Commit Graph

56195 Commits

Author SHA1 Message Date
TrueCharts Bot 77b2cfd3bd feat(joplin-server): update image docker.io/joplin/server 3.6.1 → 3.7.1 (#48326)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/joplin/server](https://joplinapp.org/)
([source](https://redirect.github.com/laurent22/joplin)) | minor |
`95c1bad` → `0877bfb` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>laurent22/joplin (docker.io/joplin/server)</summary>

###
[`v3.7.1`](https://redirect.github.com/laurent22/joplin/releases/tag/v3.7.1)

[Compare
Source](https://redirect.github.com/laurent22/joplin/compare/v3.6.1...v3.7.1)

- New: Add support for post-quantum cryptography (PQS) TLS
([#&#8203;15055](https://redirect.github.com/laurent22/joplin/issues/15055)
by Alex Martens)
- New: Add support for whiteboards
([#&#8203;15305](https://redirect.github.com/laurent22/joplin/issues/15305))
([#&#8203;15193](https://redirect.github.com/laurent22/joplin/issues/15193))
- Improved: Add settings search to config screen
([#&#8203;14820](https://redirect.github.com/laurent22/joplin/issues/14820))
([#&#8203;14763](https://redirect.github.com/laurent22/joplin/issues/14763)
by [@&#8203;slimuCS](https://redirect.github.com/slimuCS))
- Improved: Add table editing commands (add/delete rows and columns)
([#&#8203;14519](https://redirect.github.com/laurent22/joplin/issues/14519))
([#&#8203;12372](https://redirect.github.com/laurent22/joplin/issues/12372)
by [@&#8203;kanishka0411](https://redirect.github.com/kanishka0411))
- Improved: Display inline error instead of smalltalk dialog for invalid
master password
([#&#8203;15236](https://redirect.github.com/laurent22/joplin/issues/15236)
by
[@&#8203;himanshumishra1309](https://redirect.github.com/himanshumishra1309))
- Improved: Do not load plugin if it is disabled
([#&#8203;15083](https://redirect.github.com/laurent22/joplin/issues/15083))
- Improved: Exclude user\_data from note revisions
([#&#8203;15245](https://redirect.github.com/laurent22/joplin/issues/15245)
by [@&#8203;alondmnt](https://redirect.github.com/alondmnt))
- Improved: Speed up app startup by skipping unnecessary plugin file
processing
([#&#8203;15085](https://redirect.github.com/laurent22/joplin/issues/15085))
([#&#8203;15081](https://redirect.github.com/laurent22/joplin/issues/15081))
- Improved: Update Disable Encryption dialog
([#&#8203;15211](https://redirect.github.com/laurent22/joplin/issues/15211)
by
[@&#8203;himanshumishra1309](https://redirect.github.com/himanshumishra1309))
- Improved: Upgrade Electron to v40.9.2
([#&#8203;15192](https://redirect.github.com/laurent22/joplin/issues/15192)
by
[@&#8203;personalizedrefrigerator](https://redirect.github.com/personalizedrefrigerator))
- Fixed: Add the ability to delete the default profile
([#&#8203;15153](https://redirect.github.com/laurent22/joplin/issues/15153))
([#&#8203;14506](https://redirect.github.com/laurent22/joplin/issues/14506)
by [@&#8203;mrjo118](https://redirect.github.com/mrjo118))
- Fixed: Avoid OOM when printing notes with large attachment links
([#&#8203;15026](https://redirect.github.com/laurent22/joplin/issues/15026))
([#&#8203;13903](https://redirect.github.com/laurent22/joplin/issues/13903)
by [@&#8203;Rygaa](https://redirect.github.com/Rygaa))
- Fixed: Fix inability to cancel the sync during the deletion step
([#&#8203;15243](https://redirect.github.com/laurent22/joplin/issues/15243)
by [@&#8203;mrjo118](https://redirect.github.com/mrjo118))
- Fixed: Fix inconsistent note order upon note creation, when custom
order is set
([#&#8203;14656](https://redirect.github.com/laurent22/joplin/issues/14656))
([#&#8203;14647](https://redirect.github.com/laurent22/joplin/issues/14647)
by [@&#8203;mrjo118](https://redirect.github.com/mrjo118))
- Fixed: Fix potential unresolved promise race conditions when
scheduling the sync
([#&#8203;15216](https://redirect.github.com/laurent22/joplin/issues/15216)
by [@&#8203;mrjo118](https://redirect.github.com/mrjo118))
- Fixed: Fix silent sync failure which prevents new changes being
synced, when a single server object has an updated\_time in the future
([#&#8203;15262](https://redirect.github.com/laurent22/joplin/issues/15262)
by [@&#8203;mrjo118](https://redirect.github.com/mrjo118))
- Fixed: Preserve timestamps when converting HTML notes
([#&#8203;15275](https://redirect.github.com/laurent22/joplin/issues/15275))
([#&#8203;15263](https://redirect.github.com/laurent22/joplin/issues/15263)
by [@&#8203;izumedonabe](https://redirect.github.com/izumedonabe))
- Fixed: When a note is deleted, tags can still be added or removed
([#&#8203;15253](https://redirect.github.com/laurent22/joplin/issues/15253))
([#&#8203;15247](https://redirect.github.com/laurent22/joplin/issues/15247)
by [@&#8203;Vinayreddy765](https://redirect.github.com/Vinayreddy765))

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9qb3BsaW4tc2VydmVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==-->
2026-05-18 13:14:47 +02:00
TrueCharts Bot 19620c5823 feat(wg-easy): update image ghcr.io/wg-easy/wg-easy 15.2.2 → 15.3.0 (#48327)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/wg-easy/wg-easy | minor | `cf81520` → `93bbd59` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93Zy1lYXN5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==-->
2026-05-18 13:12:23 +02:00
TrueCharts Bot c653077f2a chore(webtop): update image lscr.io/linuxserver/webtop digest to a7163d7 (#48325)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| lscr.io/linuxserver/webtop | digest | `c2e1a18` → `a7163d7` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWJ0b3AiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-18 13:11:05 +02:00
TrueCharts Bot 06ba5a44f4 chore(boinc): update image ghcr.io/linuxserver/boinc digest to ea37df1 (#48220)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/linuxserver/boinc | digest | `9de8480` → `ea37df1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ib2luYyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19-->

---------

Signed-off-by: Alfred Göppel <43101280+alfi0812@users.noreply.github.com>
Co-authored-by: Alfred Göppel <43101280+alfi0812@users.noreply.github.com>
2026-05-18 06:05:08 +00:00
TrueCharts Bot 4371e80b1f chore(calibre): update image ghcr.io/linuxserver/calibre digest to 5de29fd (#48221)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/calibre](https://redirect.github.com/linuxserver/docker-calibre/packages)
([source](https://redirect.github.com/linuxserver/docker-calibre)) |
digest | `02f1bfe` → `5de29fd` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jYWxpYnJlIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->

---------

Signed-off-by: Alfred Göppel <43101280+alfi0812@users.noreply.github.com>
Co-authored-by: Alfred Göppel <43101280+alfi0812@users.noreply.github.com>
2026-05-18 06:04:52 +00:00
TrueCharts Bot 91245dfd4a feat(wekan): update image docker.io/wekanteam/wekan v9.21 → v9.22 (#48324)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) |
minor | `1f6fab6` → `94c8f5b` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>wekan/wekan (docker.io/wekanteam/wekan)</summary>

###
[`v9.22`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v922-2026-05-18-WeKan--release)

[Compare
Source](https://redirect.github.com/wekan/wekan/compare/v9.21...v9.22)

This release adds the following new features:

- [Script for upgrading Docker WeKan from old version to new
version](https://redirect.github.com/wekan/wekan/commit/0b9d33cac493ff8345f3e79333b44a345e5e0b61).
  Thanks to xet7.
- [Added backup-all.sh
script](https://redirect.github.com/wekan/wekan/commit/d486eb2a8f8192fbd318510117afa8afbe00185c).
  Thanks to xet7.
- [Backup also attachments and
avatars](https://redirect.github.com/wekan/wekan/commit/46e67512aceb7614998186f87f79af78d8f01527).
  Thanks to xet7.

and adds the following updates:

- [Docs: Added link to Meteor
Security](https://redirect.github.com/wekan/wekan/commit/2474ff15d6950615d54098aa6cd91f1005594d6a).
  Thanks to xet7.

and fixes the following bugs:

- [Use only oplog sockjs so that multitenancy
works](https://redirect.github.com/wekan/wekan/commit/7b88f4c21a05810966e49833b393f4bd02d70d47).
  Thanks to xet7.
- [Script to
executeable](https://redirect.github.com/wekan/wekan/commit/7496d994e159a6640d285c8e2e0bcd96f93635b4).
  Thanks to xet7.
- [Fixed
path](https://redirect.github.com/wekan/wekan/commit/8f574799e2e4da956429a131c2667a483c28e7a6).
  Thanks to xet7.
- [Fix minicard drag handle to be below minicard menu. Not at top of
minicard menu
anymore](https://redirect.github.com/wekan/wekan/commit/95ad27e0df0c08c59aa3df486cbb5cdb0f87a7e7).
  Thanks to xet7.

Thanks to above GitHub users for their contributions and translators for
their translations.

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-05-18 05:27:07 +00:00
TrueCharts Bot 7645c01dfa fix(misskey): update image docker.io/misskey/misskey 2026.5.2 → 2026.5.3 (#48322)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/misskey/misskey](https://redirect.github.com/misskey-dev/misskey)
| patch | `e7ad14d` → `2801e4e` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>misskey-dev/misskey (docker.io/misskey/misskey)</summary>

###
[`v2026.5.3`](https://redirect.github.com/misskey-dev/misskey/blob/HEAD/CHANGELOG.md#202653)

[Compare
Source](https://redirect.github.com/misskey-dev/misskey/compare/2026.5.2...2026.5.3)

##### General

- Fix: Dockerで起動に失敗する問題を修正

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9taXNza2V5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==-->
2026-05-18 07:08:19 +02:00
TrueCharts Bot 36e3f905a2 chore(omada-controller): update image docker.io/mbentley/omada-controller digest to 7936062 (#48321)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/mbentley/omada-controller](https://redirect.github.com/mbentley/docker-omada-controller)
| digest | `ceace28` → `7936062` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vbWFkYS1jb250cm9sbGVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-05-18 07:07:39 +02:00
TrueCharts Bot 69e348f377 chore(dashy): update image ghcr.io/lissy93/dashy digest to 6d21a89 (#48320) 2026-05-18 07:07:10 +02:00
TrueCharts Bot 5a414adc1a feat(ntfy): update image docker.io/binwiederhier/ntfy v2.22.0 → v2.23.0 (#48323)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/binwiederhier/ntfy](https://ntfy.sh/)
([source](https://redirect.github.com/binwiederhier/ntfy)) | minor |
`d8b3408` → `b32b422` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>binwiederhier/ntfy (docker.io/binwiederhier/ntfy)</summary>

###
[`v2.23.0`](https://redirect.github.com/binwiederhier/ntfy/releases/tag/v2.23.0)

[Compare
Source](https://redirect.github.com/binwiederhier/ntfy/compare/v2.22.0...v2.23.0)

**Features:**

- Add per-visitor rate limit on new topic creations
(`visitor-topic-creation-limit-burst` /
`visitor-topic-creation-limit-replenish`, defaults 100 burst / 1m
replenish) to mitigate topic-enumeration / squatting attacks that
inflate the in-memory topic map

**Bug fixes + maintenance:**

- Remove `stacktrace-js`, `stacktrace-gps`, `humanize-duration`, and
`js-base64` from the web app to reduce dependency and security footprint
- Restrict the publish dialog's local file preview to safe image types
(png/jpg/gif/webp) to prevent same-origin script execution from blob
URLs when previewing a crafted SVG
([GHSA-j8hr-p342-xrmh](https://redirect.github.com/binwiederhier/ntfy/security/advisories/GHSA-j8hr-p342-xrmh),
thanks to
[@&#8203;Venukamatchi](https://redirect.github.com/Venukamatchi) for
reporting)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9udGZ5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==-->
2026-05-18 07:07:02 +02:00
TrueCharts Bot 0200d420ed feat(wekan): update image docker.io/wekanteam/wekan v9.20 → v9.21 (#48319)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) |
minor | `b72b125` → `1f6fab6` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>wekan/wekan (docker.io/wekanteam/wekan)</summary>

###
[`v9.21`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v921-2026-05-17-WeKan--release)

[Compare
Source](https://redirect.github.com/wekan/wekan/compare/v9.20...v9.21)

This release adds the following updates:

- [Updated version
scripts](https://redirect.github.com/wekan/wekan/commit/5748475e8d0ea6ce2b6a0a88e0d20491f97b1cda).
  Thanks to xet7.
- [Updated Kin 2.0 Meta OS to Friend
page](https://redirect.github.com/wekan/wekan/commit/3390324c2ae10d5320de0d57d6d7b21e7c1bd42d).
  Thanks to xet7.
- [Added Docs for Meteor 3 Docker WeKan with ChangeStreams
etc](https://redirect.github.com/wekan/wekan/commit/d5d04728fbe3d27f2ef65d2fdef0d3818ba02eaf).
  Thanks to xet7.
- [Set default to changeStreams and
uws](https://redirect.github.com/wekan/wekan/commit/964caabaaf1a535556185d194d18e30bbbc1405b).
  Thanks to xet7.

and fixes the following bugs:

- [Fix sudden
logouts](https://redirect.github.com/wekan/wekan/commit/c2f67001d6a861291cc1fab4670a7131088d1acd).
  Thanks to xet7.

Thanks to above GitHub users for their contributions and translators for
their translations.

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-05-18 01:05:36 +02:00
TrueCharts Bot f39fe405cc feat(babybuddy): update image ghcr.io/linuxserver/babybuddy 2.8.0 → 2.9.0 (#48318)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/babybuddy](https://redirect.github.com/linuxserver/docker-babybuddy/packages)
([source](https://redirect.github.com/linuxserver/docker-babybuddy)) |
minor | `81ffeb7` → `d2e3721` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9iYWJ5YnVkZHkiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->
2026-05-18 01:05:24 +02:00
TrueCharts Bot 27f516dcd2 fix(fireshare): update image docker.io/shaneisrael/fireshare 1.6.10 → 1.6.11 (#48312)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/shaneisrael/fireshare](https://redirect.github.com/ShaneIsrael/fireshare)
| patch | `62ea300` → `3dbde8e` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>ShaneIsrael/fireshare
(docker.io/shaneisrael/fireshare)</summary>

###
[`v1.6.11`](https://redirect.github.com/ShaneIsrael/fireshare/releases/tag/v1.6.11)

[Compare
Source](https://redirect.github.com/ShaneIsrael/fireshare/compare/v1.6.10...v1.6.11)

#### Bug Fixes

- **Fixed opengraph playing the full video when a cropped version
exists.**
- **Fixed suggested videos not working when in the /games/\* pages**
- **Fixed an issue with nginx not serving files when fireshare is
running on certain file systems.**
*Specifically Docker volume mounts backed by overlayfs, NFS, or
similar.*

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maXJlc2hhcmUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19-->
2026-05-18 01:05:19 +02:00
TrueCharts Bot 1dbcf83100 fix(misskey): update image docker.io/misskey/misskey 2026.5.1 → 2026.5.2 (#48313) 2026-05-18 01:05:17 +02:00
TrueCharts Bot 3e898f0147 feat(autobrr): update image ghcr.io/autobrr/autobrr v1.78.0 → v1.79.0 (#48317)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/autobrr/autobrr](https://redirect.github.com/autobrr/autobrr)
| minor | `5641009` → `5b8c29a` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>autobrr/autobrr (ghcr.io/autobrr/autobrr)</summary>

###
[`v1.79.0`](https://redirect.github.com/autobrr/autobrr/releases/tag/v1.79.0)

[Compare
Source](https://redirect.github.com/autobrr/autobrr/compare/v1.78.0...v1.79.0)

#### Changelog

##### New Features

-
[`c6b29d8`](https://redirect.github.com/autobrr/autobrr/commit/c6b29d8c72404176e74955bf3826d1a9992d9f5e):
feat(indexers): Nexum support freeleech in announce
([#&#8203;2464](https://redirect.github.com/autobrr/autobrr/issues/2464))
([@&#8203;zze0s](https://redirect.github.com/zze0s))
-
[`40462b1`](https://redirect.github.com/autobrr/autobrr/commit/40462b1f51dd37496831b3045a02278553c5d7bc):
feat(indexers): add Ultrabits
([#&#8203;2467](https://redirect.github.com/autobrr/autobrr/issues/2467))
([@&#8203;luckylittle](https://redirect.github.com/luckylittle))
-
[`2283a3f`](https://redirect.github.com/autobrr/autobrr/commit/2283a3f22aaf2f8cd05d4c6cfcbce9df8d7fca2b):
feat(notifications): add tags to ntfy.sh
([#&#8203;2451](https://redirect.github.com/autobrr/autobrr/issues/2451))
([@&#8203;Reathe](https://redirect.github.com/Reathe))
-
[`2300023`](https://redirect.github.com/autobrr/autobrr/commit/230002397daaf9b5d759f858a5399921f02e2752):
feat(web): add Czech language
([#&#8203;2466](https://redirect.github.com/autobrr/autobrr/issues/2466))
([@&#8203;luckylittle](https://redirect.github.com/luckylittle))

##### Bug fixes

-
[`dcf1aa4`](https://redirect.github.com/autobrr/autobrr/commit/dcf1aa449efc2ee881fefbb9f7a1f304c9ff042f):
fix(irc): connect via HTTP proxy
([#&#8203;2422](https://redirect.github.com/autobrr/autobrr/issues/2422))
([@&#8203;zze0s](https://redirect.github.com/zze0s))

##### Other work

-
[`fde0bd7`](https://redirect.github.com/autobrr/autobrr/commit/fde0bd7d420414f796215df23a49cde00f746187):
chore(web): migrate to pnpm 11
([#&#8203;2461](https://redirect.github.com/autobrr/autobrr/issues/2461))
([@&#8203;martylukyy](https://redirect.github.com/martylukyy))
-
[`c572a3e`](https://redirect.github.com/autobrr/autobrr/commit/c572a3e314291aab95cc7d6284cae3588f646ee1):
build(deps): bump go-qbittorrent to v1.16.0
([#&#8203;2468](https://redirect.github.com/autobrr/autobrr/issues/2468))
([@&#8203;zze0s](https://redirect.github.com/zze0s))
-
[`ecbbb11`](https://redirect.github.com/autobrr/autobrr/commit/ecbbb117dfb40de3a895a782c07f6fab0a448338):
build(deps): bump pnpm/action-setup from 6.0.5 to 6.0.8 in the github
group
([#&#8203;2465](https://redirect.github.com/autobrr/autobrr/issues/2465))
([@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot])
-
[`a4945fd`](https://redirect.github.com/autobrr/autobrr/commit/a4945fd6401ca28053c50ff100d8e334f3ad5664):
chore(ci): add housekeeping workflow
([#&#8203;2460](https://redirect.github.com/autobrr/autobrr/issues/2460))
([@&#8203;zze0s](https://redirect.github.com/zze0s))
-
[`d5dee3b`](https://redirect.github.com/autobrr/autobrr/commit/d5dee3b70e33b107de3a9b4504952f6a534d69a1):
chore(logo): minify svg
([#&#8203;2449](https://redirect.github.com/autobrr/autobrr/issues/2449))
([@&#8203;jbgy](https://redirect.github.com/jbgy))

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvYnJyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==-->
2026-05-18 01:05:14 +02:00
TrueCharts Bot 2c749b3cec fix(anonaddy): update image docker.io/anonaddy/anonaddy 1.6.0 → 1.6.1 (#48311)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/anonaddy/anonaddy](https://redirect.github.com/anonaddy/docker)
| patch | `508c1fe` → `8935bf2` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hbm9uYWRkeSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-05-18 01:04:59 +02:00
TrueCharts Bot c9ce7b0dd0 chore(wisemapping): update image docker.io/wisemapping/wisemapping digest to fdc5503 (#48310)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/wisemapping/wisemapping | digest | `a0b4999` → `fdc5503` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93aXNlbWFwcGluZyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19-->
2026-05-18 01:03:54 +02:00
TrueCharts Bot 3cab3d434d fix(rdtclient): update image ghcr.io/rogerfar/rdtclient 2.0.131 → 2.0.133 (#48315)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/rogerfar/rdtclient](https://redirect.github.com/rogerfar/rdt-client)
| patch | `3d9a41e` → `ed50479` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>rogerfar/rdt-client (ghcr.io/rogerfar/rdtclient)</summary>

###
[`v2.0.133`](https://redirect.github.com/rogerfar/rdt-client/blob/HEAD/CHANGELOG.md#20133---2026-05-17)

[Compare
Source](https://redirect.github.com/rogerfar/rdt-client/compare/v2.0.132...v2.0.133)

##### Added

- Added NZB support for Premiumize, thanks to
[@&#8203;ALenfant](https://redirect.github.com/ALenfant)!

###
[`v2.0.132`](https://redirect.github.com/rogerfar/rdt-client/blob/HEAD/CHANGELOG.md#20132---2026-05-17)

[Compare
Source](https://redirect.github.com/rogerfar/rdt-client/compare/v2.0.131...v2.0.132)

##### Changed

- Fixed for Cleanuparr
- Upgrade Torbox.NET dependency

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZHRjbGllbnQiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19-->
2026-05-18 01:03:21 +02:00
TrueCharts Bot 7666579970 fix(oscam): update image ghcr.io/linuxserver/oscam 11959-ls14 → 11960-ls15 (#48314)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/oscam](https://redirect.github.com/linuxserver/docker-oscam/packages)
([source](https://redirect.github.com/linuxserver/docker-oscam)) | patch
| `b845e19` → `3833f23` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>linuxserver/docker-oscam (ghcr.io/linuxserver/oscam)</summary>

###
[`v11960-ls15`](https://redirect.github.com/linuxserver/docker-oscam/releases/tag/11960-ls15)

[Compare
Source](https://redirect.github.com/linuxserver/docker-oscam/compare/11959-ls14...11960-ls15)

**CI Report:**


<https://ci-tests.linuxserver.io/linuxserver/oscam/11960-ls15/index.html>

**LinuxServer Changes:**

**Full Changelog**:
<https://github.com/linuxserver/docker-oscam/compare/11959-ls14...11960-ls15>

**Remote Changes:**

Updating to 11960

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vc2NhbSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-05-18 01:03:13 +02:00
TrueCharts Bot 95bf312d59 feat(audiobookshelf): update image docker.io/advplyr/audiobookshelf 2.34.0 → 2.35.0 (#48316)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/advplyr/audiobookshelf](https://redirect.github.com/advplyr/audiobookshelf)
| minor | `4143292` → `89276ff` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>advplyr/audiobookshelf
(docker.io/advplyr/audiobookshelf)</summary>

###
[`v2.35.0`](https://redirect.github.com/advplyr/audiobookshelf/releases/tag/v2.35.0)

[Compare
Source](https://redirect.github.com/advplyr/audiobookshelf/compare/v2.34.0...v2.35.0)

##### Important: New authentication system was added in
[v2.26.0](https://redirect.github.com/advplyr/audiobookshelf/releases/tag/v2.26.0).
See
<https://redirect.github.com/advplyr/audiobookshelf/discussions/4460>
for details.

##### Added

- Access token refresh grace period (fixes frequently needing to
re-login)
[#&#8203;4630](https://redirect.github.com/advplyr/audiobookshelf/issues/4630)
by [@&#8203;nichwall](https://redirect.github.com/nichwall) in
[#&#8203;5004](https://redirect.github.com/advplyr/audiobookshelf/issues/5004)

##### Fixed

- Listening sessions from Android app showing device name as `Abs iOS`
- RSS feeds serving m4b files with incorrect Content-Type
[#&#8203;5041](https://redirect.github.com/advplyr/audiobookshelf/issues/5041)
by [@&#8203;brandonfhall](https://redirect.github.com/brandonfhall) in
[#&#8203;5221](https://redirect.github.com/advplyr/audiobookshelf/issues/5221)

##### Changed

- Book & podcast descriptions from audio files are sanitized
- `cancel_scan` and `set_log_listener` socket events validate account
type and log level
- More strings translated
- Belarusian by
[@&#8203;pavel-miniutka](https://redirect.github.com/pavel-miniutka)
- Polish by
[@&#8203;TheMatrixan](https://redirect.github.com/TheMatrixan)

#### New Contributors

- [@&#8203;brandonfhall](https://redirect.github.com/brandonfhall) made
their first contribution in
[#&#8203;5221](https://redirect.github.com/advplyr/audiobookshelf/pull/5221)

**Full Changelog**:
<https://github.com/advplyr/audiobookshelf/compare/v2.34.0...v2.35.0>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdWRpb2Jvb2tzaGVsZiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-05-18 01:02:26 +02:00
TrueCharts Bot 31aa09f15d chore(firefox): update image ghcr.io/linuxserver/firefox digest to 062d8ef (#48308)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/firefox](https://redirect.github.com/linuxserver/docker-firefox/packages)
([source](https://redirect.github.com/linuxserver/docker-firefox)) |
digest | `995c129` → `062d8ef` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maXJlZm94IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-05-18 01:02:21 +02:00
TrueCharts Bot e584d5a98b chore(librespeed): update image ghcr.io/linuxserver/librespeed digest to ca10b08 (#48309) 2026-05-18 01:02:17 +02:00
TrueCharts Bot 22fdee932e feat(mstream): update image ghcr.io/linuxserver/mstream 6.7.1 → 6.8.1 (#48298)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/mstream](https://redirect.github.com/linuxserver/docker-mstream/packages)
([source](https://redirect.github.com/linuxserver/docker-mstream)) |
minor | `400fc05` → `8788c77` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tc3RyZWFtIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9taW5vciJdfQ==-->
2026-05-17 17:28:50 +00:00
TrueCharts Bot 14e26ee9d2 fix(slink): update image docker.io/anirdev/slink v1.11.2 → v1.11.3 (#48305)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/anirdev/slink](https://docs.slinkapp.io)
([source](https://redirect.github.com/andrii-kryvoviaz/slink)) | patch |
`bd8d41b` → `0fd8461` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>andrii-kryvoviaz/slink (docker.io/anirdev/slink)</summary>

###
[`v1.11.3`](https://redirect.github.com/andrii-kryvoviaz/slink/releases/tag/v1.11.3)

[Compare
Source](https://redirect.github.com/andrii-kryvoviaz/slink/compare/v1.11.2...v1.11.3)

#### 📦 Patch Notes

##### 🚀 New Features

- **Granular Guest Access Control:** Share access controls now
distinguish between explore mode, collection shares, and direct image
links.
([#&#8203;193](https://redirect.github.com/andrii-kryvoviaz/slink/issues/193))
- **Collection View Preferences:** Per-collection controls for page size
and load strategy, persisted across visits.
([#&#8203;174](https://redirect.github.com/andrii-kryvoviaz/slink/issues/174))

##### 🛠️ Improvements & Fixes

- **Collection UI/UX:** Switched the collection view to a masonry layout
for a denser, more balanced presentation, and polished the collection
share button.
- **Richer Share Listing:** The share listing page now surfaces more
attributes at a glance.
- **Tags Table Sorting:** Tags table now supports sorting by name.
([#&#8203;139](https://redirect.github.com/andrii-kryvoviaz/slink/issues/139))
- **Unauthorized Redirects:** Simplified the unauthorized handler and
corrected redirect logic after auth failures.
- **Maintenance:** Upgraded Svelte to 5.55.7 and refreshed project
dependencies.

**Full Changelog**:
<https://github.com/andrii-kryvoviaz/slink/compare/v1.11.2...v1.11.3>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zbGluayIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-05-17 18:59:29 +02:00
TrueCharts Bot ad1a749069 fix(filebrowser): update image docker.io/filebrowser/filebrowser v2.63.3 → v2.63.4 (#48304)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/filebrowser/filebrowser](https://redirect.github.com/filebrowser/filebrowser)
| patch | `289c5dd` → `69131ae` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>filebrowser/filebrowser
(docker.io/filebrowser/filebrowser)</summary>

###
[`v2.63.4`](https://redirect.github.com/filebrowser/filebrowser/releases/tag/v2.63.4)

[Compare
Source](https://redirect.github.com/filebrowser/filebrowser/compare/v2.63.3...v2.63.4)

#### Changelog

-
[`22b848f`](https://redirect.github.com/filebrowser/filebrowser/commit/22b848f26ef8ae889eef132232dbd0de347e0efd)
chore(release): 2.63.4
-
[`a418dd6`](https://redirect.github.com/filebrowser/filebrowser/commit/a418dd6bb367a609cb38835f9a76e94df995f37e)
chore: revert node dependencies updates
-
[`d978d1e`](https://redirect.github.com/filebrowser/filebrowser/commit/d978d1eccae6127618681333490afa0613e7d2ec)
chore: sync translations
([#&#8203;5945](https://redirect.github.com/filebrowser/filebrowser/issues/5945))
-
[`9cc18a8`](https://redirect.github.com/filebrowser/filebrowser/commit/9cc18a81e3e1b8bf96795bfbe3d83ced294ecfd7)
fix: show item shares from all users to admins
([#&#8203;5941](https://redirect.github.com/filebrowser/filebrowser/issues/5941))
-
[`e38c282`](https://redirect.github.com/filebrowser/filebrowser/commit/e38c28273aa85329fd9d796c1dd66fa07289b1ab)
chore: fix typo
-
[`da2dff0`](https://redirect.github.com/filebrowser/filebrowser/commit/da2dff0933e7f8795ba39fe2bad88d0e0dab66f4)
chore: sync translations
-
[`261bca6`](https://redirect.github.com/filebrowser/filebrowser/commit/261bca67bc7e0a4c188cb8d57522998ae9fdb735)
chore(deps): update all non-major dependencies
([#&#8203;5929](https://redirect.github.com/filebrowser/filebrowser/issues/5929))

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlYnJvd3NlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-05-17 18:59:26 +02:00
TrueCharts Bot 13e0c0d635 fix(vocechat-server): update image docker.io/privoce/vocechat-server v0.5.16 → v0.5.17 (#48306)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/privoce/vocechat-server | patch | `d62875c` → `7df8b76` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC92b2NlY2hhdC1zZXJ2ZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19-->
2026-05-17 18:59:25 +02:00
TrueCharts Bot 52ec91d7d8 feat(etherpad): update image ghcr.io/ether/etherpad 3.0.0 → 3.1.0 (#48307)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/ether/etherpad](https://redirect.github.com/ether/etherpad) |
minor | `037ce33` → `7bae8bd` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>ether/etherpad (ghcr.io/ether/etherpad)</summary>

###
[`v3.1.0`](https://redirect.github.com/ether/etherpad/blob/HEAD/CHANGELOG.md#310)

[Compare
Source](https://redirect.github.com/ether/etherpad/compare/3.0.0...3.1.0)

3.1 ships the self-update programme's **Tier 4 — autonomous in a
maintenance window** for real (the v3.0.0 notes documented the design;
this is the release the code actually lands in), adds first-class SMTP
delivery so update failures email the admin, and bundles a
defence-in-depth pass across the HTTP/API entry points. Two new
admin-facing escape hatches arrive: a preflight check that aborts an
update *before* it mutates the working tree when the target tag's
`engines.node` doesn't match the running runtime, and email
notifications for every auto-rollback / preflight outcome (not just the
terminal `rollback-failed` state).

##### Notable enhancements

- **Self-update — Tier 4 (autonomous in a maintenance window).** Set
`updates.tier: "autonomous"` together with `updates.maintenanceWindow:
{"start":"HH:MM","end":"HH:MM","tz":"local"|"utc"}` to constrain
autonomous updates to a nightly window. The scheduler snaps
`scheduledFor` forward to the next window opening when grace would
otherwise land outside the window, and defers the fire when the window
has closed by the timer callback. Cross-midnight windows (`end < start`)
are supported; DST transitions are absorbed by host wall-clock
arithmetic. A missing or malformed window degrades the policy to Tier 3
with an explicit `policy.reason` of `maintenance-window-missing` /
`maintenance-window-invalid`; an admin banner surfaces the
misconfiguration so autonomous behaviour is not silently disabled. The
admin update page shows a "Maintenance window" section with the parsed
window summary, the next opening, and a "deferred until <iso>" subtitle
on the scheduled panel when the timer has been snapped forward. Closes
[#&#8203;7607](https://redirect.github.com/ether/etherpad/issues/7607)
([#&#8203;7753](https://redirect.github.com/ether/etherpad/issues/7753)).
- **Updater — real SMTP via nodemailer (new top-level `mail.*` block).**
Replaces the "(would send email)" stub. New settings: `mail.host`,
`mail.port`, `mail.secure`, `mail.from`, `mail.auth.{user,pass}`.
`mail.host=null` keeps the legacy log-only behaviour. The `nodemailer`
dependency is lazy-imported on first send so installs that don't
configure mail pay no runtime cost; the transport is cached on the full
SMTP options tuple so a `reloadSettings()` change to
host/port/credentials invalidates the cache. `settings.json.docker`
reads `MAIL_HOST` / `MAIL_FROM` / `MAIL_PORT` / `MAIL_SECURE` from env.
Send errors are logged warn and swallowed so a transient SMTP failure
can never poison the updater state machine.
- **Updater — preflight against the target tag's `engines.node`.**
Before mutating the working tree, `runPreflight` now runs `git show
<tag>:package.json` and verifies `process.versions.node` satisfies the
target's `engines.node`. A mismatch fails cleanly at `preflight-failed`
with the detail `target requires Node >=X, running Y` — no drain, no
restart, no rollback. The check runs *after* signature verification so
we only trust signed `package.json`. New `PreflightReason:
'node-engine-mismatch'`.
- **Updater — email admin on rollback / preflight-failed (not just
`rollback-failed`).** Before this release only the terminal
`rollback-failed` state emailed. Auto-recovered failures
(`rolled-back-install-failed`, `rolled-back-build-failed`,
`rolled-back-health-check`, `rolled-back-crash-loop`) and
`preflight-failed` now also fire one email per `<outcome>:<targetTag>`
(dedupe key in `EmailSendLog.lastFailureKey`). A 3am autonomous update
that rolls back because of, say, a Node engine bump now lands in the
admin inbox at 3am instead of staying invisible until the next admin
login. Boot-path catch-up covers cases where the failure preceded a
clean process exit (timer-fired health-check rollback, crash-loop forced
rollback, preflight-failed that didn't get to email before exit).
- **API — `listAuthorsOfPad` filters the synthetic system author.**
`Pad.SYSTEM_AUTHOR_ID` (`a.etherpad-system`) is the placeholder Etherpad
attributes to when the HTTP API receives a call without an `authorId`
(setText, setHTML, appendText, server-side import). It was leaking
through `listAuthorsOfPad`, making pads with only API-driven content
appear to have one "real" author. The synthetic id is now filtered at
that API surface only — `getAllAuthors()` and downstream callers (copy,
anonymize, atext verification) still see it. Fixes
[#&#8203;7785](https://redirect.github.com/ether/etherpad/issues/7785) /
[#&#8203;7790](https://redirect.github.com/ether/etherpad/issues/7790)
([#&#8203;7793](https://redirect.github.com/ether/etherpad/issues/7793)).

##### Notable fixes

- **Export HTML — ordered-list counter no longer poisoned by a sibling
unordered list.** When an ordered-list level was the only consumer of
`olItemCounts`, closing *any* list at that depth (including a `<ul>`
that happened to share the level) reset the counter to 0. A subsequent
unrelated `<ol>` at the same depth then took the "counter exists but is
0" branch and emitted `<ol class="...">` without the `start=` attribute.
The reset is now gated on `line.listTypeName === 'number'` so closing an
unordered list never touches the ol bookkeeping. Fixes
[#&#8203;7786](https://redirect.github.com/ether/etherpad/issues/7786) /
[#&#8203;7787](https://redirect.github.com/ether/etherpad/issues/7787)
([#&#8203;7791](https://redirect.github.com/ether/etherpad/issues/7791)).
- **Export — bad `:rev` returns a meaningful 500 body, not Express's
HTML error page.** A non-numeric `:rev` (e.g. `/p/foo/test1/export/txt`)
reached `checkValidRev` which throws `CustomError('rev is not a number',
'apierror')`; the message fell through `.catch(next)` and Express's
default renderer returned an HTML 500 page. The route handler now
catches the apierror and emits `err.message` as a deterministic
`text/plain` 500. As a follow-up, `checkValidRev` runs *before*
`res.attachment()` so an invalid rev no longer leaves a
`Content-Disposition` header in place (browsers were offering to save
the error message as a file), and unrelated export failures (conversion,
fs, soffice) are surfaced as text/plain rather than the HTML stack page.
Fixes
[#&#8203;7788](https://redirect.github.com/ether/etherpad/issues/7788)
([#&#8203;7792](https://redirect.github.com/ether/etherpad/issues/7792)).

##### Security hardening

A bundle of defence-in-depth tightening picked up during an internal
audit pass
([#&#8203;7784](https://redirect.github.com/ether/etherpad/issues/7784)):

- **HTTP API — OAuth JWT path.** Verify the signature *before* reading
any claim off the payload; require `admin: true` strictly (presence is
no longer sufficient). The apikey comparison switches to
`crypto.timingSafeEqual`.
- **Import/Export temp-file path tokens.** Derived from
`crypto.randomBytes(16)` instead of `Math.random()`.
- **Token transfer.** Records now have a 5-minute TTL and are single-use
(removed from the store before responding). The author token is no
longer in the redemption response body — the `HttpOnly` cookie is the
only delivery channel.
- **`x-proxy-path` header sanitiser (new
`src/node/utils/sanitizeProxyPath.ts`).** Shared by `admin.ts` and
`specialpages.ts`. Strips characters outside `[A-Za-z0-9_./-]`,
collapses leading `//+` to a single `/`, rejects `..` traversal.
`admin.ts` also emits `Vary: x-proxy-path` and `Cache-Control: private,
no-store` so a poisoned response can never be reused for another origin.
- **`Pad.appendRevision` insert-op author invariant.** Centralises the
"every insert op carries an `author` attribute" rule the socket handler
already enforced, so non-wire callers (`setText`, `setHTML`,
`restoreRevision`, plugin paths) get the same check. `Pad.init` and
`setPadHTML` substitute `SYSTEM_AUTHOR_ID` when no author is supplied —
same pattern `setText` / `spliceText` already used.
- **`setPadRaw` legacy-import rewrite.** Bulk-import bypasses
`appendRevision`, so a hand-crafted `.etherpad` file could persist
non-conforming records that any subsequent `setText` / `setHTML` would
refuse to extend. A pre-pass now walks revs in order, sanitises each
changeset's `+` ops against the cumulative pad pool (substituting
`SYSTEM_AUTHOR_ID` where needed), and re-applies each changeset to a
running atext so the head atext and key-rev `meta.atext` / `meta.pool`
snapshots stay in lock-step. Conforming payloads round-trip unchanged.

##### Internal / contributor-facing

- **Backend tests — `tests/backend/specs/{api,admin}/*` un-skipped.**
The pnpm test script's glob (`tests/backend/specs/**.ts`) only matched
depth-1 files. Every spec under `api/` (14 files) and `admin/` (2 files)
has been silently skipped by CI. Switched to `--extension ts
--recursive` so mocha walks the tree as documented. A new vitest
regression check reads the pnpm script, hands mocha the same arguments
under `--dry-run --list-files`, and asserts representative specs from
both subdirectories appear in the discovered list
([#&#8203;7789](https://redirect.github.com/ether/etherpad/issues/7789)).
- **CI — Windows `npx ENOENT` in the glob-discovery regression check.**
`execFileSync('npx', ...)` doesn't pick up `npx.cmd` on Windows runners.
Resolved by running `mocha`'s JS entry directly via `require.resolve`
under the current node process. Path normalisation now goes through
`path.relative` + `replace([\\/])` so mixed-separator / drive-letter
casing on Windows mocha output still matches the POSIX-relative
assertions
([#&#8203;7794](https://redirect.github.com/ether/etherpad/issues/7794)).
- **CI — `anonymizeAuthorSocket` suite gated on admin-socket health when
`ep_hash_auth` is installed.** Un-hiding the suite in
[#&#8203;7789](https://redirect.github.com/ether/etherpad/issues/7789)
surfaced a 14-minute stall on every with-plugins matrix run because
`ep_hash_auth`'s `handleMessage` hook fires for every socket message
regardless of namespace and reads from the deprecated `client` context
(undefined for non-pad namespaces). Until the root cause lands (tracked
in
[#&#8203;7795](https://redirect.github.com/ether/etherpad/issues/7795)),
the suite skips itself when an application-level probe shows the admin
`/settings` namespace isn't responding — keeps the no-plugin matrix
covered and stops burning \~14 minutes per with-plugins run
([#&#8203;7796](https://redirect.github.com/ether/etherpad/issues/7796)).

##### Localisation

- Multiple updates from translatewiki.net.

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ldGhlcnBhZCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-05-17 18:59:19 +02:00
TrueCharts Bot c1f740038d chore(syslog-ng): update image docker.io/balabit/syslog-ng digest to 04cbac1 (#48302)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/balabit/syslog-ng](https://redirect.github.com/syslog-ng/syslog-ng)
| digest | `16cc809` → `04cbac1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zeXNsb2ctbmciLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-17 18:59:08 +02:00
TrueCharts Bot 68f78f60ca chore(blender): update image lscr.io/linuxserver/blender digest to b18b44b (#48300)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| lscr.io/linuxserver/blender | digest | `d3fb222` → `b18b44b` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ibGVuZGVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-05-17 18:58:31 +02:00
TrueCharts Bot a21be22b38 chore(matomo): update image public.ecr.aws/bitnami/matomo digest to cb69b03 (#48301)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[public.ecr.aws/bitnami/matomo](https://redirect.github.com/bitnami/containers)
([source](https://redirect.github.com/bitnami/containers/tree/HEAD/bitnami/matomo))
| digest | `554f81d` → `cb69b03` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tYXRvbW8iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-17 18:57:30 +02:00
TrueCharts Bot cc33491c8f chore(tasmocompiler): update image docker.io/benzino77/tasmocompiler digest to f924035 (#48303)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/benzino77/tasmocompiler | digest | `b199ede` → `f924035` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90YXNtb2NvbXBpbGVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-05-17 18:56:34 +02:00
TrueCharts Bot 6e7041faa8 BREAKING CHANGE(etherpad): Update image ghcr.io/ether/etherpad 2.7.2 → 3.0.0 (#48299)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/ether/etherpad](https://redirect.github.com/ether/etherpad) |
major | `b723fe5` → `037ce33` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>ether/etherpad (ghcr.io/ether/etherpad)</summary>

###
[`v3.0.0`](https://redirect.github.com/ether/etherpad/blob/HEAD/CHANGELOG.md#300)

[Compare
Source](https://redirect.github.com/ether/etherpad/compare/2.7.3...3.0.0)

3.0 is a feature-heavy release that closes out the self-update programme
(Tiers 2 and 3 land alongside Tier 1 from 2.7.3), removes the last
identified upstream telemetry vector, and ships a parsed JSONC settings
editor, native DOCX export, in-place pad history scrubbing, and an admin
UI for GDPR author erasure. It also marks the start of the broader
Etherpad app ecosystem (see *Companion apps* below).

##### Breaking changes

- **Minimum required Node.js version is now 24.** Node.js 22 is no
longer supported. Node 25 was briefly the floor mid-cycle but was rolled
back to **24 LTS (Krypton, supported through \~May 2028)** because Node
25 reached end-of-life on 2026-04-10 (see
[#&#8203;7779](https://redirect.github.com/ether/etherpad/issues/7779) /
[#&#8203;7781](https://redirect.github.com/ether/etherpad/issues/7781)).
The CI matrix targets Node 24 and 26. Node 24 still ships Corepack, so
existing `bin/installer.sh` / `bin/installer.ps1` flows continue to work
unchanged; the global `pnpm` install fallback added for the Node 25
detour is kept for forward-compatibility.
- **`pnpm` floor raised to `pnpm@11.1.2`.** `packageManager` is now
pinned to `pnpm@11.1.2` and `engines.pnpm` requires `>=11.1.2`. The
Dockerfile, snap, .deb and all GitHub workflows are aligned.
- **`swagger-ui-express` removed.** `/api-docs` now serves a vendored,
telemetry-free copy of
[Scalar](https://redirect.github.com/scalar/scalar) (see the privacy
item below). The route, the OpenAPI document, and the rendered output
are unchanged for downstream consumers, but anything that introspected
`swagger-ui-express` internals will need updating.
- **Debian package depends on `nodejs (>= 24)`.** The signed apt
repository at `etherpad.org/apt` is rebuilt against this floor; older
Node packages are no longer acceptable as a dependency
([#&#8203;7754](https://redirect.github.com/ether/etherpad/issues/7754)).

##### Companion apps

This release coincides with the launch of two ecosystem projects, both
maintained under the [`ether` org](https://redirect.github.com/ether)
and able to talk to any 3.x Etherpad server over its existing HTTP /
WebSocket API:

-
**[`ether/etherpad-desktop`](https://redirect.github.com/ether/etherpad-desktop)**
— a native desktop wrapper around Etherpad for macOS, Windows and Linux.
Single-window editor experience, system-tray indicator, and an optional
embedded server for fully offline pads.
- **[`ether/pad`](https://redirect.github.com/ether/pad)** — a portable
cross-target client: an Android and iOS app for editing pads on the go,
and a `nano`-style terminal client for headless / SSH workflows. Shares
the same realtime client transport as the browser editor so changes
propagate live across desktop, mobile, terminal and the web UI.

Both clients hit the **stable 3.x API surface**, so server operators
don't need to enable anything extra to support them — the OpenAPI
clean-up landed in this release (see *Notable enhancements*) is what
makes the shared client code generators viable.

##### Notable enhancements

- **Self-update subsystem — Tier 2 (manual click).**
- Admins on a git install can click "Apply update" at `/admin/update`.
Etherpad runs a 60s session drain (with T-60 / T-30 / T-10 broadcasts to
every pad), `git fetch / checkout / pnpm install --frozen-lockfile /
pnpm run build:ui`, and exits with code 75 so a process supervisor
restarts it on the new version. The next boot runs a 60s health check;
if `/health` doesn't come up the previous SHA + lockfile are restored
automatically.
- Crash-loop guard: if the new version reboots more than twice without
the health check completing, RollbackHandler forces a rollback
regardless of the timer.
- Terminal `rollback-failed` state surfaces a strong banner; the admin
clicks Acknowledge once they've manually recovered to clear the lock and
re-allow Tier 2 attempts.
- New settings under `updates.*`: `preApplyGraceMinutes`,
`drainSeconds`, `rollbackHealthCheckSeconds`, `diskSpaceMinMB`,
`requireSignature`, `trustedKeysPath`. Tag signature verification is
opt-in (default `false`) — see `doc/admin/updates.md` for the keyring
setup.
- **A process supervisor (systemd / pm2 / docker
`--restart=unless-stopped`) is required to apply updates.** Without one,
exit 75 leaves the instance down.
- **Self-update subsystem — Tier 3 (auto with grace window).**
- On a git install, set `updates.tier: "auto"` to have new releases
applied automatically after `preApplyGraceMinutes`. During the grace
window, `/admin/update` shows a live countdown plus Cancel and Apply now
buttons. Schedules are persisted to `var/update-state.json`, so an
Etherpad restart during the grace window rehydrates the timer instead of
losing the schedule. A new release tag detected mid-grace re-arms the
timer; if `adminEmail` is set, a one-shot `grace-start` notification
fires per scheduled tag (issue
[#&#8203;7607](https://redirect.github.com/ether/etherpad/issues/7607)).
- The terminal `rollback-failed` state continues to disable
auto/autonomous attempts globally until acknowledged; manual click stays
available because an admin click *is* the intervention the terminal
state requires.
- Tier 4 (autonomous in a maintenance window) remains designed but
unimplemented and will land in a subsequent release.
- **Privacy — drop swagger-ui telemetry, document phone-homes, add
opt-outs.**
- Dropped `swagger-ui-express` because upstream injects a Scarf
analytics pixel that cannot be disabled at install or runtime (see
[swagger-api/swagger-ui#10573](https://redirect.github.com/swagger-api/swagger-ui/issues/10573)).
`/api-docs` now serves a vendored copy of
[Scalar](https://redirect.github.com/scalar/scalar) (MIT) configured
with `withDefaultFonts: false` and `telemetry: false` so no outbound
calls are made.
- New `privacy.updateCheck` (default `true`) — set to `false` to disable
the hourly `UpdateCheck.ts` request to `${updateServer}/info.json`.
- New `privacy.pluginCatalog` (default `true`) — set to `false` to
disable the admin plugins page fetch of `${updateServer}/plugins.json`.
CLI install-by-name still works.
- New [`PRIVACY.md`](PRIVACY.md) at repo root documenting both outbound
calls, what they send, and how to turn each off.
- `bin/plugins/stalePlugins.ts` now reads `settings.updateServer` (was
hardcoded to `static.etherpad.org`) and honours the new flag.
- Closes
[#&#8203;7524](https://redirect.github.com/ether/etherpad/issues/7524).
- **Parsed JSONC settings editor in `/admin`.** The settings page now
parses `settings.json` as JSONC (with comments and trailing commas
preserved), validates edits in-browser, and writes the file back without
clobbering comment blocks
([#&#8203;7709](https://redirect.github.com/ether/etherpad/issues/7709),
closes
[#&#8203;7603](https://redirect.github.com/ether/etherpad/issues/7603),
takes over
[#&#8203;7666](https://redirect.github.com/ether/etherpad/issues/7666)).
- **GDPR — admin UI for author erasure.** Builds on the 2.7.3
author-erasure API: admins can now find an author by id or name in
`/admin` and run a confirmed erasure flow from the UI
([#&#8203;7667](https://redirect.github.com/ether/etherpad/issues/7667),
follow-up to
[#&#8203;7550](https://redirect.github.com/ether/etherpad/issues/7550)).
- **Pad-wide settings on by default.** `padOptions`-style settings can
now be edited from the in-pad cog without flipping a flag, and the modal
title no longer misleads about scope
([#&#8203;7679](https://redirect.github.com/ether/etherpad/issues/7679)).
Plugin-namespaced `ep_*` keys also flow through `applyPadSettings` so
plugins can register their own pad-wide options
([#&#8203;7698](https://redirect.github.com/ether/etherpad/issues/7698)).
- **Scrub history in-place on the pad URL.** A long-edited pad can now
have its history rewritten in place (e.g. for compliance or to drop
accidentally-pasted secrets), without changing the pad URL or breaking
deep-links
([#&#8203;7710](https://redirect.github.com/ether/etherpad/issues/7710),
closes
[#&#8203;7659](https://redirect.github.com/ether/etherpad/issues/7659)).
- **`bin/compactStalePads` — staleness-gated bulk compaction.**
Companion to the 2.7.3 `compactAllPads` CLI: targets only pads not
edited in the last `--older-than N` days, so hot pads in active
timeslider use are left alone. Same `--keep` / `--dry-run` shape as
`compactAllPads`
([#&#8203;7708](https://redirect.github.com/ether/etherpad/issues/7708),
issue
[#&#8203;7642](https://redirect.github.com/ether/etherpad/issues/7642)).
- **Native DOCX export (opt-in).** A `html-to-docx`-based exporter lands
as an alternative to the LibreOffice path, so installs that don't want
`soffice` on the host can still produce `.docx`. `soffice` is now
documented as optional for `.docx` and `.pdf`
([#&#8203;7568](https://redirect.github.com/ether/etherpad/issues/7568)
/
[#&#8203;7707](https://redirect.github.com/ether/etherpad/issues/7707),
issue
[#&#8203;7538](https://redirect.github.com/ether/etherpad/issues/7538)).
- **Editor / UI.**
- Settings popup is now scrollable on short viewports so the lower
controls stay reachable on small laptops
([#&#8203;7703](https://redirect.github.com/ether/etherpad/issues/7703),
issue
[#&#8203;7696](https://redirect.github.com/ether/etherpad/issues/7696)).
- Admin design pass cleans up the rework introduced in 2.7.3
([#&#8203;7716](https://redirect.github.com/ether/etherpad/issues/7716)).
- `theme-color` meta now follows the client-side dark-mode switch
instead of locking to the boot-time value
([#&#8203;7690](https://redirect.github.com/ether/etherpad/issues/7690),
issue
[#&#8203;7606](https://redirect.github.com/ether/etherpad/issues/7606)).
- `menu_right` stays visible on readonly pads by default; operators that
prefer the slimmer chrome can still opt in via `showMenuRight`
([#&#8203;7783](https://redirect.github.com/ether/etherpad/issues/7783)).
- Social meta: new `settings.socialMeta.description` override
([#&#8203;7691](https://redirect.github.com/ether/etherpad/issues/7691))
plus a fix for numeric / boolean override values that were silently
being dropped during coercion
([#&#8203;7692](https://redirect.github.com/ether/etherpad/issues/7692)).
- **Admin / API surface.**
- The published OpenAPI spec is cleaned up for downstream codegens —
duplicate operationIds removed, response schemas filled in, `nullable` ⟶
`oneOf null` migrated for OpenAPI 3.1
([#&#8203;7714](https://redirect.github.com/ether/etherpad/issues/7714)).
The companion apps above consume this directly.
- Admin endpoints (`/admin/*` JSON APIs) are now documented in the
OpenAPI spec
([#&#8203;7693](https://redirect.github.com/ether/etherpad/issues/7693)
/
[#&#8203;7705](https://redirect.github.com/ether/etherpad/issues/7705))
and called from a typesafe TanStack Query client in the admin SPA
([#&#8203;7638](https://redirect.github.com/ether/etherpad/issues/7638)
/
[#&#8203;7695](https://redirect.github.com/ether/etherpad/issues/7695)).
- "Requires newer Etherpad" message in the plugin browser when an
`ep.json` declares an `engines.etherpad` higher than the running
version, instead of failing with a generic install error
([#&#8203;7763](https://redirect.github.com/ether/etherpad/issues/7763)
/
[#&#8203;7771](https://redirect.github.com/ether/etherpad/issues/7771)).
- **Security hardening.**
- Reject `USER_CHANGES` inserts that arrive without an author attribute,
closing a server-side trust gap where unattributed changes could be
applied to a pad
([#&#8203;7773](https://redirect.github.com/ether/etherpad/issues/7773)).
- Integrator-issued `sessionID` cookies can now be marked `HttpOnly` via
the new option, matching the 2.7.3 author-token hardening
([#&#8203;7045](https://redirect.github.com/ether/etherpad/issues/7045)
/
[#&#8203;7755](https://redirect.github.com/ether/etherpad/issues/7755)).
- **Observability — Prometheus counters.** Three new counters surface
scaling-relevant events (`pad_load_total`, `socket_connect_total`,
`changeset_apply_total`) so operators can drive horizontal-scaling
decisions off the existing `/metrics` endpoint without a custom exporter
([#&#8203;7756](https://redirect.github.com/ether/etherpad/issues/7756)
/
[#&#8203;7762](https://redirect.github.com/ether/etherpad/issues/7762)).
- **Accessibility (continuation of the 2.7.2 / 2.7.3 pass).**
- Skip-to-content link plus hiding line-number gutters from screen
readers
([#&#8203;7255](https://redirect.github.com/ether/etherpad/issues/7255)
/
[#&#8203;7758](https://redirect.github.com/ether/etherpad/issues/7758)).
- Named `role="toolbar"` regions and `linemetricsdiv` hidden from
assistive tech
([#&#8203;7255](https://redirect.github.com/ether/etherpad/issues/7255)
/
[#&#8203;7777](https://redirect.github.com/ether/etherpad/issues/7777)).
- Localized `aria-label` on form controls (`<select>`, `<input>`,
`<textarea>`) and on export-as links
([#&#8203;7697](https://redirect.github.com/ether/etherpad/issues/7697)
/
[#&#8203;7713](https://redirect.github.com/ether/etherpad/issues/7713)).
- Removed `role="textbox"` / `aria-multiline` from `innerdocbody` where
they no longer matched the editor's real semantics
([#&#8203;7778](https://redirect.github.com/ether/etherpad/issues/7778)
/
[#&#8203;7782](https://redirect.github.com/ether/etherpad/issues/7782)).

##### Notable fixes

- **Docker — pnpm at runtime.** Bypass `pnpm` at container start so the
entrypoint no longer triggers a spurious `deps-status` reinstall on
every restart
([#&#8203;7718](https://redirect.github.com/ether/etherpad/issues/7718)
/
[#&#8203;7727](https://redirect.github.com/ether/etherpad/issues/7727)).
The Corepack cache is now shared so the unprivileged `etherpad` user can
resolve `pnpm`
([#&#8203;7689](https://redirect.github.com/ether/etherpad/issues/7689)).
- **Debian — `plugin_packages` stays in-tree.** The `.deb` now keeps
`plugin_packages/` under the install root so plugins installed at
runtime can still resolve `ep_etherpad-lite`
([#&#8203;7750](https://redirect.github.com/ether/etherpad/issues/7750)).
- **Admin — restore search and sort.** `SearchField` and the column-sort
helpers used by the authors page were lost during the admin rework;
they're restored
([#&#8203;7746](https://redirect.github.com/ether/etherpad/issues/7746)).
- **Admin — German strings hardcoded in error paths.** A handful of
leftover German strings from the rework are replaced with i18n keys
([#&#8203;7735](https://redirect.github.com/ether/etherpad/issues/7735)
/
[#&#8203;7736](https://redirect.github.com/ether/etherpad/issues/7736)).
- **Settings — `username: false` / `malformed color: false`
regression.** Legacy `settings.json` files that used `false` to disable
a feature no longer surface as `'false'` username or `'malformed color:
false'` errors
([#&#8203;7688](https://redirect.github.com/ether/etherpad/issues/7688),
issue
[#&#8203;7686](https://redirect.github.com/ether/etherpad/issues/7686)).

##### Internal / contributor-facing

- **Database driver — `ueberdb2` 5 → 6.** Major-version bump to
`ueberdb2@&#8203;^6.0.3`
([#&#8203;7734](https://redirect.github.com/ether/etherpad/issues/7734)).
Drivers are pinned through the lockfile; the schema-level changes are
documented in the `ueberdb2` 6.0 release notes.
- **CI / tests.**
- Windows + Node 24 backend-test flake fixed; native crashes are now
captured for diagnosis
([#&#8203;7748](https://redirect.github.com/ether/etherpad/issues/7748)).
- `updater-integration` rmdir-retry to clear the long-standing Windows
`EBUSY` flake
([#&#8203;7728](https://redirect.github.com/ether/etherpad/issues/7728)).
- `lowerCasePadIds` spec closes its socket.io clients on teardown
([#&#8203;7722](https://redirect.github.com/ether/etherpad/issues/7722)).
- Admin tests realigned to the typesafe API client + plugin row count
fixes
([#&#8203;7712](https://redirect.github.com/ether/etherpad/issues/7712)).
- Rate-limit test waits for Etherpad readiness before running, instead
of racing the boot sequence
([#&#8203;7726](https://redirect.github.com/ether/etherpad/issues/7726)).
- README link fixes and tidy-up
([#&#8203;7723](https://redirect.github.com/ether/etherpad/issues/7723)
/ [#&#8203;7724](https://redirect.github.com/ether/etherpad/issues/7724)
/
[#&#8203;7725](https://redirect.github.com/ether/etherpad/issues/7725)).
- Several dependency-group bumps across the dev and runtime trees:
`undici` 7.25 → 8.3, `semver` 7.7.4 → 7.8, `tsx` 4.21 → 4.22, `mssql`
12.5.2 → 12.5.3, `js-cookie` 3.0.5 → 3.0.6, `@tanstack/react-query`
5.100.9 → 5.100.10, `actions/dependency-review-action` 4 → 5, plus the
usual Dependabot dev-group rollups.

##### Localisation

- Multiple updates from translatewiki.net.

###
[`v2.7.3`](https://redirect.github.com/ether/etherpad/blob/HEAD/CHANGELOG.md#273)

[Compare
Source](https://redirect.github.com/ether/etherpad/compare/2.7.2...2.7.3)

##### Breaking changes

- **Minimum required Node.js version is now 22.13.** Node.js 20 is
reaching end-of-life (see
<https://nodejs.org/en/about/previous-releases>) and pnpm 11
hard-rejects Node releases older than 22.13. The CI matrix targets Node
22, 24, and 25. Upgrading should be straightforward — install a current
Node.js release before updating Etherpad.
- **The official Docker image no longer ships `curl`, `npm`, or `npx`.**
These were dropped to remove transitive CVEs (curl/libcurl SMB
advisories, npm's bundled picomatch 4.0.3 and brace-expansion 2.0.2).
The container's healthcheck now uses `wget` (busybox built-in, always
present), and Etherpad provisions `pnpm` via `corepack` for all runtime
package operations. If you exec into the container and rely on `curl` or
`npm` for ad-hoc tasks, install them on demand with `apk add curl` or
use the busybox `wget` / `pnpm` already present.

##### Notable enhancements

- **GDPR / privacy controls.** A multi-PR series adds the building
blocks operators need to satisfy data-subject requests:
  - Pad deletion controls (admin-driven and self-service).
  - IP / privacy audit pass across the codebase.
- Author-token cookies are now `HttpOnly`, removing them from JavaScript
reach.
  - Configurable privacy banner shown on first visit.
- Author erasure: an authenticated path for purging an individual
author's identity and contributions.
- **Self-update subsystem (Tier 1: notify).**
- Periodic check against the GitHub Releases API for the configured repo
(default `ether/etherpad`). Configurable via the new `updates.*`
settings block, default tier `"notify"`. Set `updates.tier` to `"off"`
to disable entirely.
- The admin UI shows a banner and a dedicated "Etherpad updates" page
with the current version, latest version, install method, and changelog.
- Pad users see a discreet footer badge **only** when the running
version is severely outdated (one or more major versions behind) or
flagged as vulnerable in a recent release manifest. The public endpoint
that drives this never leaks the version string itself.
- New top-level `adminEmail` setting. When set, the updater emails the
admin on first detection of severe / vulnerable status, with escalating
cadence (weekly while vulnerable, monthly while severely outdated). PR 1
ships the dedupe + cadence logic; real SMTP wiring lands in a follow-up
PR.
- Tier 1 ships in this release. Tiers 2 (manual click), 3 (auto with
grace window) and 4 (autonomous in maintenance window) are designed and
will land in subsequent releases.
  - See `doc/admin/updates.md` for full configuration.
- **Pad compaction.** New `compactPad` HTTP API plus `bin/compactPad`
and `bin/compactAllPads` CLIs to reclaim database space on long-lived
pads with heavy edit history (issue
[#&#8203;6194](https://redirect.github.com/ether/etherpad/issues/6194)).
`--keep N` retains the last N revisions; `--dry-run` previews per-pad
rev counts before writing. Per-pad failures don't stop the bulk run.
- `bin/compactStalePads` (issue
[#&#8203;7642](https://redirect.github.com/ether/etherpad/issues/7642))
targets only pads not edited in the last `--older-than N` days, so hot
pads in active timeslider use are left alone. Same `--keep` /
`--dry-run` shape as `bin/compactAllPads`. Targeting is deliberately a
CLI concern — the `compactPad` API surface stays unchanged.
- **New packaging targets.**
  - Etherpad is now published as a **Snap** package.
- **Debian (.deb)** packages are built via nfpm with a systemd unit, and
a signed apt repository is published to `etherpad.org/apt`.
- **Editor enhancements.**
- IDE-style line operations: keyboard shortcuts to duplicate or delete
the current line.
- New `showMenuRight` URL parameter to hide the right-side toolbar —
useful for embeds that need slimmer chrome.
- Click a user in the userlist to open chat with `@<name>` prefilled,
making mentions discoverable.
- New `padOptions.fadeInactiveAuthorColors` setting plus a toolbar UI to
fade the background colors of authors who have left the pad.
- **Color contrast.** Author colors now pick the WCAG-higher-contrast
text color for readability.
- **Social / mobile metadata.** Pad, timeslider, and home views now emit
Open Graph and Twitter Card tags (closes
[#&#8203;7599](https://redirect.github.com/ether/etherpad/issues/7599))
and a `theme-color` meta that matches the toolbar on mobile.
- **Plugin admin UX.** The `/admin` plugin browser surfaces each
plugin's `ep.json` `disables` declarations, so operators can see what a
plugin will turn off before installing.

##### Notable fixes

- **Socket.io: don't kick authenticated duplicate-author sessions.** A
regression where two tabs from the same authenticated author could evict
each other has been fixed
([#&#8203;7656](https://redirect.github.com/ether/etherpad/issues/7656)
/
[#&#8203;7678](https://redirect.github.com/ether/etherpad/issues/7678)).
- **Anchor scrolling.** Anchor-link navigation now waits for layout to
settle, so jumping to a deep link no longer overshoots.
- **Plugin updater.** `bin/updatePlugins.sh` actually updates installed
plugins again (closes
[#&#8203;6670](https://redirect.github.com/ether/etherpad/issues/6670)).
- **Settings: stable per-release version string.** `randomVersionString`
is now derived from the release identity rather than regenerated on each
boot, so caches behave correctly across restarts of the same version.

##### Internal / contributor-facing

- The HTTP client in the backend has been migrated from `axios` to the
built-in `fetch` API, dropping a dependency now that Node 22 ships a
stable fetch.
- `admin/` and `ui/` workspaces moved from `rolldown-vite` to upstream
**Vite 8**.
- Build and CI moved to **pnpm 11** (`packageManager: "pnpm@11.1.2"`);
the `Dockerfile`, snap, and all GitHub workflows are aligned. pnpm
overrides have been migrated from `package.json` to
`pnpm-workspace.yaml` to match pnpm 11's expectations.
- All client modules have been converted to ESM.
- The CI matrix tests Node 22, 24, and 25; on PRs the matrix is reduced
to a single Node version to keep feedback fast.
- Frontend Playwright tests now run against the `/ether` plugin set,
with feature-tag based skips so plugin-incompatible specs are excluded
automatically.
- Build hardening: signed apt repo publishing, frozen lockfile installs
across CI, Node setup pinned in every workflow, and a Docker-image CVE
sweep that bumps `npm`, `pnpm`, and `uuid`.

##### Localisation

- Multiple updates from translatewiki.net.

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ldGhlcnBhZCIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWFqb3IiXX0=-->
2026-05-17 13:33:59 +02:00
TrueCharts Bot e3ae52d6f1 chore(webgrabplus): update image ghcr.io/linuxserver/webgrabplus digest to 5994167 (#48296)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/webgrabplus](https://redirect.github.com/linuxserver/docker-webgrabplus/packages)
([source](https://redirect.github.com/linuxserver/docker-webgrabplus)) |
digest | `daef585` → `5994167` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWJncmFicGx1cyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19-->
2026-05-17 12:54:13 +02:00
TrueCharts Bot 0ee77978e6 chore(znc): update image ghcr.io/linuxserver/znc digest to b0d54f5 (#48297)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/linuxserver/znc](https://redirect.github.com/linuxserver/docker-znc/packages)
([source](https://redirect.github.com/linuxserver/docker-znc)) | digest
| `4a68279` → `b0d54f5` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC96bmMiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-17 12:54:10 +02:00
TrueCharts Bot 96924e6767 chore(medusa): update image ghcr.io/linuxserver/medusa digest to 426aaaf (#48295) 2026-05-17 12:54:04 +02:00
TrueCharts Bot b6c8f7553d chore(fileflows): update image docker.io/revenz/fileflows digest to 0e43858 (#48294)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/revenz/fileflows | digest | `2c92766` → `0e43858` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlZmxvd3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-17 12:53:56 +02:00
TrueCharts Bot b079be63f2 chore(chromium-desktop-g3): update image docker.io/accetto/ubuntu-vnc-xfce-chromium-g3 digest to 698297a (#48293)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/accetto/ubuntu-vnc-xfce-chromium-g3 | digest | `351699a` →
`698297a` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jaHJvbWl1bS1kZXNrdG9wLWczIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-05-17 12:52:09 +02:00
TrueCharts Bot bce5e2d0f2 chore(thelounge): update image docker.io/thelounge/thelounge digest to 9a7ca90 (#48281)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/thelounge/thelounge](https://redirect.github.com/thelounge/thelounge-docker)
| digest | `f3d6480` → `9a7ca90` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90aGVsb3VuZ2UiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-17 08:29:56 +00:00
TrueCharts Bot 1d341f9589 feat(cloudcommander): update image ghcr.io/coderaiser/cloudcmd 19.16.0 → 19.17.0 (#48291)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/coderaiser/cloudcmd](https://redirect.github.com/coderaiser/cloudcmd)
| minor | `d998e65` → `af87e0b` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>coderaiser/cloudcmd (ghcr.io/coderaiser/cloudcmd)</summary>

###
[`v19.17.0`](https://redirect.github.com/coderaiser/cloudcmd/releases/tag/v19.17.0):
cloudcmd v19.17.0

[Compare
Source](https://redirect.github.com/coderaiser/cloudcmd/compare/v19.16.0...v19.17.0)

#### 🐞 fix

-
[`d96f6c4`](https://redirect.github.com/coderaiser/cloudcmd/commit/d96f6c46)
css: query: hide time on mobile
-
[`e7c55e0`](https://redirect.github.com/coderaiser/cloudcmd/commit/e7c55e05)
docker: io: XDG\_CONFIG\_HOME

#### 🔥 feature

-
[`ae1ca0f`](https://redirect.github.com/coderaiser/cloudcmd/commit/ae1ca0f8)
cloudcmd: cssnano-preset-default v8.0.1
-
[`94d5096`](https://redirect.github.com/coderaiser/cloudcmd/commit/94d5096a)
style: owner, mode: improve
-
[`807f834`](https://redirect.github.com/coderaiser/cloudcmd/commit/807f8346)
cloudcmd: superc8 v12.6.0
-
[`67a9572`](https://redirect.github.com/coderaiser/cloudcmd/commit/67a95722)
docker: io: cline: add
-
[`68eacb9`](https://redirect.github.com/coderaiser/cloudcmd/commit/68eacb91)
qword: add
-
[`4acd294`](https://redirect.github.com/coderaiser/cloudcmd/commit/4acd294b)
docker: io: tmux
-
[`05c8004`](https://redirect.github.com/coderaiser/cloudcmd/commit/05c80043)
cloudcmd:
[@&#8203;supertape/loader-css](https://redirect.github.com/supertape/loader-css)
v1.0.0
-
[`800a654`](https://redirect.github.com/coderaiser/cloudcmd/commit/800a6545)
cloudcmd: eslint-plugin-n v18.0.1
-
[`a985bb3`](https://redirect.github.com/coderaiser/cloudcmd/commit/a985bb36)
cloudcmd: supertape v13.0.0
-
[`4315ec6`](https://redirect.github.com/coderaiser/cloudcmd/commit/4315ec61)
docker: io XDG\_CONFIG\_HOME: /etc -> /usr/local/etc

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jbG91ZGNvbW1hbmRlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=-->
2026-05-17 06:49:45 +02:00
TrueCharts Bot ad0e545f8f fix(openwebrxplus): update image docker.io/slechev/openwebrxplus-softmbe 1.2.113 → 1.2.114 (#48290) 2026-05-17 06:48:36 +02:00
TrueCharts Bot 2541fae873 feat(wallos): update image ghcr.io/ellite/wallos 4.8.4 → 4.9.0 (#48292)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/ellite/wallos](https://redirect.github.com/ellite/Wallos) |
minor | `e4ca23a` → `f226b0c` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>ellite/Wallos (ghcr.io/ellite/wallos)</summary>

###
[`v4.9.0`](https://redirect.github.com/ellite/Wallos/blob/HEAD/CHANGELOG.md#490-2026-05-16)

[Compare
Source](https://redirect.github.com/ellite/Wallos/compare/v4.8.4...v4.9.0)

##### Features

- allow multiple filters on the settings page
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- filter by notification status
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- lifetime subscriptions
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- rework icons
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- sort graphs on the statistics page by usage
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))

##### Bug Fixes

- don't use mbstring
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- migrations using double quotes
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- ntfy notifications with strange chars
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- null array on empty subscription list
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))
- open 3 dot menu abone for the subscriptions at the bottom
([0fef959](https://redirect.github.com/ellite/Wallos/commit/0fef9597ef9eadce725128e454cbd60ec051391d))

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93YWxsb3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->
2026-05-17 06:48:28 +02:00
TrueCharts Bot c9f2d58260 fix(drawio): update image docker.io/jgraph/drawio 30.0.1 → 30.0.2 (#48287)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/jgraph/drawio](https://www.drawio.com)
([source](https://redirect.github.com/jgraph/docker-drawio)) | patch |
`b0791d8` → `63ba7ec` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>jgraph/docker-drawio (docker.io/jgraph/drawio)</summary>

###
[`v30.0.2`](https://redirect.github.com/jgraph/docker-drawio/compare/v30.0.1...v30.0.2)

[Compare
Source](https://redirect.github.com/jgraph/docker-drawio/compare/v30.0.1...v30.0.2)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kcmF3aW8iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19-->
2026-05-17 00:42:22 +02:00
TrueCharts Bot e70c7ea76f feat(kromgo): update image ghcr.io/kashalls/kromgo v0.9.1 → v0.10.0 (#48289)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/kashalls/kromgo](https://redirect.github.com/kashalls/kromgo)
| minor | `1624b1a` → `965ecc9` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>kashalls/kromgo (ghcr.io/kashalls/kromgo)</summary>

###
[`v0.10.0`](https://redirect.github.com/kashalls/kromgo/releases/tag/v0.10.0)

[Compare
Source](https://redirect.github.com/kashalls/kromgo/compare/v0.9.1...v0.10.0)

#### What's Changed

- fix: incorrect byte mapping by
[@&#8203;kashalls](https://redirect.github.com/kashalls) in
[#&#8203;179](https://redirect.github.com/kashalls/kromgo/pull/179)
- fix(deps): update module github.com/caarlos0/env/v11 to v11.4.1 by
[@&#8203;layla-bot](https://redirect.github.com/layla-bot)\[bot] in
[#&#8203;176](https://redirect.github.com/kashalls/kromgo/pull/176)
- fix(deps): update module github.com/invopop/jsonschema to v0.14.0 by
[@&#8203;layla-bot](https://redirect.github.com/layla-bot)\[bot] in
[#&#8203;177](https://redirect.github.com/kashalls/kromgo/pull/177)
- fix(deps): update module go.uber.org/zap to v1.28.0 by
[@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in
[#&#8203;175](https://redirect.github.com/kashalls/kromgo/pull/175)
- chore(deps): update sigstore/cosign-installer action to v4 by
[@&#8203;layla-bot](https://redirect.github.com/layla-bot)\[bot] in
[#&#8203;172](https://redirect.github.com/kashalls/kromgo/pull/172)
- chore(deps): update dependency go to v1.26.3 by
[@&#8203;layla-bot](https://redirect.github.com/layla-bot)\[bot] in
[#&#8203;178](https://redirect.github.com/kashalls/kromgo/pull/178)

**Full Changelog**:
<https://github.com/kashalls/kromgo/compare/v0.9.1...v0.10.0>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9rcm9tZ28iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->
2026-05-17 00:42:20 +02:00
TrueCharts Bot afbf3262a6 chore(generic-device-plugin): update image ghcr.io/squat/generic-device-plugin digest to dc192e1 (#48286)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/squat/generic-device-plugin | digest | `327d13c` → `dc192e1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9nZW5lcmljLWRldmljZS1wbHVnaW4iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==-->
2026-05-17 00:42:12 +02:00
TrueCharts Bot a2fcf014e2 fix(local-ai): update image docker.io/localai/localai v4.2.4 → v4.2.6 (#48288) 2026-05-17 00:42:01 +02:00
TrueCharts Bot 95fe2080c0 chore(jellyfin): update image docker.io/alpine/socat digest to bfd2550 (#48276) 2026-05-16 18:47:39 +02:00
TrueCharts Bot cacc1c6a02 chore(searxng): update image docker.io/searxng/searxng digest to 654eff5 (#48278)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/searxng/searxng | digest | `201c62d` → `654eff5` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zZWFyeG5nIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=-->
2026-05-16 18:47:34 +02:00
TrueCharts Bot 9e22ba8599 chore(piwigo): update image ghcr.io/linuxserver/piwigo digest to 4e0f0ad (#48277) 2026-05-16 18:47:32 +02:00
TrueCharts Bot c013b69ed9 chore(filestash): update image docker.io/machines/filestash digest to a873284 (#48275) 2026-05-16 18:47:21 +02:00
TrueCharts Bot ce6c17fce4 chore(steam-headless): update image docker.io/josh5/steam-headless digest to 3acd5b5 (#48279)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| docker.io/josh5/steam-headless | digest | `16131e8` → `3acd5b5` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zdGVhbS1oZWFkbGVzcyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19-->
2026-05-16 18:47:14 +02:00