia/issues/12160)) ([ab5dca7](https://redirect.github.com/authelia/authelia/commit/ab5dca7329f9cb0567bfa10895c703cc1e2458e8)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **metrics:** ensure unknown bans are measured ([#​11999](https://redirect.github.com/authelia/authelia/issues/11999)) ([3adae90](https://redirect.github.com/authelia/authelia/commit/3adae9081c41032986c7dfabb74b3202a6359927)), closes [#​11972](https://redirect.github.com/authelia/authelia/issues/11972) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **metrics:** go collectors not registered ([#​11894](https://redirect.github.com/authelia/authelia/issues/11894)) ([9cd8812](https://redirect.github.com/authelia/authelia/commit/9cd88129ee98c2a757ccc1aa18e8b73dcc46d64c)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **middlewares:** add rate limit exclusions ([#​12159](https://redirect.github.com/authelia/authelia/issues/12159)) ([17397cd](https://redirect.github.com/authelia/authelia/commit/17397cdceceef0482b98c9bcad12dc8aef874405)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **session:** add startup check for backend connectivity ([#​12157](https://redirect.github.com/authelia/authelia/issues/12157)) ([8149b6f](https://redirect.github.com/authelia/authelia/commit/8149b6fd06ee9cfa0ba0277974eb7834263dfc2a)) by [@​nightah](https://redirect.github.com/nightah) - **storage:** harden one-time code consumption ([#​12095](https://redirect.github.com/authelia/authelia/issues/12095)) ([9dc3eb6](https://redirect.github.com/authelia/authelia/commit/9dc3eb6d97a4a84457817a0b49f64aed85f5200f)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **storage:** incorrect query used for auth code by req id ([#​12139](https://redirect.github.com/authelia/authelia/issues/12139)) ([dc6365d](https://redirect.github.com/authelia/authelia/commit/dc6365dea566e192513a7679521ef792a9cc14d5)) by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) - **web:** quote peer dependency versions in pnpm-workspace ([#​12049](https://redirect.github.com/authelia/authelia/issues/12049)) ([1fb10aa](https://redirect.github.com/authelia/authelia/commit/1fb10aa82dd83c1454d6f6172ec32fbd1f7d2149)), closes [#​12032](https://redirect.github.com/authelia/authelia/issues/12032) by [@​nightah](https://redirect.github.com/nightah) ##### New Contributors - [@​nicomem](https://redirect.github.com/nicomem) made their first contribution in [#​11885](https://redirect.github.com/authelia/authelia/pull/11885) - [@​TanguyBaudrin](https://redirect.github.com/TanguyBaudrin) made their first contribution in [#​11750](https://redirect.github.com/authelia/authelia/pull/11750) - [@​turtleinarock](https://redirect.github.com/turtleinarock) made their first contribution in [#​11912](https://redirect.github.com/authelia/authelia/pull/11912) - [@​rpadovani](https://redirect.github.com/rpadovani) made their first contribution in [#​11720](https://redirect.github.com/authelia/authelia/pull/11720) - [@​arylatt](https://redirect.github.com/arylatt) made their first contribution in [#​11899](https://redirect.github.com/authelia/authelia/pull/11899) - [@​dubwoc](https://redirect.github.com/dubwoc) made their first contribution in [#​11933](https://redirect.github.com/authelia/authelia/pull/11933) ##### Docker Container - `docker pull authelia/authelia:4.39.20` - `docker pull ghcr.io/authelia/authelia:4.39.20` </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRoZWxpYSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
769d1e2ee1 |
chore(webgrabplus): update image ghcr.io/linuxserver/webgrabplus digest to 7a96613 (#48524)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/webgrabplus](https://redirect.github.com/linuxserver/docker-webgrabplus/packages) ([source](https://redirect.github.com/linuxserver/docker-webgrabplus)) | digest | `72cfe0e` → `7a96613` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWJncmFicGx1cyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
83c62fa8d6 |
chore(rflood): update image ghcr.io/hotio/rflood digest to b9168c8 (#48522)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/hotio/rflood | digest | `bfba966` → `b9168c8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZmxvb2QiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
99bbcbd21f |
chore(piwigo): update image ghcr.io/linuxserver/piwigo digest to 5fe35ba (#48521)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/piwigo](https://redirect.github.com/linuxserver/docker-piwigo/packages) ([source](https://redirect.github.com/linuxserver/docker-piwigo)) | digest | `4e0f0ad` → `5fe35ba` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9waXdpZ28iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
7eed72fa45 |
chore(kdenlive): update image lscr.io/linuxserver/kdenlive digest to 91955b2 (#48520)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | lscr.io/linuxserver/kdenlive | digest | `bf25b51` → `91955b2` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9rZGVubGl2ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
7589d5239c |
chore(jellyfin): update image docker.io/alpine/socat digest to cc2ab24 (#48519)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/alpine/socat | digest | `bfd2550` → `cc2ab24` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9qZWxseWZpbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
aebb1012c2 |
chore(digikam): update image ghcr.io/linuxserver/digikam digest to 482b4ca (#48517)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/digikam](https://redirect.github.com/linuxserver/docker-digikam/packages) ([source](https://redirect.github.com/linuxserver/docker-digikam)) | digest | `aa09c5f` → `482b4ca` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kaWdpa2FtIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
4aab15e3ac |
chore(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine digest to 023e124 (#48516)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | digest | `8820722` → `023e124` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
7222ee9c3f |
feat(gonic): update image docker.io/sentriz/gonic v0.20.1 → v0.21.0 (#48515)
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [docker.io/sentriz/gonic](https://redirect.github.com/sentriz/gonic) |
minor | `6b2ce6e` → `a6b7abf` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.
Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.
---
### Release Notes
<details>
<summary>sentriz/gonic (docker.io/sentriz/gonic)</summary>
###
[`v0.21.0`](https://redirect.github.com/sentriz/gonic/releases/tag/v0.21.0):
gonic v0.21.0
[Compare
Source](https://redirect.github.com/sentriz/gonic/compare/v0.20.1...v0.21.0)
##### Highlights
- **Transcoding works out of the box.** `stream` now honors `format` and
`maxBitRate` without needing a per-user profile, so clients like
Symfonium can pick a bitrate per-network with zero server-side setup.
Admins can also configure per-format defaults from a new admin UI
section. For legacy clients like Sonus, use the existing but now renamed
"per-client overrides" section
- **Seeking works in transcoded streams.** Cached transcodes are served
with proper HTTP Range support, so scrubbing through an opus transcode
now behaves like scrubbing through a normal file. For cache misses
(first time streaming) `timeOffset` and `estimateContentLength` are now
supported
- **Track play counts are returned** on individual tracks
([#​459](https://redirect.github.com/sentriz/gonic/issues/459)),
so scrobble counts sync correctly across devices
- **Richer artist metadata:** track contributors, performer roles, and
per-relationship credit names are scanned and exposed. `displayArtist`
now uses `ARTIST_CREDIT`
- See **Richer artist metadata demo** below
- Recommended taggers for full support [beets](https://beets.io/) or
[wrtag](https://redirect.github.com/sentriz/wrtag)
- **More scanned tags:** ISRCs, record labels, and per-track year tags
are now picked up and returned to clients that support them
- **Portable m3u playlists** use relative paths, so they survive moves
between machines or library roots
([#​537](https://redirect.github.com/sentriz/gonic/issues/537),
[#​529](https://redirect.github.com/sentriz/gonic/issues/529))
- **Bounded cover art cache** with configurable size and eviction
interval, useful on smaller disks
([#​687](https://redirect.github.com/sentriz/gonic/issues/687))
- **Security:** playlist ownership is now enforced - one user can no
longer fetch or delete another user's playlists
##### Upgrade notes
- A full ("slow") scan is recommended after upgrading to v0.21.0 to pick
up the newly scanned fields (contributors, ISRCs, record labels,
per-track years, `ARTIST_CREDIT`)
##### ⚠ BREAKING CHANGES
- **deps:** bump to go1.26
##### Features
- add cache size and eject interval for cover art cache
([#​687](https://redirect.github.com/sentriz/gonic/issues/687))
([b25bf3c](https://www.github.com/sentriz/gonic/commit/b25bf3cf1deaeb338dc1aa161c7ae0506583ec43))
- **ci:** update golangci-lint
([be36fb4](https://www.github.com/sentriz/gonic/commit/be36fb41ed8e2125efaa203ab8b8eff23c6eed82))
- **db:** refactor artist and album level artist roles
([1edd175](https://www.github.com/sentriz/gonic/commit/1edd175885ebec7ed7a6279ccef78e3c0565c131))
- **db:** update log format
([3793d48](https://www.github.com/sentriz/gonic/commit/3793d48a4f14c394e06e4159ef01e72539f031a8))
- **docs:** add Music Assistant to list of tested applications
([#​676](https://redirect.github.com/sentriz/gonic/issues/676))
([f5eecae](https://www.github.com/sentriz/gonic/commit/f5eecae4ef4cf4a6491252bb9551aee5e82aecd9))
- **gonic:** add genre-tree option to expand genre hierarchies
([be4e137](https://www.github.com/sentriz/gonic/commit/be4e137d38f06a3750601492b032cad5e814f728))
- **gonic:** scan and return per-relationship credit names
([731c07a](https://www.github.com/sentriz/gonic/commit/731c07a045e4753001abd40bbc5359edd2f04269))
- **gonic:** use more efficient job polling
([9b4a0e3](https://www.github.com/sentriz/gonic/commit/9b4a0e30fb7c455f5b50dec1d3903f4bb8159e79))
- **lastfm:** retry when artist image fetch fails
([4eef4df](https://www.github.com/sentriz/gonic/commit/4eef4df26ac702def3b6109c51ae9cac57c15c34))
- **playlist:** use relative paths in m3u playlists
([798e7f8](https://www.github.com/sentriz/gonic/commit/798e7f875a03c8579616da364802958ef7265795)),
closes
[#​537](https://redirect.github.com/sentriz/gonic/issues/537)
[#​529](https://redirect.github.com/sentriz/gonic/issues/529)
- **podcast:** ensure that any error path out of doPodcastDownload sets
status
([#​672](https://redirect.github.com/sentriz/gonic/issues/672))
([192ee10](https://www.github.com/sentriz/gonic/commit/192ee10b3f10e45e12c419085f83be5588b06388))
- scan and return track contributors
([f9b6e27](https://www.github.com/sentriz/gonic/commit/f9b6e272ad7e16585153c79c070411a4d955558b))
- **scanner:** also read multi vorbis singular tags
([896b0dd](https://www.github.com/sentriz/gonic/commit/896b0dde2baa941472dd9c3f7662473f61c8f5f0)),
closes
[#​659](https://redirect.github.com/sentriz/gonic/issues/659)
- **scanner:** skip macOS resource fork files
([e2dabd2](https://www.github.com/sentriz/gonic/commit/e2dabd2519d4fa1914171601543cf370afc31ddf)),
closes
[#​657](https://redirect.github.com/sentriz/gonic/issues/657)
- **subsonic:** add configurable per format transcoding defaults
([b0e2c94](https://www.github.com/sentriz/gonic/commit/b0e2c94d7996cbdfca3fed2900b7e43623df290c))
- **subsonic:** don't render track contributors for DSub
([3ae3177](https://www.github.com/sentriz/gonic/commit/3ae317742f9c1bb8d16829f847ce57acb8cb16b2))
- **subsonic:** honor stream format/maxBitRate without a configured
profile
([9d888c0](https://www.github.com/sentriz/gonic/commit/9d888c09fad5898ad4e8f5a7416409d2e7c94c55))
- **subsonic:** make error codes match Open Subsonic spec
([#​671](https://redirect.github.com/sentriz/gonic/issues/671))
([1b770c9](https://www.github.com/sentriz/gonic/commit/1b770c95d8347423585758fa3c44817dfdc4af80))
- **subsonic:** return alternate performance name artists from
getSimilarArtists
([a7bbf55](https://www.github.com/sentriz/gonic/commit/a7bbf5565de21ab615f803d3f2efd0b33ad8d2db))
- **subsonic:** return artist roles field
([d5ef198](https://www.github.com/sentriz/gonic/commit/d5ef198e2b6fc97c5616ef75c129db12319006d2))
- **subsonic:** return band member name artists from getSimilarArtists
([c2a11a2](https://www.github.com/sentriz/gonic/commit/c2a11a2c50bea45542dd18a5c2b7b8a247831ef6))
- **subsonic:** return consistent shapes
([72418cd](https://www.github.com/sentriz/gonic/commit/72418cd0bd11dbe4b313374e3a7ebe0ea731d945))
- **subsonic:** scan and return ISRCs to child data
([#​688](https://redirect.github.com/sentriz/gonic/issues/688))
([52e0fa1](https://www.github.com/sentriz/gonic/commit/52e0fa14a958573cfb9badae0e2631b337a1e5be))
- **subsonic:** scan and return record labels
([36fe025](https://www.github.com/sentriz/gonic/commit/36fe02587d089daf00097fe53e4e37c71a879eb0))
- **subsonic:** serve cached transcodes directly for Range support
([58a2d06](https://www.github.com/sentriz/gonic/commit/58a2d065e81c7ec8fdbc808d6f2dd0d9e012cce8))
- **subsonic:** sort genres alphabetically by default
([bf8469c](https://www.github.com/sentriz/gonic/commit/bf8469cbf8f7bb6b9720bcd567c8b937968a9752))
- **subsonic:** support estimateContentLength on stream
([2953d23](https://www.github.com/sentriz/gonic/commit/2953d232f38e7c19ab38d54b669b41d09b810662))
- **subsonic:** support track level play counts
([9f706b9](https://www.github.com/sentriz/gonic/commit/9f706b9a0a47228a6a643a0b672368c4bcf56c59)),
closes
[#​459](https://redirect.github.com/sentriz/gonic/issues/459)
- **subsonic:** use ARTIST\_CREDIT for displayArtist fields
([44c2d79](https://www.github.com/sentriz/gonic/commit/44c2d79200f98e051fccf1c64a8c341c42fc13d0))
- support track level year tags
([#​661](https://redirect.github.com/sentriz/gonic/issues/661))
([5e916d0](https://www.github.com/sentriz/gonic/commit/5e916d0f4c1f9895cfcbecd479a8b686f6307b8a))
##### Bug Fixes
- **cmd:** don't panic on context.Canceled during shutdown
([03a9d06](https://www.github.com/sentriz/gonic/commit/03a9d06ff6d49c96cedab78907e06bd9f9db5634))
- **lastfm:** don't replace cached artist image with empty on refresh
([ec457fb](https://www.github.com/sentriz/gonic/commit/ec457fb380c5e447dbe1556e588623bc38d87e44))
- **listenbrainz:** disable post-quantum TLS to avoid connection reset
errors
([b2674f8](https://www.github.com/sentriz/gonic/commit/b2674f8e5a13ac1a4fffc21a9b8b61507e405373))
- **podcast:** don't try to rm the podcast directory when deleting an
episode
([8a860dd](https://www.github.com/sentriz/gonic/commit/8a860dddd4b4aa26aa073de44bfb52dabc050f07))
- **podcast:** fix crash if itunes extensions are missing
([#​668](https://redirect.github.com/sentriz/gonic/issues/668))
([9473ec7](https://www.github.com/sentriz/gonic/commit/9473ec7539bff08d1cba1968ed7b2a534230d400))
- **scanner:** reduce sqlite lock contention during scans
([5daf95c](https://www.github.com/sentriz/gonic/commit/5daf95cdebd6bef1d07074ec670e176d1f75b461)),
closes
[#​678](https://redirect.github.com/sentriz/gonic/issues/678)
- **scanner:** reset batch timer on fsnotify Remove events
([65c4674](https://www.github.com/sentriz/gonic/commit/65c4674da0b42216c8a9b4642f80be60ac1fdf53)),
closes
[#​637](https://redirect.github.com/sentriz/gonic/issues/637)
- **scanner:** set track created\_at from file birth/mod time
([5a5308b](https://www.github.com/sentriz/gonic/commit/5a5308b8c39cc16d4256a761ec91003bb7f68c08)),
closes
[#​693](https://redirect.github.com/sentriz/gonic/issues/693)
- **subsonic:** allow no podcast id for getPodcasts
([737c7f1](https://www.github.com/sentriz/gonic/commit/737c7f1ad38c81570bfaeeadf356c24255b8073b)),
closes
[#​686](https://redirect.github.com/sentriz/gonic/issues/686)
- **subsonic:** always report scrobblingEnabled true
([a2db490](https://www.github.com/sentriz/gonic/commit/a2db4903555c8c934acf97c205d69180c1bead41)),
closes
[#​644](https://redirect.github.com/sentriz/gonic/issues/644)
- **subsonic:** contain playlist paths to prevent cross-user access
([0824bed](https://www.github.com/sentriz/gonic/commit/0824bed88f6bbc490ba28bf09d28e5dfeb07b445))
- **subsonic:** enforce playlist ownership on getPlaylist/deletePlaylist
([6dd71e6](https://www.github.com/sentriz/gonic/commit/6dd71e6a3c966867ef8c900d359a7df75789f410))
- **subsonic:** provide uncompressed file on /download
([#​679](https://redirect.github.com/sentriz/gonic/issues/679))
([3e436aa](https://www.github.com/sentriz/gonic/commit/3e436aac051cde0f96f6f65ddb2847d32643ae30))
- **subsonic:** return artist as track artist in TrackChild
([
|
||
|
|
47c53249c5 |
fix(changedetection-io): update image ghcr.io/dgtlmoon/changedetection.io 0.55.5 → 0.55.7 (#48513)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/dgtlmoon/changedetection.io](https://changedetection.io) ([source](https://redirect.github.com/dgtlmoon/changedetection.io)) | patch | `d89d418` → `736331d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>dgtlmoon/changedetection.io (ghcr.io/dgtlmoon/changedetection.io)</summary> ### [`v0.55.7`](https://redirect.github.com/dgtlmoon/changedetection.io/releases/tag/0.55.7) [Compare Source](https://redirect.github.com/dgtlmoon/changedetection.io/compare/0.55.5...0.55.7) #### What's Changed - UI - LLM - Fix for settings (wtforms vs pydantic) by [@​dgtlmoon](https://redirect.github.com/dgtlmoon) in [#​4184](https://redirect.github.com/dgtlmoon/changedetection.io/pull/4184) **Full Changelog**: <https://github.com/dgtlmoon/changedetection.io/compare/0.55.6...0.55.7> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jaGFuZ2VkZXRlY3Rpb24taW8iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
2731995911 |
fix(babybuddy): update image ghcr.io/linuxserver/babybuddy 2.9.0 → 2.9.2 (#48512)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/babybuddy](https://redirect.github.com/linuxserver/docker-babybuddy/packages) ([source](https://redirect.github.com/linuxserver/docker-babybuddy)) | patch | `d2e3721` → `a2075a2` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9iYWJ5YnVkZHkiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
33b1a80587 |
chore(rsshub): update image docker.io/diygod/rsshub digest to 48146b4 (#48511)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/diygod/rsshub | digest | `72c22bf` → `48146b4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yc3NodWIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
37d2aa0174 |
chore(nextcloud): update image docker.io/clamav/clamav digest to f7954ca (#48510)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/clamav/clamav](https://redirect.github.com/Cisco-Talos/clamav.git) ([source](https://redirect.github.com/Cisco-Talos/clamav)) | digest | `de10aee` → `f7954ca` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9uZXh0Y2xvdWQiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
adf31e4175 |
feat(local-ai): update image docker.io/localai/localai v4.2.6 → v4.3.1 (#48501)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/localai/localai](https://redirect.github.com/mudler/LocalAI) | minor | `c41d534` → `28f0aa9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>mudler/LocalAI (docker.io/localai/localai)</summary> ### [`v4.3.1`](https://redirect.github.com/mudler/LocalAI/releases/tag/v4.3.1) [Compare Source](https://redirect.github.com/mudler/LocalAI/compare/v4.3.0...v4.3.1) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Other Changes - Fix kokoros backend build break from Backend trait drift by [@​Copilot](https://redirect.github.com/Copilot) in [#​9972](https://redirect.github.com/mudler/LocalAI/pull/9972) - chore: :arrow\_up: Update antirez/ds4 to `f91c12b50a1448527c435c028bfc70d1b00f6c33` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​9975](https://redirect.github.com/mudler/LocalAI/pull/9975) - chore: :arrow\_up: Update ikawrakow/ik\_llama.cpp to `9f7ba245ab41e118f03aa8dd5134d18a81159d02` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​9973](https://redirect.github.com/mudler/LocalAI/pull/9973) - chore: :arrow\_up: Update ggml-org/llama.cpp to `549b9d84330c327e6791fa812a7d60c0cf63572e` by [@​localai-bot](https://redirect.github.com/localai-bot) in [#​9974](https://redirect.github.com/mudler/LocalAI/pull/9974) **Full Changelog**: <https://github.com/mudler/LocalAI/compare/v4.3.0...v4.3.1> ### [`v4.3.0`](https://redirect.github.com/mudler/LocalAI/releases/tag/v4.3.0) [Compare Source](https://redirect.github.com/mudler/LocalAI/compare/v4.2.6...v4.3.0) ### 🎉 LocalAI 4.3.0 Release! 🚀 <h1 align="center"> <br> <img height="300" src="https://raw.githubusercontent.com/mudler/LocalAI/refs/heads/master/core/http/static/logo.png"> <br> <br> </h1> LocalAI 4.3.0 is out! This release **hardens the trust boundary** and **improves defaults for speed**. Backend OCI images now ship with **keyless cosign signatures** and a per-gallery `verification:` policy, with an opt-in strict mode that fails closed. The `llama-cpp` server-side prompt cache works **by default**: repeated system prompts (agents, OpenAI/Anthropic-compatible CLIs, coding assistants) collapse from **minutes to seconds** without touching YAML. Distributed mode gets rounds of optimizations. Usage tracking grows a **per-API-key + per-user Sources view** so admins can finally answer "who is burning the GPU?". And, for everyone on a Jetson/DGX box, the **L4T13 (cu130/aarch64) backends are back**. *** #### 📌 TL;DR | Feature | Summary | | ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | | 🔐 **Signed Backends** | Keyless cosign + sigstore-go verification for backend OCI images, OCI 1.1 referrers, `not_before` revocation, opt-in strict mode. | | ⚡ **Prompt Cache by Default** | `llama-cpp` server-side prompt cache works out of the box. Repeated system prompts go from 5-8 min to seconds. | | 📊 **Usage per API Key** | New Sources tab attributes traffic to keys and users. Revoked keys stay readable in history. | | 🛰️ **Distributed v3** | Per-request replica routing, cached `probeHealth`, async per-node installs with streaming progress, unified backend-logs entry point. | | 🩺 **Traces UI Stays Snappy** | `LOCALAI_TRACING_MAX_BODY_BYTES` caps API + backend trace payloads. Admin Traces page stops drowning in 40 MB embeddings. | | 🧊 **Nix Flake** | Dockerless setup for NixOS users via `flake.nix` + dev shell. | | 🦾 **Jetson Thor Restored** | `vllm` / `sglang` / `vllm-omni` L4T13 backends switched to PyPI aarch64+cu130 wheels (torch 2.10 ABI fix). | *** #### 🚀 New Features & Major Enhancements ##### 🔐 Signed Backends with Keyless Cosign LocalAI now verifies that backend OCI images came from our CI, not a compromised registry or MITM. This closes a real trust gap: the gallery YAML told LocalAI which image to pull, but nothing checked the bytes. The producer side (`.github/workflows/backend_merge.yml`) signs every merged backend image (and every per-arch entry under the manifest list) with **sigstore/cosign** keyless via Fulcio + Rekor, using OCI 1.1 referrers (no legacy `:tag.sig`). The consumer side (`pkg/oci/cosignverify`, built on **sigstore-go**) verifies signatures against a per-gallery `verification:` policy: ```yaml verification: issuer_regex: "^https://token\\.actions\\.githubusercontent\\.com$" identity_regex: "^https://github\\.com/mudler/LocalAI/\\.github/workflows/backend_merge\\.yml@.*$" not_before: "2026-05-22T00:00:00Z" ``` - **TUF trusted root** cached process-wide, so N backends from one gallery do **1** fetch, not N. - **`not_before` is the revocation lever**: keyless Fulcio certs are ephemeral, so revocation is policy-side. Advance the date in the gallery YAML and every signature predating the cutoff is invalidated. - **Digest pinning** closes the TOCTOU window between verify and pull. - **Strict mode**: `--require-backend-integrity` (or `LOCALAI_REQUIRE_BACKEND_INTEGRITY=true`) escalates missing policy / empty SHA256 from warn to **hard-fail**. Rollout is backward-compatible: until a gallery ships a `verification:` block, installs proceed with a warning. The default `backend/index.yaml` will be populated next, and strict mode is opt-in. See [.agents/backend-signing.md](.agents/backend-signing.md) for the full producer + consumer story. > 🔗 PRs: [#​9823](https://redirect.github.com/mudler/LocalAI/issues/9823) (consumer + producer + plumbing), [#​9957](https://redirect.github.com/mudler/LocalAI/issues/9957) (fix for current cosign releases). *** ##### ⚡ Prompt Cache: On by Default `llama-cpp` ships with a server-side prompt cache, but until now LocalAI was not enabling it by default. Repeated system prompts (agents, Claude-Code-style coding assistants, OpenAI-compatible CLIs with long instructions) were re-prefilled on every call. With this release, the same workload collapses to **seconds** without no specific configuration on your side. Two changes, one default flip each: 1. **`kv_unified=true` by default** in `grpc-server.cpp`. The previous `false` was silently force-disabling `cache_idle_slots` at server init (the host prompt cache was being allocated but never written across requests). 2. **`prompt_cache_all` defaults to `true`** at the YAML layer, matching upstream `llama.cpp`'s own `common.h` default. The per-request `cache_prompt` knob is now on out of the box. You can still opt out with `options: ["kv_unified:false"]` or `prompt_cache_all: false`, and there are new option keys (`cache_idle_slots`, `checkpoint_every_nt`) for tuning. Docs in `docs/content/advanced/model-configuration.md` got a worked example for the repeated-system-prompt workload and a proper explanation of how `kv_unified`, `cache_ram`, and `cache_idle_slots` interact. > 🔗 PRs: [#​9925](https://redirect.github.com/mudler/LocalAI/issues/9925) (kv\_unified + cache\_idle\_slots defaults + docs), [#​9951](https://redirect.github.com/mudler/LocalAI/issues/9951) (prompt\_cache\_all tristate default). *** ##### 📊 Per-API-Key Usage Tracking Closes [#​9862](https://redirect.github.com/mudler/LocalAI/issues/9862). The usage page now answers "**who** spent these tokens?", not just "how many tokens were spent". - `usage_records` gained `Source` (`apikey` / `web` / `legacy`), `APIKeyID`, `APIKeyName`, plus an idempotent backfill of pre-feature rows on `InitDB`. - Auth middleware plumbs the resolved `*UserAPIKey` and the request source through the Echo context. Usage middleware snapshots the key id + name, so **revoked keys stay readable in history** (rendered as `(revoked)`). - New endpoints: `GET /api/auth/usage/sources` (self, no legacy) and `GET /api/auth/admin/usage/sources` (admin, with `user_id` / `api_key_id` filters, 200-key truncation). - React Usage page gains a **Sources tab** with a source-mix ribbon, a top-7 + Other time chart, and a searchable/sortable table with drill-in chip. - Admin view (follow-up in [#​9935](https://redirect.github.com/mudler/LocalAI/issues/9935)) also rolls up `(source, user_id, user_name)` so Web UI session traffic is split per user instead of lumped into one global "Web UI" row, and every named-key row shows the owning account. Docs: `features/authentication.md` gained a full Usage Tracking section with the new tab, endpoints, response shape and migration notes. > 🔗 PRs: [#​9920](https://redirect.github.com/mudler/LocalAI/issues/9920) (core + Sources tab), [#​9935](https://redirect.github.com/mudler/LocalAI/issues/9935) (per-user attribution in admin view). *** ##### 🛰️ Distributed Mode v3 Distributed mode keeps hardening. This release fixes the two things that bit operators hardest in practice and lays the groundwork for the next round of UX. **Per-request routing across replicas ([#​9968](https://redirect.github.com/mudler/LocalAI/issues/9968))** restores cross-node load balancing. The bug: `ModelLoader.Load` cached a `*Model` whose embedded `InFlightTrackingClient` was bound to a single `(nodeID, replicaIndex)`. After the first request, every subsequent call reused that wrapper and **pinned to whichever node won the first pick**, even after the reconciler scaled the model out. The reproducer from the report: ``` dgx-spark1 loaded in_flight=6 nvidia-thor1 loaded in_flight=0 (← idle, never gets traffic) ``` Now `SmartRouter.Route` runs per request, the existing `in_flight ASC, last_used ASC, available_vram DESC` round-robin actually fires, and the replica-selection rule lives in **one place** (`PickBestReplica`) with a mirror spec asserting the SQL `ORDER BY` and the Go picker agree on a seeded dataset. `probeHealth` is now memoized per `(nodeID, addr)` with a 30s TTL and `singleflight` coalescing, so a burst of new requests doesn't stall on a `HealthCheck` that llama.cpp serializes against in-flight `Predict`. **Async per-node installs via the gallery job queue ([#​9928](https://redirect.github.com/mudler/LocalAI/issues/9928)).** `POST /api/nodes/:id/backends/install` used to block the request for up to 3 minutes while the worker pulled the image, freezing the React UI's Backends picker. It now returns **HTTP 202 + `jobID`** immediately, scoped to a one-element `targetNodeIDs` allowlist, with a node-scoped opcache row so concurrent installs on different nodes don't collide. The Operations panel surfaces a `nodeID` field for attribution. **Resilient backend installs with streaming progress ([#​9958](https://redirect.github.com/mudler/LocalAI/issues/9958)).** Two phases: - *Phase 1*: `LOCALAI_NATS_BACKEND_INSTALL_TIMEOUT` / `LOCALAI_NATS_BACKEND_UPGRADE_TIMEOUT` env vars (default **15m**, previously hardcoded 3m). A NATS round-trip timeout while the worker is still pulling no longer reports as a hard failure: per-node status becomes `running_on_worker`, the queue row stays alive without bumping `Attempts`, and `ListBackends` proactively clears install rows whose intent is satisfied (so the UI updates instantly instead of waiting up to 15m for the next reconciler tick). - *Phase 2*: workers publish debounced (\~250ms) `BackendInstallProgressEvent` values on a transient `nodes.<nodeID>.backend.install.<opID>.progress` subject. The master subscribes for the duration of the request and forwards each event into `OpStatus.UpdateStatus`, so the admin UI gets **per-byte progress for distributed installs** the same way local-mode does, with no UI changes. Backward compatible: old workers stay silent, new masters tolerate silence. **Unified backend-logs entry point ([#​9949](https://redirect.github.com/mudler/LocalAI/issues/9949)).** `/app/backend-logs/:modelId` is now a single, mode-aware route. In standalone it's the local WebSocket view, unchanged. In distributed it probes `nodesApi.getModels`, filters by `model_name`, then routes: 0 hits → empty state with a link to Nodes; 1 hit → `<Navigate replace>` to the per-node logs URL preserving the `?from=` deep-link timestamp; N hits → a picker listing each hosting worker with node id, replica index and load state. Every view that links to backend logs now points at the same URL. **Bug-hunt harness.** A new distributed test harness landed in `tests/distributed/` to catch the kind of regressions the [#​9968](https://redirect.github.com/mudler/LocalAI/issues/9968) reproducer surfaced. > 🔗 PRs: [#​9968](https://redirect.github.com/mudler/LocalAI/issues/9968), [#​9928](https://redirect.github.com/mudler/LocalAI/issues/9928), [#​9958](https://redirect.github.com/mudler/LocalAI/issues/9958), [#​9949](https://redirect.github.com/mudler/LocalAI/issues/9949), plus the `tests(distributed): add bug-hunt harness` commit. *** ##### 🩺 Admin Traces UI: Stays Responsive Under Load Two complementary caps fix the symptom where the admin Traces page sat in "loading" forever on a chatty agent-pool RAG deployment. - **API-side ([#​9946](https://redirect.github.com/mudler/LocalAI/issues/9946))**: `LOCALAI_TRACING_MAX_BODY_BYTES` (default 64 KiB) caps each captured request/response body in the trace middleware. The full payload still flows to the real client; only the trace copy is bounded. `body_truncated` + original `body_bytes` are recorded so the dashboard can surface that truncation happened. Observed before the fix on a live deployment: `/api/traces` returned **44.6 MB** (466 traces, 447 `/embeddings`, top body 1.38 MB). The Traces UI Clear button is also kept enabled during loading, which is exactly when you need it. - **Backend-side ([#​9960](https://redirect.github.com/mudler/LocalAI/issues/9960))**: `RecordBackendTrace` walks the `Data` map and replaces any string value larger than the cap with `<truncated: N bytes>`. Producers (`core/backend/llm.go`, `core/trace/audio_snippet.go`) apply head-preserving truncation upstream so the UI still shows useful leading content. TTS / `audio_transform` traces drop the base64 snippet when the encoded blob exceeds the cap (truncated base64 is undecodable; the React `WaveformPlayer` already no-ops without it). Both knobs are live-tunable from the Traces settings panel. > 🔗 PRs: [#​9946](https://redirect.github.com/mudler/LocalAI/issues/9946) (API side), [#​9960](https://redirect.github.com/mudler/LocalAI/issues/9960) (backend side). *** ##### 🧊 Nix Flake for NixOS Users New `flake.nix` + `flake.lock` ship a reproducible, dockerless setup for NixOS, plus a dev shell for hacking on LocalAI without a container. > 🔗 PRs: [#​9851](https://redirect.github.com/mudler/LocalAI/issues/9851) (initial flake), [#​9894](https://redirect.github.com/mudler/LocalAI/issues/9894) (correct src path + dev shell). *** ##### 🦾 Jetson Thor (L4T13) Backends Restored The `cuda13-nvidia-l4t-arm64-vllm` / `sglang` / `vllm-omni` backends crashed at import with an undefined `c10::MessageLogger` symbol after the `pypi.jetson-ai-lab.io/sbsa/cu130` mirror started shipping torch 2.11 next to vllm/sglang wheels built against torch 2.10. Per the [PyTorch April 2026 announcement](https://pytorch.org/blog/vllm-and-pytorch-work-together-to-improve-the-developer-experience-on-aarch64/), all three backends now pull from **PyPI's official aarch64 + cu130 wheels** instead, with the L4T13 `pyproject.toml` retired in favor of the standard `requirements-${profile}.txt` pattern used everywhere else. > 🔗 PR: [#​9950](https://redirect.github.com/mudler/LocalAI/issues/9950). *** ##### 📎 Chat: File Attachments + Stream Usage + Selection Three independent fixes that together make the chat experience visibly better: - **Text-file attachments actually reach the model (regression from react-ui port) ([#​9896](https://redirect.github.com/mudler/LocalAI/issues/9896)).** `.txt`, `.md`, `.csv`, `.json` content was silently dropped in `useChat.js` (only image\_url and audio\_url branches added content; the `else` branch only pushed metadata). `Home.jsx` also never called `file.text()` for files attached from the home screen. Both fixed. PDF files still need a parser (PDF.js or server-side extraction) and are flagged as a known limitation. - **Stream `include_usage` returns non-zero with tools ([#​9941](https://redirect.github.com/mudler/LocalAI/issues/9941)).** Fixes [#​9927](https://redirect.github.com/mudler/LocalAI/issues/9927). `processTools` discarded the cumulative `TokenUsage` from `ComputeChoices`, so the streaming trailer reported `{0, 0, 0}` whenever a `tools` array was present. The fix forwards the authoritative final usage via a sentinel chunk before `close(responses)`, with the outer loop updated to capture before the empty-Choices skip. The OpenAI streaming spec contract is preserved (intermediate chunks still carry no `usage`). - **Chat selection stops getting wiped every second ([#​9917](https://redirect.github.com/mudler/LocalAI/issues/9917)).** React 19 dropped the old `lastHtml === nextHtml` short-circuit in its DOM diff, so the 1s `/api/operations` poll re-assigning `setOperations` with a fresh array reference was collapsing text selection on every assistant message. Now JSON-compared and short-circuited. Bonus: the per-message copy button works over plain HTTP via a hidden-textarea + `execCommand('copy')` fallback when `navigator.clipboard` is unavailable. *** ##### 🔧 llama.cpp Stability + Refactors - **`tensor_buft_overrides` sentinel terminator ([#​9919](https://redirect.github.com/mudler/LocalAI/issues/9919)).** Mirror upstream `common/arg.cpp:645-658`: pad placeholders at the end of the main vector so `back().pattern == nullptr` holds, and append a single `{nullptr, nullptr}` to the draft vector when non-empty. - **`refactor(agents): bump skillserver, drop redundant Name` ([#​9916](https://redirect.github.com/mudler/LocalAI/issues/9916)).** `list_skills` and `search_skills` now return the same shape (only `id`, no duplicated `name`). Adds a Ginkgo regression that drives the LocalAI `FilesystemManager` through an in-process MCP session. - **Swagger refreshes ([#​9872](https://redirect.github.com/mudler/LocalAI/issues/9872), [#​9962](https://redirect.github.com/mudler/LocalAI/issues/9962))** keep the OpenAPI surface in sync with the routes added this cycle. *** ##### 🛠️ CI & Image Plumbing - **Chronologically-orderable master tags.** Master images are now also tagged `master-<epoch>-<sha>` so they sort by build time. The pre-existing `master` tag still moves with `HEAD`. - **Backend signing CI**: `COSIGN_EXPERIMENTAL=1` is set for the oci-1-1 referrers mode in the backend-signing job to keep current cosign versions happy. *** #### 🐛 Bug Fixes (recap) - 🔁 `fix(distributed): route per request across loaded replicas + cache probeHealth` - [#​9968](https://redirect.github.com/mudler/LocalAI/issues/9968) - 🧰 `fix(distributed): make admin backend installs resilient and observable` - [#​9958](https://redirect.github.com/mudler/LocalAI/issues/9958) - ⏳ `fix(nodes): make per-node backend install async via gallery job queue` - [#​9928](https://redirect.github.com/mudler/LocalAI/issues/9928) - 🧾 `fix(traces): cap backend trace Data to keep admin UI responsive` - [#​9960](https://redirect.github.com/mudler/LocalAI/issues/9960) - 🧾 `fix(traces): cap captured body size to keep admin Traces UI responsive` - [#​9946](https://redirect.github.com/mudler/LocalAI/issues/9946) - 🪟 `fix(react-ui): unify backend-logs entry point for distributed mode` - [#​9949](https://redirect.github.com/mudler/LocalAI/issues/9949) - 📎 `fix: inject text-file content into chat completions messages` - [#​9896](https://redirect.github.com/mudler/LocalAI/issues/9896) - 🧮 `fix(openai): stream usage non-zero when tools are enabled` - [#​9941](https://redirect.github.com/mudler/LocalAI/issues/9941) - 🧷 `fix(react-ui/chat): stop wiping selection on every /api/operations poll` - [#​9917](https://redirect.github.com/mudler/LocalAI/issues/9917) - 🧱 `fix(llama-cpp): terminate tensor_buft_overrides with sentinel` - [#​9919](https://redirect.github.com/mudler/LocalAI/issues/9919) - 🦾 `fix(L4T13 backends): switch vllm/sglang/vllm-omni to PyPI aarch64+cu130 wheels` - [#​9950](https://redirect.github.com/mudler/LocalAI/issues/9950) - 🧊 `fix(nix): correct flake src path and add dev shell` - [#​9894](https://redirect.github.com/mudler/LocalAI/issues/9894) - 🔐 `Fix backend manifest merge signing on current cosign releases` - [#​9957](https://redirect.github.com/mudler/LocalAI/issues/9957) - 🧯 `[utils] Fail immediately on extraction errors` - [#​9926](https://redirect.github.com/mudler/LocalAI/issues/9926) *** #### 👒 Dependencies Heavy bump cycle across submodules and Go/Python deps: - **`ggml-org/llama.cpp`**: 7 bumps ([#​9855](https://redirect.github.com/mudler/LocalAI/issues/9855), [#​9876](https://redirect.github.com/mudler/LocalAI/issues/9876), [#​9897](https://redirect.github.com/mudler/LocalAI/issues/9897), [#​9915](https://redirect.github.com/mudler/LocalAI/issues/9915), [#​9934](https://redirect.github.com/mudler/LocalAI/issues/9934), [#​9952](https://redirect.github.com/mudler/LocalAI/issues/9952), [#​9963](https://redirect.github.com/mudler/LocalAI/issues/9963)) - **`ggml-org/whisper.cpp`**: 4 bumps ([#​9877](https://redirect.github.com/mudler/LocalAI/issues/9877), [#​9898](https://redirect.github.com/mudler/LocalAI/issues/9898), [#​9929](https://redirect.github.com/mudler/LocalAI/issues/9929), [#​9954](https://redirect.github.com/mudler/LocalAI/issues/9954)) - **`ikawrakow/ik_llama.cpp`**: 7 bumps ([#​9866](https://redirect.github.com/mudler/LocalAI/issues/9866), [#​9875](https://redirect.github.com/mudler/LocalAI/issues/9875), [#​9899](https://redirect.github.com/mudler/LocalAI/issues/9899), [#​9914](https://redirect.github.com/mudler/LocalAI/issues/9914), [#​9930](https://redirect.github.com/mudler/LocalAI/issues/9930), [#​9953](https://redirect.github.com/mudler/LocalAI/issues/9953), [#​9966](https://redirect.github.com/mudler/LocalAI/issues/9966)) - **`leejet/stable-diffusion.cpp`**: 4 bumps ([#​9907](https://redirect.github.com/mudler/LocalAI/issues/9907), [#​9933](https://redirect.github.com/mudler/LocalAI/issues/9933), [#​9955](https://redirect.github.com/mudler/LocalAI/issues/9955), [#​9965](https://redirect.github.com/mudler/LocalAI/issues/9965)) - **`antirez/ds4`**: 5 bumps ([#​9864](https://redirect.github.com/mudler/LocalAI/issues/9864), [#​9900](https://redirect.github.com/mudler/LocalAI/issues/9900), [#​9909](https://redirect.github.com/mudler/LocalAI/issues/9909), [#​9932](https://redirect.github.com/mudler/LocalAI/issues/9932), [#​9964](https://redirect.github.com/mudler/LocalAI/issues/9964)) - **`ace-step/acestep.cpp`**: bumped to `ed53caf` with wrapper API adapted ([#​9908](https://redirect.github.com/mudler/LocalAI/issues/9908), [#​9913](https://redirect.github.com/mudler/LocalAI/issues/9913)) - **Model gallery**: checksum refreshes ([#​9901](https://redirect.github.com/mudler/LocalAI/issues/9901), [#​9910](https://redirect.github.com/mudler/LocalAI/issues/9910)) - **Go modules**: `alecthomas/kong` 1.14→1.15 ([#​9881](https://redirect.github.com/mudler/LocalAI/issues/9881)), `aws/aws-sdk-go-v2` 1.41.6→1.41.7 ([#​9892](https://redirect.github.com/mudler/LocalAI/issues/9892)), `onsi/ginkgo/v2` 2.28.2→2.29.0 ([#​9882](https://redirect.github.com/mudler/LocalAI/issues/9882)), `golang.org/x/crypto` 0.50→0.51 ([#​9886](https://redirect.github.com/mudler/LocalAI/issues/9886)) - **Python**: `transformers` ≥5.8.1 ([#​9883](https://redirect.github.com/mudler/LocalAI/issues/9883)), `sentence-transformers` 5.4→5.5 ([#​9888](https://redirect.github.com/mudler/LocalAI/issues/9888)) *** #### 📖 Documentation - `docs: ⬆️ update docs version mudler/LocalAI` - [#​9863](https://redirect.github.com/mudler/LocalAI/issues/9863) - Plus inline docs updates folded into the feature PRs above (prompt-cache explainer, authentication / usage tracking section, backend signing guide). *** #### 🙌 New Contributors - [@​Azteczek](https://redirect.github.com/Azteczek) made their first contribution in [#​9851](https://redirect.github.com/mudler/LocalAI/pull/9851) - [@​inquam](https://redirect.github.com/inquam) made their first contribution in [#​9896](https://redirect.github.com/mudler/LocalAI/pull/9896) - [@​RinZ27](https://redirect.github.com/RinZ27) made their first contribution in [#​9926](https://redirect.github.com/mudler/LocalAI/pull/9926) Enjoy! *** **Full Changelog**: <https://github.com/mudler/LocalAI/compare/v4.2.6...v4.3.0> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9sb2NhbC1haSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
00cbcab54d |
fix(docker): update image docker 29.5.1 → 29.5.2 (#48500)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker | patch | `eed377f` → `6b9cd91` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kb2NrZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
ee2bc248e6 |
chore(yourls): update image yourls digest to cf5f0b4 (#48499)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | yourls | digest | `233e258` → `cf5f0b4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95b3VybHMiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
17c7358ce8 |
chore(monica): update image monica digest to 356531e (#48497)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | monica | digest | `8e1229b` → `356531e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tb25pY2EiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
2c1b53d1e7 |
chore(yacy): update image docker.io/yacy/yacy_search_server digest to 9e8b192 (#48490)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/yacy/yacy_search_server | digest | `798d491` → `9e8b192` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95YWN5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
c815f7af6d |
chore(tubesync): update image ghcr.io/meeb/tubesync digest to d319b51 (#48489)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/meeb/tubesync | digest | `ca71f3f` → `d319b51` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dWJlc3luYyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
af4f395a68 |
feat(ghostfolio): update image docker.io/ghostfolio/ghostfolio 3.4.0 → 3.5.0 (#48488)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/ghostfolio/ghostfolio](https://redirect.github.com/ghostfolio/ghostfolio) | minor | `5e4e8b5` → `200c57a` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>ghostfolio/ghostfolio (docker.io/ghostfolio/ghostfolio)</summary> ### [`v3.5.0`](https://redirect.github.com/ghostfolio/ghostfolio/blob/HEAD/CHANGELOG.md#350---2026-05-24) [Compare Source](https://redirect.github.com/ghostfolio/ghostfolio/compare/3.4.0...3.5.0) ##### Added - Configured the `min-release-age` in `.npmrc` ##### Changed - Removed the deprecated attributes (`assetClass`, `countries`, `currency`, `dataSource`, `name`, `sectors`, `symbol` and `url`) from the holdings of the public portfolio endpoint response - Removed the deprecated `api/v1/order` endpoints - Upgraded `@keyv/redis` from version `4.4.0` to `5.1.6` ##### Fixed - Fixed a layout regression that caused a double scrollbar on pages without tabs - Resolved an issue with missing cash positions caused by an incorrect data source </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9naG9zdGZvbGlvIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==--> |
||
|
|
85b0c31708 |
fix(maintainerr): update image docker.io/maintainerr/maintainerr 3.12.0 → 3.12.1 (#48485)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/maintainerr/maintainerr](https://redirect.github.com/Maintainerr/Maintainerr) | patch | `8d52584` → `0778e0e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>Maintainerr/Maintainerr (docker.io/maintainerr/maintainerr)</summary> ### [`v3.12.1`](https://redirect.github.com/Maintainerr/Maintainerr/blob/HEAD/CHANGELOG.md#3121-2026-05-23) [Compare Source](https://redirect.github.com/Maintainerr/Maintainerr/compare/v3.12.0...v3.12.1) #### Highlights - Added `ruleEvaluationFailed` field to `collection_media` table to track rule evaluation failures for collection media. - Improved performance of rule evaluation by reducing concurrency and introducing deduplication for uncached media lookups. #### Features - Added detailed error logging for Emby image upload failures, including server response body for better debugging. #### Fixes - Resolved issue where Emby overlays would not revert after media was removed from a collection. - Fixed incorrect rendering of overlay notification titles for Emby/Jellyfin movies. - Corrected collection `ruleGroup` entity type in the server. - Addressed issues with rule evaluation failure tracking for collection media. #### Performance - Reduced `RULE_EVALUATION_CONCURRENCY` from 16 to 8 to prevent overloading co-located backends. - Improved rule evaluation performance by deduplicating uncached Sonarr/Radarr identity lookups per run. - Batched rule operand reads with bounded concurrency for better efficiency. - Parallelized per-item Plex watch-history reads during rule execution. #### Database migrations - Added `ruleEvaluationFailed` column to the `collection_media` table to track rule evaluation failures. #### Internal - Renamed internal settings services and decoupled them into separate operations and data layers. - Removed unused `forwardRef` imports from `SettingsModule` after refactoring. - Added tests for `ArrLookupCache` deduplication and eviction on failure. - Added tests to ensure fresh series reads during empty-show cleanup. #### Dependencies - Updated 13 dependencies, including nodemailer, glob, qs, postcss, [@​hookform/resolvers](https://redirect.github.com/hookform/resolvers), typescript-eslint, and vite. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tYWludGFpbmVyciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
08cee6b575 |
chore(searxng): update image docker.io/searxng/searxng digest to 1a9d213 (#48473)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/searxng/searxng | digest | `4f0db33` → `1a9d213` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zZWFyeG5nIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
97da68fc59 |
chore(wordpress): update image docker.io/bitnamisecure/wordpress digest to a1c720b (#48486)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/wordpress | digest | `4965c05` → `a1c720b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93b3JkcHJlc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
ef663f8905 |
chore(sshwifty): update image docker.io/niruix/sshwifty digest to 610b0c8 (#48484)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/niruix/sshwifty | digest | `cb414e4` → `610b0c8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zc2h3aWZ0eSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
b1d80454f8 |
chore(filestash): update image docker.io/machines/filestash digest to 76f3a45 (#48472)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/machines/filestash | digest | `3ee7f7a` → `76f3a45` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlc3Rhc2giLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
e82790141a |
chore(factorio): update image docker.io/factoriotools/factorio digest to 0bd437f (#48471)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/factoriotools/factorio | digest | `3cd46d3` → `0bd437f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9mYWN0b3JpbyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
b6e3f82462 |
feat(xen-orchestra): update image docker.io/ronivay/xen-orchestra 5.200.1 → 5.201.0 (#48470)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/ronivay/xen-orchestra | minor | `46692f8` → `2675535` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC94ZW4tb3JjaGVzdHJhIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==--> |
||
|
|
cc76db96f8 |
fix(rdtclient): update image ghcr.io/rogerfar/rdtclient 2.0.133 → 2.0.134 (#48469)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/rogerfar/rdtclient](https://redirect.github.com/rogerfar/rdt-client) | patch | `ed50479` → `2d42d68` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>rogerfar/rdt-client (ghcr.io/rogerfar/rdtclient)</summary> ### [`v2.0.134`](https://redirect.github.com/rogerfar/rdt-client/blob/HEAD/CHANGELOG.md#20134---2026-05-22) [Compare Source](https://redirect.github.com/rogerfar/rdt-client/compare/v2.0.133...v2.0.134) ##### Changed Upgraded torbox.net dependency. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZHRjbGllbnQiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
a5936ecccd |
fix(fireshare): update image docker.io/shaneisrael/fireshare 1.6.11 → 1.6.12 (#48468)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/shaneisrael/fireshare](https://redirect.github.com/ShaneIsrael/fireshare) | patch | `3dbde8e` → `e4489db` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>ShaneIsrael/fireshare (docker.io/shaneisrael/fireshare)</summary> ### [`v1.6.12`](https://redirect.github.com/ShaneIsrael/fireshare/releases/tag/v1.6.12) [Compare Source](https://redirect.github.com/ShaneIsrael/fireshare/compare/v1.6.11...v1.6.12) #### Bug Fixes - Improved logic in scan\_video (CLI) to avoid duplicate VideoGameLink associations which would cause unique constraint errors. - Adjusted admin password warning logic to not show when LDAP is enabled. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maXJlc2hhcmUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
9192f4813b |
chore(tachidesk-docker): update image ghcr.io/suwayomi/tachidesk digest to 0839e70 (#48467)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/suwayomi/tachidesk | digest | `410e07f` → `0839e70` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90YWNoaWRlc2stZG9ja2VyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
03f6cb675e |
feat(wekan): update image docker.io/wekanteam/wekan v9.26 → v9.30 (#48461)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `be29bc4` → `a29ae17` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.30`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v930-2026-05-22-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.29...v9.30) This release adds the following updates: - [Try to fix Snap build LXD container network Internet access](https://redirect.github.com/wekan/wekan/commit/07e6f663db0fb077dad6d88c1bd9d53139375cae). Thanks to xet7. - [Fix Snap LXD container to work when network already exists](https://redirect.github.com/wekan/wekan/commit/fb05b1a847be2e47d8c27c3959e063caf7cde886). Thanks to xet7. - [Release scripts: Use locally cached files](https://redirect.github.com/wekan/wekan/commit/6463a1ef87b2741c3bafdd39391efcd9c6534b83). Thanks to xet7. Thanks to above GitHub users for their contributions and translators for their translations. ### [`v9.29`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v929-2026-05-22-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.28...v9.29) This release adds the following updates: - [Try to fix Snap](https://redirect.github.com/wekan/wekan/commit/83078736f527101e1b983037c33a9b26c9639542). Thanks to xet7. - [Updated dependencies](https://redirect.github.com/wekan/wekan/commit/3e33c766d6f63eb2369898bcab9233e9e49240be). Thanks to developers of dependencies. Thanks to above GitHub users for their contributions and translators for their translations. ### [`v9.28`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v928-2026-05-22-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.26...v9.28) This release adds the following updates: - [Build scripts: Update arm64 build script](https://redirect.github.com/wekan/wekan/commit/e7f2068105b36b8003be4e416594b213555141db). Thanks to xet7. - [Try to fix Snap by using correct versions of dependencies](https://redirect.github.com/wekan/wekan/commit/ecbecc9d861743a1b7b4b48db65fa93cf5194257). Thanks to xet7. Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
8d20d91147 |
feat(etherpad): update image ghcr.io/ether/etherpad 3.1.0 → 3.2.0 (#48459)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/ether/etherpad](https://redirect.github.com/ether/etherpad) | minor | `7bae8bd` → `ba06bc0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>ether/etherpad (ghcr.io/ether/etherpad)</summary> ### [`v3.2.0`](https://redirect.github.com/ether/etherpad/blob/HEAD/CHANGELOG.md#320) [Compare Source](https://redirect.github.com/ether/etherpad/compare/3.1.0...3.2.0) 3.2 adds first-class reverse-proxy / ingress support — `X-Forwarded-Prefix` and `X-Ingress-Path` are now honoured under `trustProxy`, so Etherpad can live under a subpath (Traefik, Nginx, Kubernetes Ingress) without breaking the PWA manifest, social-meta URLs, or any of the bootstrap asset links. The admin settings page learns to show *resolved* runtime values next to `${VAR:default}` placeholders, the v3.1.0 admin pad-list filter chips now apply server-side (so "show empty pads" no longer returns 0–12 of hundreds), and the v3.1.0 redesigned outdated-version gritter actually fires in production now (the session-based author lookup it shipped with always returned null for pad visitors). ##### Notable enhancements - **HTTP — accept `X-Forwarded-Prefix` and `X-Ingress-Path` under `trustProxy` ([#​7802](https://redirect.github.com/ether/etherpad/issues/7802) / [#​7806](https://redirect.github.com/ether/etherpad/issues/7806)).** With `trustProxy: true`, Etherpad now honours `X-Forwarded-Prefix` (de-facto Traefik / Spring) and `X-Ingress-Path` (Kubernetes Ingress) in addition to the prefix it already inferred from the request path. The shared `sanitizeProxyPath` helper added in 3.1.0 (defence-in-depth: `[A-Za-z0-9_./-]` only, `//+` collapsed, `..` traversal rejected) is extended to the new headers and applied consistently across `/manifest.json`, `socialMeta` `og:url` / `og:image`, and the `index.html` / `pad.html` / `timeslider.html` / `export_html.html` templates (manifest links, jslicense links, reconnect URLs). A pre-existing `..` segment-count miscalculation in `pad.html` / `timeslider.html` that broke the manifest link when served from a deep subpath is also fixed in passing. New end-to-end suite covers the prefix-applied / prefix-ignored matrix under `trustProxy=true|false` for both header names. `settings.json.template` documents the new headers alongside the existing `trustProxy` notes. - **Admin settings — resolved runtime values surface on env-pill chips ([#​7803](https://redirect.github.com/ether/etherpad/issues/7803) / [#​7807](https://redirect.github.com/ether/etherpad/issues/7807)).** The `/admin/settings` socket payload now carries a new `resolved` field alongside the existing raw-file `results` blob, carrying the actual in-memory settings module run through a new redactor (`AdminSettingsRedact`) that replaces known-sensitive paths (`users.*.password`, `dbSettings.password`, `sso.clients[*].client_secret`, `sessionKey`, …) with `[REDACTED]`. The admin SPA's `EnvPill` renders a `→ active value` chip when the path is resolved, or `→ ••••••` with a redacted tooltip when the server returned the sentinel — so `port: ${PORT:9001}` now shows `→ 9001` (or whatever the live value is) instead of silently falling back to the template default. Old admin SPAs that don't read `resolved` continue to work; the save round-trip is unchanged so `${VAR:default}` literals are still preserved verbatim on disk. The admin test script glob picks up `.test.tsx` alongside `.test.ts` so the new `EnvPill` and `resolveByPath` tests run under `tsx --test`. ##### Notable fixes - **Admin pads — filter chip now applies server-side, before pagination ([#​7798](https://redirect.github.com/ether/etherpad/issues/7798)).** The 3.1.0 admin pad-list filter chips (`active` / `recent` / `empty` / `stale`) ran on the client *after* the 12-row page slice had already arrived. On a deployment with hundreds of pads, clicking "empty pads" on page 1 only matched the 0–12 empties that happened to land in the current page, with the pagination footer reporting nonsense totals (reported on a 3.1.0 deployment). The filter is now part of the `padLoad` socket query — pattern filter on names runs first (cheap), metadata hydration for the matching pad universe is gated on a non-`all` filter or a non-`padName` sort and runs under a 16-way concurrency cap (was unbounded `Promise.all`, which fanned out to thousands of in-flight `padManager.getPad()` reads on busy deployments), then the filter chip, then sort + slice. `total` reflects the filtered universe so the footer makes sense. Older admin clients that don't send `filter` keep working — the server defaults to `all`. The `if/else if` ladder that duplicated the hydrate-and-sort loop per `sortBy` is folded into one pipeline with a single comparator switch. - **Pad outdated notice — author now resolved from token cookie, not session (Qodo [#​7804](https://redirect.github.com/ether/etherpad/issues/7804) / [#​7805](https://redirect.github.com/ether/etherpad/issues/7805)).** The 3.1.0 redesigned outdated-version gritter never fired in production. `resolveRequestAuthor()` looked for an `authorID` on `req.session.user`, which Etherpad does not populate for pad visitors (express-session only carries the admin-login user), so `computeOutdated()` always returned EMPTY. The lookup now mirrors how the socket.io handshake resolves pad-visitor identity — read the HttpOnly `token` (or `<prefix>token`) cookie and call `authorManager.getAuthorId(token, user)` via a dynamic import (same circular-init guard pattern the file already uses for `PadManager`). The admin OpenAPI document gains a `description` note clarifying that `/api/version-status` is a public pad-side endpoint that lives in the admin doc only because it shares the same internal route registration. - **Localisation — silence spurious "could not translate element content" warning ([#​7797](https://redirect.github.com/ether/etherpad/issues/7797)).** `<select data-l10n-id="…">` with `<option>` element children — the pattern used by `ep_headings2`, `ep_align`, `ep_font_size`, `ep_font_family`, … — used to drop into the textContent branch of `html10n.translateNode`, hunt for a text-node child to overwrite, find none, and emit `Unexpected error: could not translate element content for key …` on every pad load. The `SELECT` / `INPUT` / `TEXTAREA` aria-label fallback already lived inside the same else-branch *after* the warning, so the accessible name landed correctly but the noisy console line still fired. Form-control elements now short-circuit into the aria-label path *before* the text-node hunt — aria-label is the only sensible localization target for these elements (a `<select>`'s text is its `<option>` labels, not its own name). Closes the console warning reported on Etherpad 3.1.0. ##### Internal / contributor-facing - **CI — swap archived `ep_readonly_guest` for `ep_guest` in the plugin matrix ([#​7795](https://redirect.github.com/ether/etherpad/issues/7795) / [#​7808](https://redirect.github.com/ether/etherpad/issues/7808)).** `ep_readonly_guest` is archived (read-only on GitHub) and its `authenticate` hook unconditionally swapped `req.session.user` with a read-only guest, *even when the request carried an HTTP Authorization header*. That silently demoted admin login attempts and stalled the `anonymizeAuthorSocket` tests for 14 min/run on every with-plugins CI matrix. The pre-fix theory from 3.1.0 ([#​7796](https://redirect.github.com/ether/etherpad/issues/7796)) blamed `ep_hash_auth.handleMessage`; that was a red herring — `handleMessage` only fires on the `/pad` namespace, never on `/settings`. `ep_guest` is the maintained successor (same authors, same purpose); 1.0.72 on npm already defers to basic auth / admin paths. Swapping the matrix unblocks the `anonymizeAuthorSocket` suite on Linux, Windows, and the upgrade-from-latest-release workflow. The runtime probe added in [#​7796](https://redirect.github.com/ether/etherpad/issues/7796) stays — it still catches any other authenticate-hook plugin that rejects the test's plain-text credentials (e.g. a future hashed-only plugin). - **Tests — admin `saveSettings` round-trip + cross-restart persistence ([#​7819](https://redirect.github.com/ether/etherpad/issues/7819) / [#​7820](https://redirect.github.com/ether/etherpad/issues/7820) / [#​7821](https://redirect.github.com/ether/etherpad/issues/7821)).** The admin `saveSettings` socket had zero direct backend coverage and the existing e2e "restart works" test only checked that the page renders after a restart, neither of which catches a deployment that resets `settings.json` on restart, nor the user-visible workflow that triggered [#​7819](https://redirect.github.com/ether/etherpad/issues/7819) (add a top-level plugin block via Raw, save, watch it disappear). Three new backend specs (`adminSettingsSave.ts`) verify byte-for-byte write, top-level-block augmentation round-tripping through the next `load`, and `/* */` comments surviving the write path. A new e2e spec mirrors the [#​7819](https://redirect.github.com/ether/etherpad/issues/7819) user workflow — open Raw, prepend an `ep_oauth`-shaped top-level block, save, `restartEtherpad()`, re-login, confirm the block is still in Raw and surfaces as its own Form-view section (`Ep oauth` from `humanize()`). A separate `docker.yml` job (`adminSettings_7819.ts`) authenticates via `POST /admin-auth/` (always-requireAdmin, regardless of `settings.requireAuthentication`), saves a hand-built minimal-but-viable settings document containing a marker block, `docker exec test grep`s for it, `docker restart`s the container, waits for the health probe, and re-greps. Both checks must pass. - **Bug report template** now asks contributors whether the abstraction in their proposed fix matches the rest of the codebase, to head off premature-generalisation fixes earlier in review. ##### Dependencies - `ueberdb2` 6.0.3 → 6.1.2 (two patch releases of cleanup on top of the 6.1.0 `findKeysPaged` API that the 3.1.0 sessionstorage OOM fix relies on). - `semver` 7.8.0 → 7.8.1, `lru-cache` 11.3.6 → 11.5.0, `@elastic/elasticsearch` 9.4.0 → 9.4.1, `pg` 8.20.0 → 8.21.0, `openapi-backend` 5.16.1 → 5.17.0, `tsx` 4.22.0 → 4.22.3, `@tanstack/react-query` 5.100.10 → 5.100.11 + `@tanstack/react-query-devtools`, `js-cookie` 3.0.6 → 3.0.7, plus two dev-dependency group bumps. ##### Localisation - Multiple updates from translatewiki.net. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ldGhlcnBhZCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
57c98fca27 |
fix(openobserve): update image public.ecr.aws/zinclabs/openobserve v0.90.1 → v0.90.3 (#48457)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | public.ecr.aws/zinclabs/openobserve | patch | `7e09fce` → `f778561` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vcGVub2JzZXJ2ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
b5f650bc5c |
chore(thelounge): update image docker.io/thelounge/thelounge digest to ee5d2e8 (#48454)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/thelounge/thelounge](https://redirect.github.com/thelounge/thelounge-docker) | digest | `197048e` → `ee5d2e8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90aGVsb3VuZ2UiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
7f1ab3d68f |
chore(farmos): update image docker.io/farmos/farmos digest to d083818 (#48453)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/farmos/farmos | digest | `a631191` → `d083818` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9mYXJtb3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
7b7c0f4966 |
chore(tt-rss): update image ghcr.io/tt-rss/tt-rss digest to 3fb1155 (#48540)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/tt-rss/tt-rss | digest | `cfa267a` → `3fb1155` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dC1yc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
73b1d9afb1 |
chore(impostor-server): update image docker.io/aeonlucid/impostor digest to a6f1ae8 (#48533)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/aeonlucid/impostor | digest | `cdc3a89` → `a6f1ae8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9pbXBvc3Rvci1zZXJ2ZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
7bb7c309cc |
chore(drawio): update image docker.io/jgraph/drawio digest to c01c93e (#48528)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/jgraph/drawio](https://www.drawio.com) ([source](https://redirect.github.com/jgraph/docker-drawio)) | digest | `b87c521` → `c01c93e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kcmF3aW8iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
398d2f802c |
chore(rickroll): update image docker.io/modem7/docker-rickroll digest to 412c6f6 (#48527)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/modem7/docker-rickroll | digest | `a1e96ad` → `412c6f6` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yaWNrcm9sbCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
192e65c675 |
chore(newyearcountdownclock): update image docker.io/modem7/newyearcountdown digest to c312cc3 (#48526)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/modem7/newyearcountdown | digest | `cd09e48` → `c312cc3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9uZXd5ZWFyY291bnRkb3duY2xvY2siLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
5f422d162a |
chore(grocy): update image ghcr.io/linuxserver/grocy digest to fa81947 (#48518)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/grocy](https://redirect.github.com/linuxserver/docker-grocy/packages) ([source](https://redirect.github.com/linuxserver/docker-grocy)) | digest | `971fb0b` → `fa81947` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ncm9jeSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
72cf468e39 |
chore(steam-headless): update image docker.io/josh5/steam-headless digest to c95869d (#48523)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/josh5/steam-headless | digest | `3acd5b5` → `c95869d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zdGVhbS1oZWFkbGVzcyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
58106de32f |
fix(speedtest-tracker): update image ghcr.io/linuxserver/speedtest-tracker 1.14.2 → 1.14.3 (#48514)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/speedtest-tracker](https://redirect.github.com/linuxserver/docker-speedtest-tracker/packages) ([source](https://redirect.github.com/linuxserver/docker-speedtest-tracker)) | patch | `3f75c5e` → `8b18bf5` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zcGVlZHRlc3QtdHJhY2tlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
033b23b8fe |
chore(anything-llm): update image ghcr.io/mintplex-labs/anything-llm digest to 1d25fa1 (#48451)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/mintplex-labs/anything-llm | digest | `2cf1159` → `1d25fa1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hbnl0aGluZy1sbG0iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |