9ae1d60dfeb28a303c18844e2e3b5d607e550a47
56714 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
9ae1d60dfe |
chore(syslog-ng): update image docker.io/balabit/syslog-ng digest to 1799aad (#48865)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/balabit/syslog-ng | digest | `658a90e` → `1799aad` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zeXNsb2ctbmciLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
6c5b967fe1 | fix(nextcloud): update image docker.io/collabora/code 26.04.1.3.1 → 26.04.1.4.1 (#48860) | ||
|
|
ee35361996 |
fix(qbitmanage): update image docker.io/bobokun/qbit_manage v4.8.0 → v4.8.1 (#48861)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/bobokun/qbit_manage](https://redirect.github.com/StuffAnThings/qbit_manage) | patch | `3a4fc26` → `38afe4c` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>StuffAnThings/qbit_manage (docker.io/bobokun/qbit_manage)</summary> ### [`v4.8.1`](https://redirect.github.com/StuffAnThings/qbit_manage/releases/tag/v4.8.1) [Compare Source](https://redirect.github.com/StuffAnThings/qbit_manage/compare/v4.8.0...v4.8.1) ### Requirements Updated - "qbittorrent-api==2026.6.0" - "uvicorn==0.49.0" - "ruff==0.15.16" ### Bug Fixes - Fixes bug in Windows desktop builds that causes scheduler to hang **Full Changelog**: <https://github.com/StuffAnThings/qbit_manage/compare/v4.8.0...v4.8.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9xYml0bWFuYWdlIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
645e4dc12a |
feat(dispatcharr): update image docker.io/dispatcharr/dispatcharr 0.25.1 → 0.26.0 (#48862)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/dispatcharr/dispatcharr](https://redirect.github.com/Dispatcharr/Dispatcharr) | minor | `2bdcfd9` → `9275b0c` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>Dispatcharr/Dispatcharr (docker.io/dispatcharr/dispatcharr)</summary> ### [`v0.26.0`](https://redirect.github.com/Dispatcharr/Dispatcharr/blob/HEAD/CHANGELOG.md#0260---2026-06-07) [Compare Source](https://redirect.github.com/Dispatcharr/Dispatcharr/compare/v0.25.1...v0.26.0) ##### Added - **EPG logo auto-apply for XMLTV and Schedules Direct.** Channel logos are applied from `EPGData.icon_url` through a shared helper used by bulk "Set Logos from EPG", optional per-source auto-apply on refresh (`auto_apply_epg_logos` in source `custom_properties`), and a new `epg_source_id` option on the set-logos-from-epg API. Large libraries are processed in 500-channel chunks without loading every mapped row into memory. - **Schedules Direct EPG integration.** Dispatcharr now supports Schedules Direct as a first-class EPG source type alongside XMLTV and dummy EPG, with credential auth, lineup management, and guide refresh through the existing EPG pipeline and WebSocket progress. (Closes [#​1246](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1246)) — Thanks [@​Shokkstokk](https://redirect.github.com/Shokkstokk) - Lineup manager in EPG source settings: search by postal code, add/remove up to four active lineups, with SD's six-adds-per-24-hours limit and midnight-UTC reset surfaced in the UI. - MD5 delta refresh skips unchanged schedule and program downloads; a two-hour minimum interval between full refreshes is enforced (bypassable via force refresh). - Station logos in dark, light, gray, or white variants (`logo_style`), stored in `EPGData.icon_url` alongside XMLTV channel icons. - Optional program poster fetch (off by default): configurable style preference (SD Recommended via Gracenote's `primary` flag, or portrait/landscape banner/iconic variants with fallbacks), served through a backend proxy cached by nginx on first view. - XMLTV-compatible cast output (`role` for character names, `guest` for guest stars). - Lightweight stations-only fetch on source creation so EPG entries exist for auto-matching before the first full schedule pull. - **Live EPG program preview in the channel create/edit modal.** When selecting an EPG channel in the channel form, a "Current Program" card appears showing the currently-airing program title, description, and a progress bar. The backend builds a byte-offset index over the raw XMLTV file after each EPG refresh so lookups seek directly to the relevant file positions rather than parsing the full file - returning results in 1-10ms regardless of source size. If the index has not yet been built for a source, the API dispatches an async background build and the frontend retries up to 20 times over a 3-minute window. The `ProgramPreview` component was extracted into a shared component reused by the Stats page. The `programme_index` field on `EPGSource` is excluded from all API list responses to avoid returning multi-MB blobs. — Thanks [@​FiveBoroughs](https://redirect.github.com/FiveBoroughs) - **Public IP display in the sidebar is now blurred by default and reveals on click.** Prevents accidental exposure in screenshots and screen shares. A new toggle in Settings > System Settings lets users disable IP and geolocation fetching entirely. A `DISPATCHARR_ENABLE_IP_LOOKUP` environment variable provides a container-level override; when set to `false` the toggle is hidden from the UI and cannot be changed. (Closes [#​1302](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1302)) — Thanks [@​sethwv](https://redirect.github.com/sethwv) - **Configurable per-page count and sticky pagination footer in Plugin Browse.** The pagination controls now live in a fixed footer bar at the bottom of the page. A page-size selector (9 / 18 / 27 / 36) sits alongside the pagination widget and an item range readout (`X to Y of Z`). The selected page size is persisted in `localStorage` so it survives page navigations. — Thanks [@​sethwv](https://redirect.github.com/sethwv) - **VOD basic sync now stores additional metadata from the provider's stream list.** When a provider includes `director`, `cast`, `release_date`, or `trailer`/`youtube_trailer` in its `get_vod_streams` response, Dispatcharr now captures and stores those fields in `custom_properties` during the initial sync pass. Previously, this data was discarded and only populated if an advanced per-movie refresh was triggered. - Thanks [@​nemesbak](https://redirect.github.com/nemesbak) ##### Changed - **`send_websocket_update` now detects Celery worker context when gevent is monkey-patched.** EPG refresh progress (including Schedules Direct) uses the shared `send_epg_update` helper instead of a duplicate synchronous Redis sender. In Celery prefork workers that inherit gevent patching, WebSocket messages are delivered synchronously via the existing `_gevent_ws_send` Redis path; uWSGI continues to use `gevent.spawn` as before. - **Schedules Direct EPG delete confirmation shows username only.** The delete dialog no longer surfaces password or API key fields for credential-based SD sources. - **Channel edit form reorganized into three semantic columns.** Fields are now grouped as Identity (name, number, group, logo), Guide Data (TVG-ID, Gracenote StationId, EPG picker, current program preview), and Behavior/Access (stream profile, user level, mature content, hidden). The EPG section having its own column gives the `ProgramPreview` card enough width to truncate long titles correctly rather than expanding the column. - **IP lookup result delivered via WebSocket push.** When the background lookup completes, an `ip_lookup_complete` event is pushed to all connected clients so the sidebar IP field populates without polling. A `Skeleton` placeholder is shown while the lookup is in progress. - **`get_host_and_port` and `build_absolute_uri_with_port` moved from `apps/output/views.py` to `core/utils.py`.** Both helpers have no dependencies on anything in `apps/output` and are now used in `apps/channels/serializers.py` as well. Moving them to `core/utils` eliminates the need for a local import inside `LogoSerializer` and makes them available to the rest of the codebase without circular-import risk. `LogoSerializer.get_cache_url()` was also updated to use `build_absolute_uri_with_port` instead of `request.build_absolute_uri()`, so logo cache URLs now correctly include non-standard ports (fixing port-stripping for logo URLs behind reverse proxies, matching the existing fix applied to M3U and EPG URLs). - **nginx logo/poster proxy cache moved to `/data/logo_cache`.** `proxy_cache_path` now uses the persistent data volume instead of `/app/logo_cache`, and the init script ensures the directory exists with correct ownership on container start. - **`debian_install.sh` switched from Gunicorn to uWSGI with gevent workers.** The Debian/LXC bare-metal installer now deploys Dispatcharr under the same uWSGI + gevent stack used by the Docker image, eliminating a class of compatibility differences between the two deployment paths. The installer writes a `uwsgi-debian.ini` next to the app and manages uWSGI via a systemd service. The nginx site config now uses `uwsgi_pass` + `include uwsgi_params` instead of `proxy_pass`, which correctly populates `SERVER_PORT` in the WSGI environ so M3U playlist URLs include the configured port number (fixing the port-stripping bug from [#​1267](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1267) for bare-metal installs). Python 3.13 is now provisioned through uv's managed runtime so the install works on Debian 12 and Ubuntu 24.04 LTS regardless of the system Python version. - **`get_vod_streams` XC API response was missing metadata fields available from basic sync.** When a provider includes `director`, `cast`, `release_date`, `plot`, `genre`, or `year` in its `get_vod_streams` response, Dispatcharr stores those fields during the basic sync pass but was not including them in its own `get_vod_streams` XC output. The endpoint now outputs all six fields. The `trailer` key in the response also mapped to the wrong internal key (`trailer` instead of `youtube_trailer`) following the storage key rename, so the trailer field was always empty until an advanced refresh ran. Both issues are corrected. Users with existing libraries should trigger a VOD provider refresh to populate the missing fields. (Fixes [#​1228](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1228)) - **Docker base image now uses a multi-stage build.** The builder stage installs compilers and dev headers (`gcc`, `g++`, `gfortran`, `build-essential`, `libopenblas-dev`, `libpcre3-dev`, `python3.13-dev`, `ninja-build`) to create the virtual environment and compile the legacy NumPy wheel (cpu-baseline=none for old hardware). The final runtime image starts from the same ffmpeg base, copies only the prebuilt venv and wheel from the builder, and installs only the runtime libraries needed at runtime - eliminating compiler binaries from production containers and reducing final image size. — Thanks [@​kensac](https://redirect.github.com/kensac) - **`libpq-dev` removed from both build and runtime stages.** The project uses `psycopg[binary]` (psycopg3), which bundles its own statically linked copy of libpq inside the wheel. No system libpq headers or shared library are needed at build or runtime. - **Database driver upgraded from `psycopg2` to `psycopg3` (`psycopg[binary]`).** psycopg3 rewrote its network I/O layer in Python, so `gevent`'s `monkey.patch_all()` makes it gevent-cooperative without any additional patching. The `psycogreen` dependency and its driver-patching block in `gevent_patch.py` have been removed. Django's native psycopg3 connection pool is explicitly disabled (`pool: False`) so `django-db-geventpool` remains in sole control of connection lifecycle. The `dropdb` management command was updated to the `psycopg` API (`psycopg.connect`, `psycopg.sql`). - **Frontend unit tests extended to additional form components and the Guide page.** `ProgramRecordingModal`, `Recording`, `RecordingDetailsModal`, `RecurringRuleModal`, `ScheduleInput`, `SeriesRecordingModal`, `SeriesRuleEditorModal`, `Stream`, `StreamProfile`, `SuperuserForm`, `User`, `UserAgent`, and `VODCategoryFilter` now have Vitest + Testing Library test suites. Business logic was extracted from these components into corresponding utility modules and is exercised through the new tests. The Guide page was similarly refactored with extracted utils, and `dateTimeUtils.js` was extended to support the new test coverage. — Thanks [@​nick4810](https://redirect.github.com/nick4810) - **Official plugin repository manifest URL moved to GitHub Pages.** The default `OFFICIAL_REPO_URL` now points to `https://dispatcharr.github.io/Plugins/manifest.json` instead of the raw GitHub content URL. GitHub Pages avoids opaque caching on raw content that could serve stale manifests without indication. A data migration updates existing `PluginRepo` rows marked `is_official=True` in place; fresh installs pick up the new URL from the model default after the seed migration runs. — Thanks [@​sethwv](https://redirect.github.com/sethwv) ##### Performance - **M3U and EPG channel logo URLs no longer call `build_absolute_uri_with_port()` per channel.** The host/port/scheme base URL and logo path prefix/suffix are computed once per request; each row appends only the logo ID. M3U proxy stream URLs use the same pattern for channel UUIDs. - **`get_vod_streams` and `get_series` XC API response times reduced significantly for large libraries.** Both endpoints previously loaded all active relations per title (one row per account that carries the same movie/series), then discarded duplicates in Python. With large libraries across multiple active accounts this fetched a multiple of N rows. Both queries now use a single `DISTINCT ON (movie_id/series_id)` pass over the relation table ordered by account priority, returning exactly one row per title. Logo URL construction (`reverse()` + `build_absolute_uri_with_port()`) is also computed once and reused via prefix/suffix string concatenation, matching the existing pattern in `get_live_streams`. The `m3u_account` JOIN in `get_series` was also removed (it was fetched but never read in the loop). Additionally, `get_series` previously had no `order_by` on `M3USeriesRelation`, so output order was non-deterministic (physical storage order). Both endpoints now sort alphabetically by title. Observed improvements: 18s → 12s for 48k movies; 9.5s → 3.5s for 11k series. - **Database connections are now managed by a persistent per-worker pool.** Previously each request opened a fresh TCP connection to PostgreSQL, paid a full authentication handshake, and closed the connection at request end. `django-db-geventpool` now maintains a pool of warm connections per uWSGI worker; requests borrow a connection and return it when done, eliminating connection-setup overhead on every request. Pool size is bounded (`MAX_CONNS=8` per worker, `REUSE_CONNS=3` warm connections kept idle) to stay comfortably within PostgreSQL's default `max_connections=100` across all uWSGI workers, Celery workers, and Daphne. — Thanks [@​JCBird1012](https://redirect.github.com/JCBird1012) - **Reduced Redis round-trips on the Stats page channel status endpoint.** `get_basic_channel_info` was making up to 6 individual `HGET` calls per connected client plus a redundant `HGET` for `TOTAL_BYTES` (already present in the preceding `HGETALL` result). Client metadata is now fetched with a single `HMGET` per client, and `TOTAL_BYTES` is read from the already-fetched hash. Under load with many active streams this significantly reduces the time each uWSGI worker holds the GIL servicing the stats endpoint, reducing the chance of concurrent requests from other pages timing out with a 503. The same `HGET`-to-`HMGET` consolidation was applied to `stream_ts` and `get_user_active_connections`. The Stats page frontend was also fixed to fire the initial fetch only once on mount (previously two `useEffect` hooks both triggered an immediate fetch on load). — Thanks [@​JCBird1012](https://redirect.github.com/JCBird1012) ##### Security - **M3U endpoint no longer reflects POST body content in error responses.** The error message for disallowed POST requests previously echoed the raw request body back to the caller in a `text/html` response, which could be used for reflected XSS. The body is no longer included in the response. - Thanks [@​sebastiondev](https://redirect.github.com/sebastiondev) - Updated frontend npm dependencies to resolve 5 audit vulnerabilities (2 moderate, 2 high, 1 critical): - Updated `react-router` and `react-router-dom` 7.13.0 → 7.17.0, resolving **high** unauthenticated RCE via turbo-stream TYPE\_ERROR deserialization ([GHSA-49rj-9fvp-4h2h](https://redirect.github.com/advisories/GHSA-49rj-9fvp-4h2h)), **high** open redirect via protocol-relative `//` paths ([GHSA-2j2x-hqr9-3h42](https://redirect.github.com/advisories/GHSA-2j2x-hqr9-3h42)), **high** XSS in unstable RSC redirect handling via `javascript:` targets ([GHSA-8646-j5j9-6r62](https://redirect.github.com/advisories/GHSA-8646-j5j9-6r62)), **high** stored XSS via unescaped `Location` header in prerendered redirect HTML ([GHSA-f22v-gfqf-p8f3](https://redirect.github.com/advisories/GHSA-f22v-gfqf-p8f3)), **high** DoS via unbounded path expansion in the `__manifest` endpoint ([GHSA-8x6r-g9mw-2r78](https://redirect.github.com/advisories/GHSA-8x6r-g9mw-2r78)), and **high** DoS via reflected user input in single-fetch ([GHSA-rxv8-25v2-qmq8](https://redirect.github.com/advisories/GHSA-rxv8-25v2-qmq8)) - Updated `vitest` 3.2.4 → 4.1.8, resolving **critical** arbitrary file read and execution when the Vitest UI server is listening ([GHSA-5xrq-8626-4rwp](https://redirect.github.com/advisories/GHSA-5xrq-8626-4rwp)) - Updated `brace-expansion` 5.0.5 → 5.0.6, resolving **moderate** DoS when large numeric ranges defeat the documented `max` limit ([GHSA-jxxr-4gwj-5jf2](https://redirect.github.com/advisories/GHSA-jxxr-4gwj-5jf2)) - Updated `ws` 8.19.0 → 8.21.0, resolving **moderate** uninitialized memory disclosure ([GHSA-58qx-3vcg-4xpx](https://redirect.github.com/advisories/GHSA-58qx-3vcg-4xpx)) ##### Fixed - **HDHR lineup and discovery URLs now use the shared port-aware URI builder.** `lineup.json`, `discover.json`, and `device.xml` previously called Django's `request.build_absolute_uri()`, which drops non-standard ports behind reverse proxies and on dev installs. They now use `build_absolute_uri_with_port()` from `core/utils.py`, matching M3U, EPG, XC, and logo cache URLs. - **EPG channel list did not refresh after a source finished parsing channels.** The `epg_refresh` WebSocket handler closed over a stale `epgs` snapshot from when the socket connected. When a newly created source was not found in that snapshot, the handler updated progress and returned early without calling `fetchEPGData()`, so the channel picker and EPG assignment UI stayed empty until a full page reload. The handler now reads the current store via `getState()` and still calls `fetchEPGData()` when `parsing_channels` completes. - **DVR recordings no longer stop immediately when FFmpeg exits mid-stream.** If FFmpeg crashes, stalls, or loses the source before the scheduled end time, `run_recording` now restarts it in-process instead of going straight to HLS→MKV concat and marking the recording complete. Each restart reuses the same HLS working directory and continues segment numbering (`append_list`, `-start_number`) so the final MKV is a single continuous file. Retries are bounded by a per-outage time window matching live-proxy client tolerance (`STREAM_TIMEOUT` + `FAILOVER_GRACE_PERIOD`, default 80s); the window resets whenever new segments resume, so a long recording can survive multiple separate outages. Reconnect pacing between attempts follows the same `min(0.25 × attempt, 3s)` backoff used by the live-proxy `StreamManager`. Input demuxing also uses `-err_detect ignore_err` to tolerate minor TS corruption without aborting the process. If the outage window expires without recovery, the recording is saved as `interrupted` with `ffmpeg_outage_window_exhausted` rather than falsely reported as `completed`. (Closes [#​1170](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1170)) - **DVR HLS→MKV concat now tolerates timestamp splices and corrupt segments.** The finalize step (and startup recovery concat) previously used a bare `ffmpeg -f concat -c copy`, which could fail on truncated tail segments or PTS discontinuities from FFmpeg restarts mid-recording. Concat now uses a shared `_dvr_build_hls_concat_cmd` helper with `-fflags +genpts+igndts+discardcorrupt`, `-err_detect ignore_err`, and `-avoid_negative_ts make_zero`; the existing MP4-intermediate fallback path uses the same tolerant input flags. - **DVR FFmpeg restart no longer skips HLS segment numbers.** On restart, `-start_number` was set to the existing segment count while `append_list` also incremented the internal sequence for each segment reloaded from `index.m3u8`, so the first post-restart segment could land at roughly double the expected index (e.g. `seg_00028.ts` after 14 segments). Restarts now pass `-start_number 0` when the playlist already lists segments and let `append_list` continue numbering; loose `.ts` files without a playlist still seed from the highest filename index + 1. - **Null TS keepalive packets during channel initialization caused Emby (and Jellyfin) to force a deinterlace transcode or fail playback entirely.** While waiting for a channel to become ready, the generator sent a null TS packet (PID `0x1FFF`) every 0.5 s to keep the HTTP connection alive. Emby probes the initial bytes of the response via ffprobe; receiving a null packet instead of real stream data produced incorrect codec metadata and triggered a forced transcode. The null-packet yield has been replaced with a plain `gevent.sleep(0.1)`. (Fixes [#​1280](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1280)) - **VOD proxy stream URLs survive M3U import refresh cycles.** When `process_movie_batch` / `process_series_batch` create duplicate content records during a refresh, existing `M3UMovieRelation` / `M3UEpisodeRelation` rows are repointed at the new records, orphaning the old UUIDs. External players (Emby, Jellyfin, ChannelsDVR) that cached `.strm` URLs with the dead UUID would then 404 even though the same request carried a stable `stream_id` that maps to an active relation. The proxy now falls back to stream\_id resolution when the UUID lookup misses, using strictest-match-first logic (account-scoped relation preferred, then highest-priority account). A `[STREAMID-FALLBACK]` WARNING log keeps the underlying import churn. — Thanks [@​R3XCHRIS](https://redirect.github.com/R3XCHRIS) - **IP lookup no longer blocks the settings page load.** The `environment` endpoint previously made up to three sequential HTTP calls (ipify, ipapi.co, ip-api.com) with 5s timeouts each, blocking the page for up to 15s if any were unreachable. The lookups now run in a background thread on first request and results are cached in Redis for 1 hour, so the endpoint returns immediately on every call. — Thanks [@​sethwv](https://redirect.github.com/sethwv) - **Authenticated users were not identified in VOD connection cards and stream events when streaming via the web player.** The VOD proxy now accepts a JWT via a `?token=` query parameter so browser `<video>` elements (which cannot send `Authorization` headers) can authenticate. The token is read on the initial request, the resolved user ID is stored in Redis, then retrieved on the actual streaming request after the session redirect. Previously the redirect discarded auth context and all JWT-authenticated VOD sessions were tracked as anonymous. (Fixes [#​1224](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1224)) - **Deleting the last playlist (or any playlist) crashed the entire UI.** `removePlaylists()` in the playlists store filtered the `playlists` array but never removed the corresponding entries from the `profiles` map. After deletion, components reading `profiles[deletedId]` received `undefined` and crashed with `undefined is not an object (evaluating 'P[R].name')`, replacing the entire page with an error screen. The profiles map is now cleaned up atomically in the same state update as the playlists array. (Fixes [#​1269](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1269)) - Thanks [@​nemesbak](https://redirect.github.com/nemesbak) - **Switching providers in the VOD or Series detail modal had no effect.** The `provider-info` endpoints for movies and series always fetched data from the highest-priority provider, ignoring the `relation_id` the frontend sent when the user selected a different provider from the dropdown. The endpoints now accept an optional `relation_id` query parameter and fetch from that specific relation. The VOD modal also now shows the "Loading additional details..." indicator while the provider switch is in flight, matching the existing behaviour in the Series modal. (Fixes [#​1285](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1285)) - Thanks [@​nemesbak](https://redirect.github.com/nemesbak) - **Per-channel stream profile override was ignored during streaming.** `Channel.get_stream_profile()` read `self.stream_profile` directly, bypassing any `ChannelOverride.stream_profile` set by the user on auto-synced channels. The method now resolves through `effective_stream_profile_obj`, which checks the channel's override record first and falls back to the channel's own field. Channels without an override continue to behave identically to before. (Fixes [#​1268](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1268)) - Thanks [@​nemesbak](https://redirect.github.com/nemesbak) - **Web-player output profile was ignored for live streams started outside the Channels page.** `getShowVideoUrl` in `RecordingCardUtils.js` returned a raw proxy URL without calling `buildLiveStreamUrl`, so the output profile preference stored in `localStorage` was not applied when launching a stream from the TV Guide, Program Detail modal, DVR page, Recording Details modal, or Recording Card. Only the Channels page (StreamsTable) was calling `buildLiveStreamUrl` correctly. One additional import and one changed return value fix all affected entry points. (Fixes [#​1304](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1304)) - Thanks [@​nemesbak](https://redirect.github.com/nemesbak) - **Plugins with available updates were not sorting to the top of the Plugin Browse list.** The sort weight function previously treated `update_available` plugins the same as any other installed plugin, leaving them buried. They now receive the highest sort priority (below the search/filter results header) so users can spot pending updates immediately. — Thanks [@​sethwv](https://redirect.github.com/sethwv) - **Disabled state on the size-labeled install button rendered with a warm tint instead of appearing clearly disabled.** The CSS filter was `brightness(0.65) saturate(0.7)`, which left a faint color cast. It is now `grayscale(1) brightness(0.55)`, matching the standard disabled appearance. — Thanks [@​sethwv](https://redirect.github.com/sethwv) - **Restoring a backup from an older version left the database with missing schema.** The restore task ran `pg_restore` which replaced the entire database (including the `django_migrations` table) but did not run migrations afterward. If the backup predated a schema migration, the restored database was missing tables and columns added by those migrations, causing 500 errors on every API call. `migrate --noinput` now runs automatically after every restore. The success notification also now recommends a restart to clear stale service state. - **Cast and actors lists were silently truncated to the first name.** When a provider returns `cast` or `actors` as a JSON array, the helper used during both movie and series basic sync and movie advanced refresh only extracted the first element. All names in the array are now joined into a comma-separated string. Providers that return cast as a plain string are unaffected. - **Channel Group Override interactions in compact numbering and override display.** Two related bugs surfaced when Channel Group Override was used with auto-synced channels. First, compact numbering silently failed: with an override on the source `ChannelGroupM3UAccount`, sync stores channels under the override target group's id (not the source group id), so hide/unhide/repack operations all missed their channels and slot accounting broke silently (hidden channels kept their numbers, unhides got none, repack saw zero channels). The compact paths now include an override-aware fallback to match channels under both source and override-target group ids. Second, the clear-override reset button disappeared when an override's stored value coincidentally matched the provider value. The frontend `isFormFieldOverridden` function was value-based only; it now also checks for a persisted override row regardless of value, so the reset button remains available to clear any override. (Fixes [#​1263](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1263), Fixes [#​1276](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1276)) — Thanks [@​CodeBormen](https://redirect.github.com/CodeBormen) - **Compact numbering repack is now idempotent.** Auto-synced channel numbers reshuffled within their configured range on every sync, even when the provider returned no changes. The compact repack queried channels with no `ORDER BY`, so packing followed PostgreSQL's physical row order, which drifts after each repack's UPDATEs and autovacuum. The channel query now uses `.order_by("id")` (creation order tracks provider stream order for the default "provider" sort), and explicit name / tvg\_id / updated\_at sorts carry `c.id` as a secondary tiebreaker so equal values keep a stable relative order instead of churning. (Fixes [#​1321](https://redirect.github.com/Dispatcharr/Dispatcharr/issues/1321)) — Thanks [@​CodeBormen](https://redirect.github.com/CodeBormen) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kaXNwYXRjaGFyciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
a652cb7336 | fix(kromgo): update image ghcr.io/home-operations/kromgo 0.14.3 → 0.14.4 (#48859) | ||
|
|
8496fcf827 |
chore(tt-rss): update image ghcr.io/tt-rss/tt-rss-web-nginx digest to e2ae01f (#48858)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/tt-rss/tt-rss-web-nginx | digest | `75e667a` → `e2ae01f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dC1yc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
fe5d81f331 |
chore(grocy): update image ghcr.io/linuxserver/grocy digest to a0890ba (#48854)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/grocy](https://redirect.github.com/linuxserver/docker-grocy/packages) ([source](https://redirect.github.com/linuxserver/docker-grocy)) | digest | `7a9acc7` → `a0890ba` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9ncm9jeSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
799cbe0a4b |
chore(rsshub): update image docker.io/diygod/rsshub digest to faa5be8 (#48770)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/diygod/rsshub | digest | `0fd02b6` → `faa5be8` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yc3NodWIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
a249b65749 |
chore(piwigo): update image ghcr.io/linuxserver/piwigo digest to b69331c (#48855)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/piwigo](https://redirect.github.com/linuxserver/docker-piwigo/packages) ([source](https://redirect.github.com/linuxserver/docker-piwigo)) | digest | `9437407` → `b69331c` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9waXdpZ28iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
dc8d593c87 |
chore(searxng): update image docker.io/searxng/searxng digest to e4fade7 (#48856)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/searxng/searxng | digest | `e9f0237` → `e4fade7` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zZWFyeG5nIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
b3e170ee60 |
fix(helm-deps): update chart valkey 2.3.3 → 2.3.4 (#48846)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [valkey](https://truecharts.org/charts/stable/valkey) ([source](https://redirect.github.com/bitnami/containers/tree/HEAD/bitnami/valkey)) | patch | `2.3.3` → `2.3.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWJsYXRlIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
4472545e47 | fix(filebrowser): update image docker.io/filebrowser/filebrowser v2.63.13 → v2.63.14 (#48852) | ||
|
|
92c592df4c |
feat(teslamate): update image docker.io/teslamate/teslamate 3.0.0 → 3.1.0 (#48853)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/teslamate/teslamate](https://redirect.github.com/teslamate-org/teslamate) | minor | `6569026` → `b7b8b21` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>teslamate-org/teslamate (docker.io/teslamate/teslamate)</summary> ### [`v3.1.0`](https://redirect.github.com/teslamate-org/teslamate/blob/HEAD/CHANGELOG.md#310---2026-06-07) [Compare Source](https://redirect.github.com/teslamate-org/teslamate/compare/v3.0.0...v3.1.0) MCU2 upgraded cars are now fully supported in the main release (please switch from the now deprecated mcu2 branch aka pr-4453). As always, there have been many improvements. We now use the latest version of Grafana (13.0.1+security-01). The dashboards have been improved in terms of performance, and all dashboards now function as expected even if no geofence exists. BRIN indexes are now maintained to prevent performance degradation over time. To make your TeslaMate experience even better, we have also made more than 80 other improvements. Enjoy! ##### ARMv7 deprecation This is the last TeslaMate release to include ARMv7 Docker images. To keep up with current Elixir versions, ARMv7 support will be dropped going forward. Please migrate your OS to ARM64 or AMD64 before upgrading to the next release. If this is not possible, please inform us in [#​5304](https://redirect.github.com/teslamate-org/teslamate/issues/5304). ##### New features - feat: handle sleep behavior of MCU2 upgraded cars ([#​4453](https://redirect.github.com/teslamate-org/teslamate/issues/4453) -> [f58df80](https://redirect.github.com/teslamate-org/teslamate/commit/f58df8088c3b935851e84e2f935a041fc393b3ff) - [@​micves](https://redirect.github.com/micves), [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld) and [@​brianmay](https://redirect.github.com/brianmay)) ##### Improvements and bug fixes - feat(webview): Sort vehicles by display\_priority ([#​5188](https://redirect.github.com/teslamate-org/teslamate/issues/5188) - [@​olsoybakk](https://redirect.github.com/olsoybakk) and [@​swiffer](https://redirect.github.com/swiffer)) - feat(webview): Make icons inherit text color for better contrast in dark mode ([#​5193](https://redirect.github.com/teslamate-org/teslamate/issues/5193) - [@​olsoybakk](https://redirect.github.com/olsoybakk)) - feat(webview): Add dark mode support for background and buttons in the map ([#​5240](https://redirect.github.com/teslamate-org/teslamate/issues/5240) - [@​olsoybakk](https://redirect.github.com/olsoybakk) and [@​swiffer](https://redirect.github.com/swiffer)) - fix(webview): Prevent rounding of map tiles via Bulma CSS ([#​5265](https://redirect.github.com/teslamate-org/teslamate/issues/5265) - [@​swiffer](https://redirect.github.com/swiffer)) - perf: ensure BRIN indexes don't degrade over time ([#​5276](https://redirect.github.com/teslamate-org/teslamate/issues/5276) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: fix folder creation and bash 3.2 compatibility in dashboards.sh ([#​5233](https://redirect.github.com/teslamate-org/teslamate/issues/5233) - [@​svennergr](https://redirect.github.com/svennergr)) - fix: handle nil tire pressure values in summary view ([#​5297](https://redirect.github.com/teslamate-org/teslamate/issues/5297) - [@​elemated](https://redirect.github.com/elemated)) - feat: use Grafana 13.0.1+security-01 ([#​5324](https://redirect.github.com/teslamate-org/teslamate/issues/5324) - [@​swiffer](https://redirect.github.com/swiffer)) ##### Build, CI, internal - build(deps): bump ex\_cldr from 2.46.0 to 2.47.1 to fix 100% CPU lock when accessing TeslaMate web ([#​5166](https://redirect.github.com/teslamate-org/teslamate/issues/5166)) - ci: migrate runners for arm from buildjet to gha native ([#​5206](https://redirect.github.com/teslamate-org/teslamate/issues/5206) - [@​adriankumpf](https://redirect.github.com/adriankumpf)) - ci: limit DevOps workflow runs of type push to branch main to prevent duplicate runs on PR ([#​5211](https://redirect.github.com/teslamate-org/teslamate/issues/5211) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): update flake.lock ([#​5186](https://redirect.github.com/teslamate-org/teslamate/issues/5186)) - fix(nix): update mix dependency hash in nix builds ([#​5186](https://redirect.github.com/teslamate-org/teslamate/issues/5186) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump actions/stale from 10.1.1 to 10.2.0 ([#​5162](https://redirect.github.com/teslamate-org/teslamate/issues/5162)) - build(deps): bump crate-ci/typos from 1.42.3 to 1.44.0 ([#​5163](https://redirect.github.com/teslamate-org/teslamate/issues/5163)) - build(deps): bump finch from 0.20.0 to 0.21.0 ([#​5165](https://redirect.github.com/teslamate-org/teslamate/issues/5165)) - build(deps): bump immutable from 5.1.4 to 5.1.5 in /assets ([#​5176](https://redirect.github.com/teslamate-org/teslamate/issues/5176)) - build(deps): bump svgo from 3.3.2 to 3.3.3 in /website ([#​5177](https://redirect.github.com/teslamate-org/teslamate/issues/5177)) - ci: bump actions to avoid warnings for node 20 ([#​5213](https://redirect.github.com/teslamate-org/teslamate/issues/5213) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: ensure fully purging PR related tags for images hosted on GHCR on PR close ([#​5212](https://redirect.github.com/teslamate-org/teslamate/issues/5212) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: build images for main branch and use buildcache of main as fallback for PR builds ([#​5212](https://redirect.github.com/teslamate-org/teslamate/issues/5212) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: run Purge PR images workflow only if PR is from our own repo ([#​5217](https://redirect.github.com/teslamate-org/teslamate/issues/5217) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: for check\_paths ensure the job value is retrieved and set as workflow output correctly ([#​5219](https://redirect.github.com/teslamate-org/teslamate/issues/5219) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump castore from 1.0.17 to 1.0.18 ([#​5255](https://redirect.github.com/teslamate-org/teslamate/issues/5255)) - build(deps-dev): bump credo from 1.7.16 to 1.7.17 ([#​5254](https://redirect.github.com/teslamate-org/teslamate/issues/5254)) - build(deps): bump floki from 0.38.0 to 0.38.1 ([#​5249](https://redirect.github.com/teslamate-org/teslamate/issues/5249)) - build(deps): bump crate-ci/typos from 1.44.0 to 1.45.0 ([#​5251](https://redirect.github.com/teslamate-org/teslamate/issues/5251)) - build(deps): bump actions/cache from 5.0.3 to 5.0.4 ([#​5248](https://redirect.github.com/teslamate-org/teslamate/issues/5248)) - build(deps): bump dorny/paths-filter from 4.0.0 to 4.0.1 ([#​5247](https://redirect.github.com/teslamate-org/teslamate/issues/5247)) - build(deps): bump ecto\_sql from 3.13.4 to 3.13.5 ([#​5260](https://redirect.github.com/teslamate-org/teslamate/issues/5260) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump ex\_cldr from 2.47.1 to 2.47.2 ([#​5260](https://redirect.github.com/teslamate-org/teslamate/issues/5260) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps-dev): bump esbuild from 0.27.3 to 0.27.7 in /assets ([#​5261](https://redirect.github.com/teslamate-org/teslamate/issues/5261) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps-dev): bump esbuild-sass-plugin from 3.6.0 to 3.7.0 in /assets ([#​5261](https://redirect.github.com/teslamate-org/teslamate/issues/5261) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps-dev): bump sass from 1.97.3 to 1.99.0 in /assets ([#​5261](https://redirect.github.com/teslamate-org/teslamate/issues/5261) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): update packages in /website and remove obsolete overrides ([#​5266](https://redirect.github.com/teslamate-org/teslamate/issues/5266) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): update flake.lock ([#​5275](https://redirect.github.com/teslamate-org/teslamate/issues/5275)) - build(deps): update flake.lock ([#​5288](https://redirect.github.com/teslamate-org/teslamate/issues/5288)) - build(deps): bump docusaurus from 3.9.2 to 3.10.0 in /website ([#​5302](https://redirect.github.com/teslamate-org/teslamate/issues/5302) - [@​swiffer](https://redirect.github.com/swiffer)) - refactor: replace fake\_online\_state integer with typed mcu2\_online\_check atom ([#​5245](https://redirect.github.com/teslamate-org/teslamate/issues/5245) - [@​brianmay](https://redirect.github.com/brianmay)) - fix: update GitHub Actions configuration for Dependabot to include action directories ([#​5316](https://redirect.github.com/teslamate-org/teslamate/issues/5316) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump docker/login-action from 4.0.0 to 4.1.0, docker/build-push-action from 7.0.0 to 7.1.0, actions/upload-artifact from 7.0.0 to 7.0.1, actions/upload-artifact/merge from 7.0.0 to 7.0.1, erlef/setup-beam from 1.18.1 to 1.24.0, actions/cache from 5.0.4 to 5.0.5, actions/cache/restore from 5.0.4 to 5.0.5, actions/cache/save from 5.0.4 to 5.0.5 and crate-ci/typos from 1.45.0 to 1.46.0 ([#​5317](https://redirect.github.com/teslamate-org/teslamate/issues/5317)) - build(deps): bump leaflet-geoman-free from 2.19.2 to 2.19.3 in /assets ([#​5301](https://redirect.github.com/teslamate-org/teslamate/issues/5301) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump plug\_cowboy from 2.8.0 to 2.8.1 ([#​5314](https://redirect.github.com/teslamate-org/teslamate/issues/5314)) - build(deps-dev): bump esbuild from 0.27.7 to 0.28.0 in /assets ([#​5312](https://redirect.github.com/teslamate-org/teslamate/issues/5312)) - build(deps-dev): bump credo from 1.7.17 to 1.7.18 ([#​5315](https://redirect.github.com/teslamate-org/teslamate/issues/5315)) - sec(deps): add uuid override to version 14.0.0 in /website ([#​5320](https://redirect.github.com/teslamate-org/teslamate/issues/5320) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump [@​babel/plugin-transform-modules-systemjs](https://redirect.github.com/babel/plugin-transform-modules-systemjs) from 7.29.0 to 7.29.4 in /website ([#​5328](https://redirect.github.com/teslamate-org/teslamate/issues/5328)) - build(deps): bump fast-uri from 3.1.0 to 3.1.2 in /website ([#​5327](https://redirect.github.com/teslamate-org/teslamate/issues/5327)) - build(deps): update flake.lock ([#​5326](https://redirect.github.com/teslamate-org/teslamate/issues/5326)) - sec(deps): fix OSV vulnerabilities - update cowlib, decimal, and phoenix to patched versions ([#​5332](https://redirect.github.com/teslamate-org/teslamate/issues/5332) - [@​brianmay](https://redirect.github.com/brianmay)) - ci: add osv scanner to scan for vulnerabilities ([#​5332](https://redirect.github.com/teslamate-org/teslamate/issues/5332) - [@​brianmay](https://redirect.github.com/brianmay) and [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): update flake.lock ([#​5338](https://redirect.github.com/teslamate-org/teslamate/issues/5338)) - refactor: use frame key when specifying window to improve readability ([#​5339](https://redirect.github.com/teslamate-org/teslamate/issues/5339) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump cowlib from 2.16.0 to 2.16.1 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump cowboy from 2.14.2 to 2.15.0 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump plug from 1.19.1 to 1.19.2 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump postgrex from 0.22.0 to 0.22.2 and db\_connection from 2.9.0 to 2.10.1 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): update flake.lock ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump webpack-dev-server from 5.2.3 to 5.2.4 in /website ([#​5343](https://redirect.github.com/teslamate-org/teslamate/issues/5343)) - sec(deps): add ws override to version 8.20.1 in /website ([#​5344](https://redirect.github.com/teslamate-org/teslamate/issues/5344) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - feat(nix): update NixOS version to 26.05 ([#​5350](https://redirect.github.com/teslamate-org/teslamate/issues/5350) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - fix(nix): correct URL format for PostgreSQL connection in Grafana 13+ ([#​5351](https://redirect.github.com/teslamate-org/teslamate/issues/5351) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - fix(nix): make grafana.secretKeyFile optional with old insecure grafana default fallback ([#​5352](https://redirect.github.com/teslamate-org/teslamate/issues/5352) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump ex\_cldr from 2.47.2 to 2.47.4 ([#​5361](https://redirect.github.com/teslamate-org/teslamate/issues/5361)) - ci(deps): bump the actions-deps group across 4 directories with 11 updates ([#​5368](https://redirect.github.com/teslamate-org/teslamate/issues/5368)) - build(deps): update flake.lock ([#​5354](https://redirect.github.com/teslamate-org/teslamate/issues/5354)) - build(deps): bump finch from 0.21.0 to 0.22.0 ([#​5358](https://redirect.github.com/teslamate-org/teslamate/issues/5358)) - build(deps): bump react and react-dom from 19.2.5 to 19.2.6 in /website ([#​5366](https://redirect.github.com/teslamate-org/teslamate/issues/5366)) - build(deps-dev): bump sass from 1.99.0 to 1.100.0 in /assets ([#​5360](https://redirect.github.com/teslamate-org/teslamate/issues/5360)) - build(deps): bump [@​docusaurus/core](https://redirect.github.com/docusaurus/core), /faster and /preset-classic from 3.10.0 to 3.10.1 in /website ([#​5365](https://redirect.github.com/teslamate-org/teslamate/issues/5365)) ##### Dashboards - fix: use FLOOR/CEIL over ROUND for timestamps used in dashboard links to avoid timeranges becoming to narrow ([#​5187](https://redirect.github.com/teslamate-org/teslamate/issues/5187) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: ensure Charges / Drives dashboards load correctly if no Geofence exists ([#​5199](https://redirect.github.com/teslamate-org/teslamate/issues/5199), [#​5335](https://redirect.github.com/teslamate-org/teslamate/issues/5335) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: division by zero in SQL query for cost\_mileage in Trips dashboard ([#​5198](https://redirect.github.com/teslamate-org/teslamate/issues/5198) - [@​DrMichael](https://redirect.github.com/DrMichael)) - fix: handle incomplete data correctly in Charging Stats / Statistics / Trips dashboards ([#​5229](https://redirect.github.com/teslamate-org/teslamate/issues/5229) - [@​swiffer](https://redirect.github.com/swiffer)) - feat: enable timepicker in efficiency dashboard ([#​5257](https://redirect.github.com/teslamate-org/teslamate/issues/5257) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: ensure low precision mode is used for consumption gross for larger intervals ([#​5257](https://redirect.github.com/teslamate-org/teslamate/issues/5257) - [@​swiffer](https://redirect.github.com/swiffer)) - feat: improve filters in Statistics dashboard ([#​5340](https://redirect.github.com/teslamate-org/teslamate/issues/5340) - [@​DrMichael](https://redirect.github.com/DrMichael)) - feat: add geofence filter to Charging Stats dashboard with default to all ([#​5355](https://redirect.github.com/teslamate-org/teslamate/issues/5355) - [@​faekz0r](https://redirect.github.com/faekz0r)) ##### Translations - i18n: updated Catalan default.po ([#​5180](https://redirect.github.com/teslamate-org/teslamate/issues/5180) - [@​pellix](https://redirect.github.com/pellix)) - i18n: Update Korean translations in default.po ([#​5218](https://redirect.github.com/teslamate-org/teslamate/issues/5218) - [@​dongbum](https://redirect.github.com/dongbum)) ##### Documentation - docs: drop private schema before restore ([#​5190](https://redirect.github.com/teslamate-org/teslamate/issues/5190) - [@​brianmay](https://redirect.github.com/brianmay)) - docs: remove references to mcu2-upgraded-cars branch ([#​5371](https://redirect.github.com/teslamate-org/teslamate/issues/5371)- [@​brianmay](https://redirect.github.com/brianmay)) - docs: update DROP SCHEMA commands to include IF EXISTS to avoid issues with old installations ([@​5372-](https://redirect.github.com/5372-) [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90ZXNsYW1hdGUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |
||
|
|
b57f910261 |
fix(cops): update image lscr.io/linuxserver/cops 4.3.3 → 4.3.5 (#48851)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [lscr.io/linuxserver/cops](https://redirect.github.com/linuxserver/docker-cops/packages) ([source](https://redirect.github.com/linuxserver/docker-cops)) | patch | `b8c59e4` → `f69e6c0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jb3BzIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
b30fe8dbf0 |
chore(kitchenowl): update image docker.io/tombursch/kitchenowl digest to 3406168 (#48848)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/tombursch/kitchenowl | digest | `9f8d7e7` → `3406168` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9raXRjaGVub3dsIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
64dc210088 |
chore(mariadb): update image docker.io/bitnamisecure/mariadb digest to 09ef3a5 (#48849)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/mariadb | digest | `107ba8c` → `09ef3a5` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tYXJpYWRiIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
da2ad27f6e |
chore(tt-rss): update image ghcr.io/tt-rss/tt-rss digest to c52f10e (#48850)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/tt-rss/tt-rss | digest | `3c626f5` → `c52f10e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dC1yc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
713ac4c54b |
chore(anything-llm): update image ghcr.io/mintplex-labs/anything-llm digest to 7331f62 (#48764)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/mintplex-labs/anything-llm | digest | `063af65` → `7331f62` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hbnl0aGluZy1sbG0iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
32b722f7c6 | feat(ghostfolio): update image docker.io/ghostfolio/ghostfolio 3.7.0 → 3.8.0 (#48847) | ||
|
|
f527a6ddb4 |
chore(mylar): update image lscr.io/linuxserver/mylar3 digest to 9722737 (#48843)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [lscr.io/linuxserver/mylar3](https://redirect.github.com/linuxserver/docker-mylar3/packages) ([source](https://redirect.github.com/linuxserver/docker-mylar3)) | digest | `fef977a` → `9722737` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9teWxhciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
39bc5d1bde |
chore(lyrion-music-server): update image docker.io/lmscommunity/lyrionmusicserver digest to c6cdce2 (#48842)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/lmscommunity/lyrionmusicserver | digest | `573e4b6` → `c6cdce2` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9seXJpb24tbXVzaWMtc2VydmVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
ef58566669 |
chore(yacy): update image docker.io/yacy/yacy_search_server digest to 5a12196 (#48845)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/yacy/yacy_search_server | digest | `d6414ba` → `5a12196` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95YWN5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
46c1944ec2 |
chore(nitter): update image docker.io/zedeus/nitter digest to 8987a08 (#48844)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/zedeus/nitter | digest | `1825a2a` → `8987a08` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9uaXR0ZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
51850b8ffc | chore(mysql-workbench): update image ghcr.io/linuxserver/mysql-workbench digest to 4899288 (#48834) | ||
|
|
fd8755ef58 |
fix(minecraft-router): update image docker.io/itzg/mc-router 1.43.0 → 1.43.1 (#48841)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/itzg/mc-router](https://redirect.github.com/itzg/mc-router) | patch | `1a7bdbd` → `b4f4c50` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>itzg/mc-router (docker.io/itzg/mc-router)</summary> ### [`v1.43.1`](https://redirect.github.com/itzg/mc-router/releases/tag/v1.43.1) [Compare Source](https://redirect.github.com/itzg/mc-router/compare/v1.43.0...v1.43.1) #### What's Changed - Upgrade to Go 1.26.4 by [@​itzg](https://redirect.github.com/itzg) in [#​554](https://redirect.github.com/itzg/mc-router/pull/554) **Full Changelog**: <https://github.com/itzg/mc-router/compare/v1.43.0...v1.43.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9taW5lY3JhZnQtcm91dGVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
57c716e4cd |
chore(tubesync): update image ghcr.io/meeb/tubesync digest to f1ff9e5 (#48837)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/meeb/tubesync | digest | `aa89fc9` → `f1ff9e5` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dWJlc3luYyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
c2d8f414eb |
chore(pyload-ng): update image lscr.io/linuxserver/pyload-ng digest to a7f125b (#48835)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | lscr.io/linuxserver/pyload-ng | digest | `865c0e1` → `a7f125b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9weWxvYWQtbmciLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
28743b8766 |
chore(firefox): update image ghcr.io/linuxserver/firefox digest to a9e20f7 (#48833)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/firefox](https://redirect.github.com/linuxserver/docker-firefox/packages) ([source](https://redirect.github.com/linuxserver/docker-firefox)) | digest | `108231e` → `a9e20f7` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maXJlZm94IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
b569130968 | chore(dashy): update image ghcr.io/lissy93/dashy digest to 567eea6 (#48832) | ||
|
|
57c731d702 |
chore(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine digest to 3e12711 (#48831)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | digest | `47943cb` → `3e12711` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
c181a5467b |
chore(wordpress): update image docker.io/bitnamisecure/wordpress digest to 4afe239 (#48839)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/wordpress | digest | `0a93698` → `4afe239` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93b3JkcHJlc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
aa7af8cf79 |
chore(valkey): update image docker.io/bitnamisecure/valkey digest to 5ce04fc (#48838)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/valkey | digest | `50df82d` → `5ce04fc` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC92YWxrZXkiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
bc30787ddc | fix(wallos): update image ghcr.io/ellite/wallos 4.9.3 → 4.9.5 (#48830) | ||
|
|
4563276d21 |
chore(speedtest-tracker): update image ghcr.io/linuxserver/speedtest-tracker digest to c3750c4 (#48827)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/speedtest-tracker](https://redirect.github.com/linuxserver/docker-speedtest-tracker/packages) ([source](https://redirect.github.com/linuxserver/docker-speedtest-tracker)) | digest | `79c0063` → `c3750c4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zcGVlZHRlc3QtdHJhY2tlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
833cc8a867 |
chore(openvscode-server): update image ghcr.io/linuxserver/openvscode-server digest to a494986 (#48826)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/openvscode-server](https://redirect.github.com/linuxserver/docker-openvscode-server/packages) ([source](https://redirect.github.com/linuxserver/docker-openvscode-server)) | digest | `b87a986` → `a494986` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vcGVudnNjb2RlLXNlcnZlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
4f294354d0 |
chore(kdenlive): update image lscr.io/linuxserver/kdenlive digest to 3b98f1e (#48824)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | lscr.io/linuxserver/kdenlive | digest | `9a8807f` → `3b98f1e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9rZGVubGl2ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
04fbc43fc0 |
chore(traccar): update image docker.io/traccar/traccar digest to f187e0b (#48829)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/traccar/traccar](https://redirect.github.com/traccar/traccar) | digest | `a239e4d` → `f187e0b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90cmFjY2FyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
54540bafdc |
chore(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine digest to 47943cb (#48822)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | digest | `c03a556` → `47943cb` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
2fdd196a99 |
chore(adminer): update image adminer digest to 8326681 (#48821)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | adminer | digest | `cc64d25` → `8326681` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hZG1pbmVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
e6fa3552c2 |
chore(iyuuplus): update image docker.io/iyuucn/iyuuplus digest to 506e078 (#48823)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/iyuucn/iyuuplus | digest | `db94aeb` → `506e078` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9peXV1cGx1cyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
aab2279470 | chore(tachidesk-docker): update image ghcr.io/suwayomi/tachidesk digest to a2961cc (#48828) | ||
|
|
b00184c720 |
chore(mongodb): update image docker.io/bitnamisecure/mongodb digest to 594309a (#48825)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/mongodb | digest | `f8e4213` → `594309a` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tb25nb2RiIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
c70569ab43 |
chore(redis): update image docker.io/bitnamisecure/redis digest to 6e7a020 (#48746)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/redis | digest | `1347d52` → `6e7a020` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZWRpcyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
46fd3c63f9 |
fix(helm-deps): update chart mongodb 17.3.3 → 17.3.4 (#48750)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [mongodb](https://truecharts.org/charts/stable/mongodb) ([source](https://redirect.github.com/bitnami/bitnami-docker-mongodb)) | patch | `17.3.3` → `17.3.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95b3V0dWJlZGwtbWF0ZXJpYWwiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
1653069d50 |
fix(outline): update image docker.io/outlinewiki/outline 1.8.0 → 1.8.1 (#48820)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/outlinewiki/outline](https://redirect.github.com/outline/outline) | patch | `bbaac34` → `e224dcb` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>outline/outline (docker.io/outlinewiki/outline)</summary> ### [`v1.8.1`](https://redirect.github.com/outline/outline/releases/tag/v1.8.1) [Compare Source](https://redirect.github.com/outline/outline/compare/v1.8.0...v1.8.1) #### What's Changed ##### Improvements - Drag-and-drop now supports dragging from document lists in [#​12587](https://redirect.github.com/outline/outline/pull/12587) - Add admin interface to change user avatars in [#​12405](https://redirect.github.com/outline/outline/pull/12405) - Add automatic metrics tagging of outgoing emails in [#​12570](https://redirect.github.com/outline/outline/pull/12570) - Various improvements to mobile styling and layout in [#​12577](https://redirect.github.com/outline/outline/pull/12577), [#​12576](https://redirect.github.com/outline/outline/pull/12576) ##### Fixes - Fixed search term highlights missing on navigation from search in [#​12598](https://redirect.github.com/outline/outline/pull/12598) - Fixed an intermitent issue where sidebar element is not correctly active on first load in [#​12566](https://redirect.github.com/outline/outline/pull/12566) - Scrollbar no longer causes horizontal movement in comments sidebar in [#​12565](https://redirect.github.com/outline/outline/pull/12565) - Added protection against timing attacks on notification unsubscribe endpoints in [#​12551](https://redirect.github.com/outline/outline/pull/12551) - Icon picker is no longer auto-closed on choice in [#​12573](https://redirect.github.com/outline/outline/pull/12573) - Access requests can now be approved by collection managers in [#​12579](https://redirect.github.com/outline/outline/pull/12579) - Collection title and icon inline are now editable like documents in [#​12574](https://redirect.github.com/outline/outline/pull/12574) - Increased valid user-supplied URL length to 1024 in [#​12585](https://redirect.github.com/outline/outline/pull/12585) - Added handling of unhandled server error in MCP route in [#​12586](https://redirect.github.com/outline/outline/pull/12586) - Fixed sticky table header styling in Safari in [#​12590](https://redirect.github.com/outline/outline/pull/12590) - Private IP lookup is now invalid request rather than internal error in [#​12592](https://redirect.github.com/outline/outline/pull/12592) - Improved worker performance through caching in [#​12593](https://redirect.github.com/outline/outline/pull/12593) - chore: Improve handling of "expected" network errors from webhooks in [#​12599](https://redirect.github.com/outline/outline/pull/12599) - Mermaid is no longer persisted as last used coding language in [#​12601](https://redirect.github.com/outline/outline/pull/12601) - Fixed `collaboratorIds` iterable error when handling very old documents in [#​12602](https://redirect.github.com/outline/outline/pull/12602) - Fixed correct support for hard break serialization for commonMark in [#​12603](https://redirect.github.com/outline/outline/pull/12603) - Added email verification check during sign-in flow in [#​12605](https://redirect.github.com/outline/outline/pull/12605) **Full Changelog**: <https://github.com/outline/outline/compare/v1.8.0...v1.8.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vdXRsaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
f35d415024 |
fix(oscam): update image ghcr.io/linuxserver/oscam 11964-ls15 → 11965-ls15 (#48819)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/oscam](https://redirect.github.com/linuxserver/docker-oscam/packages) ([source](https://redirect.github.com/linuxserver/docker-oscam)) | patch | `d875f86` → `8e239f0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>linuxserver/docker-oscam (ghcr.io/linuxserver/oscam)</summary> ### [`v11965-ls15`](https://redirect.github.com/linuxserver/docker-oscam/releases/tag/11965-ls15) [Compare Source](https://redirect.github.com/linuxserver/docker-oscam/compare/11964-ls15...11965-ls15) **CI Report:** <https://ci-tests.linuxserver.io/linuxserver/oscam/11965-ls15/index.html> **LinuxServer Changes:** No changes **Remote Changes:** Updating to 11965 </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vc2NhbSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
3e21935875 |
chore(jelu): update image docker.io/wabayang/jelu digest to 721680d (#48818)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/wabayang/jelu | digest | `4f0895a` → `721680d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9qZWx1IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
383982aa80 | simplify forgetool setup | ||
|
|
1c6d7fd9dd |
feat(wekan): update image docker.io/wekanteam/wekan v9.34 → v9.35 (#48816)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `894f63f` → `7f926f0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.35`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v935-2026-06-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.34...v9.35) TLDR: - Admin Panel/Attachments/Move Files works: CollectionFS/Meteor-Files/S3/Azure Blob/Google Cloud Storage. - To have attachments and avatars visible, move them from CollectionFS to any other Storage - To upgrade, mongodump/mongorestore (older with [LD\_LIBRARY\_PATH](https://redirect.github.com/wekan/wekan/blob/main/docs/Backup/Backup.md#backup-wekan-snap-to-directory-dump)) to MongoDB 7.x, and copy WRITABLE\_PATH files/attachments/avatars if exists, at Snap /var/snap/wekan/common/files/, at Docker /data/files etc. This release adds the following [CRITICAL SECURITY FIXES](https://redirect.github.com/wekan/wekan/commit/357de728c03113b787065bac2c5832ad77f1a117): - [Fix GHSA-qfqv-42qw-vvwh: `cloneBoard` Meteor method has no authorization check — any user can clone (read) any private board by ID (CWE-639, CWE-862)](https://redirect.github.com/wekan/wekan/security/advisories/GHSA-qfqv-42qw-vvwh). The `cloneBoard` Meteor method in `models/import.js` copied an entire board — including all cards, comments, attachments, member info and activities — identified solely by a caller-supplied `sourceBoardId`, and performed no authorization check: it never verified that the calling user was a member of (or otherwise permitted to read) the source board. Any authenticated Wekan user who knew a board's ID (board IDs appear in board URLs and remain known to removed members) could call `Meteor.call('cloneBoard', '<targetBoardId>')` over DDP and obtain a permanent, fully-readable copy of that board's contents, even for private boards they had no access to. The method called `exporter.build()` directly, skipping the `canExport()` guard (`models/exporter.js`) that the REST export route correctly enforces. Fixed by requiring `this.userId` and running the same `exporter.canExport(user)` check the export route uses before building/cloning the board, so cloning a board now requires the same read authorization as exporting it. CVSS 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Thanks to dizconnectz for the coordinated disclosure, xet7 and Claude. and, while fixing the above, the following similar authorization issues found by code review were fixed (the [CloneBleed](https://wekan.fi/hall-of-fame/clonebleed/) group): - [Fix authorization guards that silently never ran in attachment, list, checklist, migration and webhook server methods (CWE-862, CWE-639)](https://redirect.github.com/wekan/wekan/blob/main/docs/hall-of-fame/clonebleed/). A review for the same class of bug as `cloneBoard` found several server-side methods whose access checks were present in the source but never actually enforced, plus a few methods missing a check entirely: - `server/models/checklists.js` `moveChecklist`: the membership guard called `allowIsBoardMemberByCard(...)`, but that helper is `async` and was both unimported and un-awaited, so `!allowIsBoardMemberByCard(...)` evaluated `!Promise` (always `false`) and the check never ran — any logged-in user could move a checklist between cards on boards they cannot access. Now imported and awaited, and login is required. - `server/models/lists.js` `updateListSort`: the guard read `typeof allowIsBoardMember === 'function' && !allowIsBoardMember(...)`, but `allowIsBoardMember` was never imported, so the `typeof` was always `false` and the guard never ran — any caller could reorder/re-assign any board's lists by ID. Replaced with a real `hasBoardWriteAccess` check, plus a check that the list actually belongs to the named board, and a login check. - `server/attachmentApi.js` and `server/routes/attachmentApi.js`: the attachment Meteor methods and REST handlers called `board.isBoardMember(...)`, which is not a method on the board model, so the permission check never behaved as intended. Replaced with the real `board.hasMember(...)`, and the upload path now also verifies the target card actually belongs to the named board (so `boardId` cannot be spoofed to a board the caller is a member of). - `server/models/users.js` `applyListWidth`: stored per-board list width with no authorization. Now requires the caller to be a member of the board and requires the list to belong to that board. - `server/models/boards.js` `getBackgroundImageURL`: returned any board's background image URL by ID. Now requires the board to be visible to the caller. - `server/migrations/fixMissingListsMigration.js` and `server/migrations/migrateAttachments.js`: the migration status/execute methods only checked that the caller was logged in. Reading status now requires board visibility, executing a board-rewriting migration now requires board admin (or instance admin), and the attachment migration methods now require board access (global status reads require instance admin). - `server/notifications/outgoing.js`: the webhook delivery method trusted the caller-supplied `integration` object and only checked that *some* integration with that URL existed. It now verifies a matching integration exists on its own board and that the caller is a member of that board, closing a path where any authenticated user could drive webhooks (and, via the two-way response path, overwrite comments) on boards they cannot access. - `server/models/userPositionHistory.js`: the `userPositionHistory.createCheckpoint`, `.getRecent`, `.getCheckpoints` and `.restoreToCheckpoint` methods only checked that the caller was logged in, even though the sibling `positionHistory.track*` methods (`server/methods/positionHistory.js`) already require the board to be visible to the caller — the same PositionHistoryBleed class fixed in v8.20/v8.21. All four now require board visibility (via the shared `isVisibleBy` guard) before reading or restoring position history scoped to a board. Thanks to xet7 and Claude. and, while auditing that client-side permission checks are also enforced server-side, the following gaps where the server did not re-verify a UI-gated permission were fixed: - [Fix client-side permission gates not re-verified server-side (CWE-862, CWE-269)](https://redirect.github.com/wekan/wekan/blob/main/docs/hall-of-fame/clonebleed/). The browser UI hides certain actions from read-only members and from non-admins, but those are cosmetic — the server-side `allow` rules and Meteor methods must enforce the same role. An audit found four places that did not: - `server/permissions/customFields.js`: the Custom Field `allow` insert/update/remove rules used `allowIsAnyBoardMember` (mere membership), so read-only/comment-only/worker members could create/modify/delete Custom Fields (board-wide schema) via direct DDP collection writes — the same read-only-write class as GHSA-6733, which had only fixed the REST path. Now uses the new `allowIsAnyBoardMemberWithWriteAccess` write-access helper. - `server/permissions/cardCommentReactions.js`: the reaction `allow` rules used `allowIsBoardMember`, letting read-only members add/remove comment reactions. Reacting is a form of commenting, so it now uses `allowIsBoardMemberCommentOnly` (Normal/Comment-only allowed, Read-only/No-comments denied), matching `CardComments.insert`. - `server/models/boards.js` `archiveBoard`: only required board membership, so any member (including read-only) could archive a board (hiding it for everyone) over DDP, although the UI gates archiving behind board admin. Now requires board admin (or global admin), matching the `Boards.allow` update/remove rules. - `server/models/settings.js` `sendSMTPTestEmail`: only required login, so any authenticated user could trigger the server to send an SMTP test (and have the server's SMTP error messages surfaced to them), although the UI gates it behind global admin. Now requires global admin. Thanks to xet7 and Claude. and, in the same access-control audit, the attachment write API was tightened: - **Security: attachment write operations in the REST/DDP API now require board write access, not just membership (CWE-862, CWE-639).** Both attachment API implementations (`server/routes/attachmentApi.js` HTTP routes and `server/attachmentApi.js` Meteor methods) gated upload / copy / move / delete on `board.hasMember()`, which is true for any active member regardless of role. This let read-only, comment-only, no-comments, worker and assigned-only board members add, copy, move and delete attachments through the API — actions the UI forbids for those roles. They now require board write access (global site admins still allowed); read operations (download / list / info) keep membership-level access. Added security tests in `server/lib/tests/attachmentApi.tests.js`. Thanks to xet7 and Claude. and adds the following new features: - **[Admin Panel / Attachments](https://redirect.github.com/wekan/wekan/commit/a86a087915aac9d204e157b1a698091c079e04e6): "Calculate file counts" on every storage backend, shown right below the "Read" toggle.** Azure Blob Storage and Google Cloud Storage now have a "Calculate file counts" button (new `getAzureStorageStats` / `getGcsStorageStats` methods) that reports how many attachments and avatars are stored on that backend, matching what Filesystem, MongoDB GridFS and S3 already offer. The count is read from the stored file metadata (fast, no cloud API calls). The S3 button was also moved up to sit directly under its "Read" checkbox, so all backends are consistent. Thanks to Claude. - \*\*[Admin Panel / Attachments: the MongoDB GridFS page notes how to make legacy files visible](https://redirect.github.com/wekan/wekan/commit/dca9427bfb58532778bc705e4c8c8014ba4b01ae). \*\* A translatable line under the "MongoDB GridFS Storage" title reminds admins: "To have attachments and avatars visible, move them from CollectionFS to any other Storage." Thanks to Claude. - **Admin Panel / Attachments: the Google Cloud Storage page now documents the required bucket permission.** A note under the "GCS Storage" title explains that the service account needs the **Storage Object Admin** role (`roles/storage.objectAdmin`) on the bucket (Cloud Console → Cloud Storage → Buckets → your bucket → Permissions → Grant access → add the service account → role "Storage Object Admin"), and that the bucket must exist in the same project — otherwise "Test connection" fails with `storage.objects.list denied`. Thanks to xet7 and Claude. - **Admin Panel / Attachments: a "Save" button next to the Enabled / Read toggles at the top of each cloud storage.** S3, Azure and Google Cloud Storage now have a Save button directly below the "\[ ] Enabled \[ ] Read" row, so those toggles can be saved without scrolling to the bottom of the (now quite long) storage page. It saves the same way as the existing bottom Save button — the server merges that provider's config and preserves secrets left blank — and the bottom Save button is kept. (Filesystem and GridFS have only a Read toggle, which already saves the instant it is toggled, so they need no button.) Thanks to Claude. - **Admin Panel / Attachments: bilingual, self-documenting cloud-storage fields (S3, Azure and Google Cloud Storage).** Each cloud-storage setting now guides the admin from top to bottom with both English and translated text, so it is easy to follow along while clicking through the provider's Cloud Console: - the field **label** uses the provider's own console wording in English (e.g. *Access key ID*, *Secret access key*, *Storage account key*, *Service account key (JSON)*), with the translated label shown below it; - a literal **example** of what the value should look like (e.g. `eu-west-1`, an example bucket name / endpoint / connection string), which is intentionally not translated; - a short **description** of the value, in English and then translated; - the **Cloud Console menu path** showing exactly where to find or create the value (e.g. *AWS Console → IAM → Users → your user → Security credentials → Access keys → Create access key*; *Azure Portal → Storage accounts → your account → Access keys → key1*; *Google Cloud Console → IAM & Admin → Service accounts → … → Keys → Add key → Create new key → JSON*), again in English and then translated. The provider field names, examples and menu paths are kept in English so they match what the Cloud Console actually shows, while the descriptions and menu paths are also translatable; section titles, the enable/read/force-path-style checkboxes and the Test/Save buttons remain fully translated. Thanks to Claude. - **Admin Panel / Attachments / Move Attachment: "Repair file locations" button and a persistent "last move" message.** The new **Repair file locations** button scans all attachments and avatars and finds any whose recorded storage (`versions.<v>.storage` / `path` / `meta.gridFsFileId`) no longer matches where the binary actually is — left inconsistent by an interrupted or failed move — and fixes the database to point at the real location: it detects the binary in GridFS (by the `metadata.fileId` stamped on upload, recovering files whose GridFS id reference was lost) or on the filesystem (using the storage strategy's own thorough path resolution, so the repair agrees with what a real download/move would find even when `versions.<v>.path` is stale), then corrects `storage`, `path` and `meta.gridFsFileId` accordingly. Cloud-stored files are left untouched, and files found nowhere are reported as "Not found". The scan is streamed (memory-safe) and shows a per-scope searched / repaired / not-found summary. Separately, after a move finishes the page now keeps showing the last move operation — source → destination (scope) and the date/time as `YYYY-MM-DD HH:MM:SS` — so it is clear what was last done. Thanks to xet7 and Claude. - **SVG image uploads are now sanitized instead of rejected.** Uploaded SVGs (attachments and avatars) are cleaned in place in `onAfterUpload` via the new `models/lib/sanitizeSvg.js`, which removes JavaScript (`<script>`, inline `on*=` event handlers, `javascript:`/`vbscript:` URIs, `<foreignObject>` / `<iframe>` / `<object>` / `<embed>` and similar active content) and XML loops (`<!DOCTYPE>` / `<!ENTITY>` entity-expansion / XXE constructs and `<?xml-stylesheet?>`), so SVG images can be uploaded safely. Thanks to Claude. - **Unified attachment/avatar storage migration: move any → any.** Admin Panel / Attachments / Move Attachment can now move **Attachments, Avatars, or both**, from **any source to any destination** across Filesystem, Meteor-Files GridFS, Cloud (S3/Azure/GCS) and legacy CollectionFS GridFS. The default source is "All Read-enabled storages" (every backend whose Read flag is enabled and whose settings work), so everything can be consolidated into one destination in a single run. All metadata is preserved (board / swimlane / list / card / user / uploaded date / name / type / size), attachment cover references (`cards.coverId`) are remapped when an id changes, and the legacy source is deleted only after the new copy is verified. Thanks to Claude. - **Legacy CollectionFS GridFS is now a first-class storage backend** (read, migrate-from, and export-to) for both attachments and avatars, via the new `models/lib/collectionFsStore.js` (binary keyed by `copies.<coll>.key` in the `cfs_gridfs.<coll>` bucket, metadata in `cfs.<coll>.filerecord`). Thanks to Claude. - **The storage strategy layer is now collection-aware.** `moveToStorage` and the GridFS/Cloud strategies previously hard-coded the `Attachments` collection, so moving avatars to GridFS/cloud would have updated the wrong collection. The factory now carries its collection (`Attachments` or `Avatars`), so **avatars can be stored in Meteor-Files GridFS and cloud**, not only on the filesystem. Attachment behavior is unchanged. Thanks to xet7 and Claude. and adds the following updates: - [Update Windows MongoDB](https://redirect.github.com/wekan/wekan/commit/beedf2fefa614018ce7ed499465092e814a050d9). Thanks to xet7. - [Update DDP transport and reactivity order for multi-tenant deployment](https://redirect.github.com/wekan/wekan/pull/6365). Thanks to italojs. - [Updated to Meteor 3.5-rc.1](https://redirect.github.com/wekan/wekan/commit/29b3f52e50ea2ee9bfbfb98d3842ce8a9b8e52e3). Thanks to Meteor developers. - **Documented the attachment / file REST API in the OpenAPI docs** — file upload, download, info, listing a board's files, copy, move and delete (the `/api/attachment/*` endpoints registered via `WebApp.handlers.use()`, which the generator cannot auto-discover) are now documented in `openapi/extra_paths.yml` and injected into the generated docs, including their authentication and permission requirements. Thanks to xet7 and Claude. and adds the following fixes: - **[Admin Panel / Attachments: "Run MongoDB compact" now actually compacts the database](https://redirect.github.com/wekan/wekan/commit/dca9427bfb58532778bc705e4c8c8014ba4b01ae).** MongoDB refuses `compact` on an active replica-set primary unless `force: true` is given, so every collection failed with "will not run compact on an active replica set primary … use force:true to force" — and because the usual Meteor setup is a single-node replica set (only a primary, no secondaries), nothing was compacted at all and no disk space was reclaimed. The primary is now compacted with `force: true` (secondaries are still compacted without it, so the primary stays available while they run), so the GridFS collections are actually rewritten and freed space is returned to the filesystem. Thanks to Claude. - **Admin Panel / Attachments: clearer cloud "Test connection" errors, and cloud config inputs are trimmed.** Testing an Azure/GCS/S3 connection used to report a single generic `Incomplete configuration or adapter not installed` even when the real problem was specific — e.g. Azure rejecting the config with `Invalid URL` (a stray space/newline in the account name, or a bad endpoint / connection string). `testCloudConnection` now reports the actual cause: adapter not installed, required fields missing, the adapter's own configuration error (such as `Invalid URL`), or the real `listFiles` error (auth failure, container not found, …). It also pre-validates the config and gives an actionable message before the adapter turns it into a cryptic error — e.g. for Azure it explains that the **Storage account name** must be just the account name (3–24 lowercase letters/numbers, e.g. `wekanstorage`, not a full `https://…` URL and with no spaces), or that the **Connection string** is malformed; and when Azure still returns `Invalid URL` the message appends which field to check. In addition, all cloud-storage text fields are now trimmed when read from the form, so leading/trailing whitespace from copy-paste no longer produces an invalid URL. Thanks to xet7 and Claude. - **[Fixed moving attachments to S3](https://redirect.github.com/wekan/wekan/commit/a86a087915aac9d204e157b1a698091c079e04e6) (and other cloud storage) failing and crashing the server.** Uploading to S3 failed two ways, each of which crashed the whole server because the rejection was unhandled and SyncedCron treats those as fatal. The `@tweedegolf/sab-adapter-amazon-s3` adapter uploaded with a `PutObjectCommand` whose `Body` was a live stream: (1) with no `ContentLength` the AWS SDK fell back to a chunked signed upload that needs a decoded content length, which was undefined for a stream of unknown size — `Invalid value "undefined" for header "x-amz-decoded-content-length"`; and (2) if the socket dropped mid-upload (`socket hang up`), the SDK's body-stream promise rejected unhandled. Fixed by uploading the file as a complete in-memory **buffer** (`addFileFromBuffer`) instead of a live stream: a buffer has a known length (no content-length error) and no socket-bound stream to re-reject. The cloud upload promise now never rejects — any failure is captured and exposed via `waitUntilStored()`, which `moveToStorage` checks inside a try/catch so a failed upload leaves the source file intact and is logged cleanly. (Files are moved one at a time, so peak memory is one file.) Thanks to Claude. - **Fixed `TypeError: Cannot read properties of undefined (reading 'on')` when moving attachments between Meteor-Files/GridFS and Filesystem.** If a file's source binary was missing at its recorded location (e.g. a file left half-moved by an earlier interrupted run — storage says "gridfs" but the GridFS id reference is gone, or a filesystem path that no longer exists), `getReadStream()`/`getWriteStream()` returned `undefined` and `moveToStorage` (and `copyFile`) called `.on()` on it, throwing. Both now detect a missing read/write stream, log a clear message (which file, version, from→to storage, and why), **skip that file and leave the source intact** so no data is lost, and continue with the rest. Use the new "Repair file locations" button to fix the underlying inconsistent records. Thanks to Claude. - **Fixed moving attachments/avatars from CollectionFS to Meteor-Files crashing the server, hanging the Admin Panel move at "File 1 / N", and leaving broken avatars.** Three problems in Admin Panel / Attachments / Move Attachment: - **Server crash on the first file** (`uncaughtException: TypeError: Cannot read properties of undefined (reading '_id')` at `AttachmentStoreStrategyGridFs.writeStreamFinished`). The current mongodb driver's GridFS `GridFSBucketWriteStream` `'finish'` event no longer passes the stored file document, so `finishedData._id` threw and killed the process (which is also why the move appeared stuck at "File 1 / 4" — the background job died mid-file and its persisted status was frozen). The GridFS strategy now reads the uploaded file id from the write stream itself (`gridFSFile._id` / `id`), the `'finish'` handler is wrapped so it can never crash the process, and a startup reconciliation clears a stale "running" move status left by a crashed run so the UI un-sticks and a new move can be started. - **Broken avatar after migrating avatars.** The bulk move only repointed card cover references (`cards.coverId`); a user's `profile.avatarUrl` still pointed at the deleted legacy `/cfs/files/avatars/<oldId>` URL, so the avatar rendered broken. The move now repoints `profile.avatarUrl` to the migrated avatar (`remapReferences` handles avatars), and migrated files stamp `meta.migratedFromId` so references can be repaired to the **exact** new file. The startup repair in `server/models/users.js` (previously a no-op: it string-replaced the URL prefix while keeping the now-deleted id and never saved the document) now points each affected user's avatar at their migrated Meteor-Files avatar — matched precisely by `meta.migratedFromId`, otherwise strictly by `userId` (newest migrated avatar first), so a user can only ever be given their own avatar, never another user's. - **`ObjectID` deprecation warning** from `models/lib/grid/createObjectId.js` (`MongoInternals.NpmModule.ObjectID` → `ObjectId`). Thanks to xet7 and Claude. - [Fix Dropdown list cannot be created with values](https://redirect.github.com/wekan/wekan/commit/e01f99eb52812df5e2754c193860002ec2716ecb). - **Fixed Dropdown custom field options not being addable / saving as empty.** Creating a "Dropdown" custom field showed the "List Options" box, but pressing Enter (or typing and saving) never added any option, and on the card the only selectable value was `(none)`. The custom-fields sidebar component was migrated from `BlazeComponent` to a plain `Template`, but the template still iterates the options with `{{#each dropdownItems.get}}` — under BlazeComponent that resolved to the instance's `dropdownItems` ReactiveVar, whereas a plain Template does not expose instance variables to the template, so the list rendered nothing. Because the options were never rendered as inputs, `getDropdownItems()` then overwrote the ReactiveVar with the empty DOM on save and every entered value was dropped. Fixed by re-adding the missing `dropdownItems` helper (returning the ReactiveVar), matching the pattern the other migrated templates already use. Thanks to Claude. - **Fixed `Exception in global helper _` when opening the Create Custom Field popup (and any translation containing a literal `%`).** i18n is configured with a global sprintf post-processor (`postProcess: ["sprintf"]`), so every translation is run through `i18next-sprintf-postprocessor`. The help text `custom-field-stringtemplate-format` (`"Format (use %{value} as placeholder)"`) contains a literal `%{value}` that sprintf cannot parse, so `vsprintf` threw and crashed the global Blaze `_` translation helper — breaking that popup and any string (in any language, including user translation overrides) that contains a stray `%`. `TAPi18n.__` now retries without the sprintf post-processor when it throws, returning the raw string (so `%{value}` is shown literally) instead of crashing. Thanks to rouceto1, xet7 and Claude. - [Fixed new checklists (and checklist items) on a newly added card not being visible until logout/login](https://redirect.github.com/wekan/wekan/commit/075e86b00e1f0dc0dea519acd37cece4d0a1fad3). The `board` publication batched checklists, checklist items, comments and attachments into board-level cursors filtered by `cardId: { $in: cardIds }`, where `cardIds` was a one-time snapshot. In `reywood:publish-composite` a child cursor only re-runs when its parent (the board) document changes, so the snapshot never refreshed when a card was added — a checklist on a card created after subscribing matched no published card and only appeared on the next subscribe (logout/login). This was a regression from the "Optimized board loading" change, which had replaced the original reactive per-card child cursors with these batched snapshots. Fixed by **denormalizing a `boardId` field onto `Checklists` and `ChecklistItems`** so they can be published with a single board-level cursor filtered by `boardId` — one cursor per collection (keeping the load optimization) that still reacts to checklists on newly added cards, because a new checklist is created already carrying the board's id. `boardId` is set on insert (server `before.insert` hooks, plus explicitly in the Trello/WeKan board importers, which use `direct.insert` and bypass hooks), re-derived when a checklist/item or its card moves to another card (`before.update` on `cardId`) or the card moves to another board (`Cards.after.update` cascade), and backfilled for existing data by an idempotent startup migration. New `{ boardId: 1 }` indexes were added on both collections. Comments and attachments instead remain reactive as per-card children of the cards cursor. Assigned-only board members still only receive checklists for cards assigned to them (the board-level cursor falls back to the assigned cards' ids for those roles). Thanks to ahlgrimma, xet7 and Claude. - [Fixed SyncedCron crash](https://redirect.github.com/wekan/wekan/commit/72767ad9a769fee2548f93bbd7174edd69995e97). **Fixed deleting archived lists (or many cards) crashing the server with `SyncedCron: Fatal error encountered (unhandledRejection): TypeError: Cannot read properties of undefined (reading 'boardId')` at `server/models/checklistItems.js`.** Deleting a list cascades into removing its cards, and each card's checklists, checklist items, comments and attachments (`cardRemover` in `models/cards.js`). `Cards.before.remove` called `cardRemover` **without `await`** (and was not `async`), so the card document was deleted first and the cascade then ran with the parent card already gone; the `ChecklistItems.before.remove` / `Checklists.before.remove` hooks dereferenced the now-undefined card (`card.boardId`) and threw, and because the promise was unhandled, SyncedCron caught the rejection and tore down all running cron jobs. Fixed by making `Cards.before.remove` `async` and awaiting `cardRemover` (so sub-items are removed while the card still exists), and the REST card-delete handler now runs `cardRemover` before removing the card. As defense in depth, every card-activity hook and helper that looked up a card and used its `boardId` / `listId` / `swimlaneId` now skips (with a warning) when the parent card — or, for checklist-completion activities, the parent checklist — is missing, instead of throwing: `before.remove` on checklist items and checklists, `Checklists.after.insert`, the `Cards.before.update` timing activity, and the shared `itemCreation` / `publishCheckActivity` / `publishChekListCompleted` / `publishChekListUncompleted` / `commentCreation` helpers (matching the guards already present in `server/models/cardComments.js`). Thanks to titver968, xet7 and Claude. - **[Fixed upgrade crash](https://redirect.github.com/wekan/wekan/commit/39f3c89b0a11c5671b77d3a0b95200ac7256a4f1) `An error occurred when creating an index for collection "users": Topology is closed` / `MongoServerSelectionError: Server selection timed out after 30000 ms`.** When WeKan started before MongoDB was reachable and had an elected replica-set primary (common right after an upgrade, while MongoDB replays its WiredTiger journal, or when the app container starts at the same instant as the database), the first index creation threw and Node exited. Now: - **WeKan waits until MongoDB is ready** (reachable, with an elected primary) before it starts, in every launch path: `start-wekan.sh`, `start-wekan.bat`, the Snap (`snap-src/bin/wekan-control`), and the app itself (`server/00waitForMongo.js` / `server/lib/mongoStartup.js`, which blocks the first `Meteor.startup` so it also protects the plain Docker image). The Docker `docker-compose.yml` and `docker-compose-multitenancy.yml` now give `wekandb` a `healthcheck` (primary elected) and the WeKan/tenant services `depends_on: condition: service_healthy`. - **If MongoDB stays unreachable for too long** (default 120s, configurable via `WEKAN_DB_WAIT_TIMEOUT`), a clear English-only message is printed to the Node.js console / `docker logs` / `snap logs` explaining that a database upgrade with `mongodump` (old MongoDB) and `mongorestore --drop` (new MongoDB) may be needed, and reminding that attachments and avatars live on disk under `WRITABLE_PATH` (`files`, `attachments`, `avatars`; on Snap `/var/snap/wekan/common/files`, on Docker the `wekan-files` volume at `/data`) and must be copied too. WeKan keeps retrying after printing it. - **Index creation is now idempotent and crash-safe.** A new `ensureIndex` helper checks the existing indexes and only creates the ones that are missing, and never throws — a single index problem is logged in English instead of taking the whole server down. All startup index creation across the model files was switched to it. Thanks to xet7 and Claude. - [Fixed OpenAPI REST API documentation generation](https://redirect.github.com/wekan/wekan/commit/c71a97cba20247ce227a288fa74ef23cb3c4c83e), which had been broken since after WeKan v7.93 and only generated docs for the `login`/`register` endpoints (2 operations) instead of the full API. The Meteor 3 migration moved the REST routes from `models/*.js` (`JsonRoutes.add(...)`) into `server/models/*.js` (`WebApp.handlers.get/post/put/delete(...)`) and introduced optional chaining (`?.`) that the `esprima` Python parser cannot read, so `openapi/generate_openapi.py` silently skipped every route file. The generator now understands both routing styles, scans both `models/` and `server/models/`, downlevels modern JS syntax so files parse, handles the `type: Array` SimpleSchema idiom, and `releases/rebuild-docs.sh` works directly with Python 3.12.x (PEP 668). The generated `public/api/wekan.yml` / `wekan.html` now cover the full API again (89 operations / 61 paths). Thanks to xet7 and Claude. - **The attachment copy API now honours the admin "Admin Panel / Attachments" API transfer limits.** Copying an attachment creates a new attachment but skipped the `apiUploadBlocked` / `apiUploadMaxBytes` checks that upload enforces; copy now respects them in both API implementations. Thanks to Claude. - [Fixed Admin Panel / Attachments / Move Attachment doing nothing / crashing](https://redirect.github.com/wekan/wekan/commit/d30803276d6d06db44f65ee1fb583cc11aac8b7b). Several issues in the bulk move: - The GridFS source matcher required `meta.gridFsFileId` to be *absent*, but Meteor-Files always sets it, so selecting "MongoDB Meteor-Files" matched zero files and "nothing happened". The matcher now recognizes real GridFS files (`versions.*.storage === 'gridfs'` or a `meta.gridFsFileId` reference), and a "nothing to move" message is shown when a source is empty instead of silently doing nothing. - Moving files crashed the whole server with `FilesCollection#findOne() not available in server` — `ReactiveCache.getAttachment` used a synchronous `findOne()`; it now uses `findOneAsync()`. The background job is also hardened so a single failing file is skipped instead of crashing the server via an unhandled rejection. - The attachment **copy** API now honours the admin API upload limits (it previously skipped them). - **Fixed the "MongoDB Meteor-Files" file-count statistic** in Admin Panel / Attachments, which counted *every* attachment metadata document (so files on the Filesystem were wrongly reported as being in GridFS). It now counts only attachments actually stored in GridFS, consistent with the move tool. Also renamed the mislabeled "Mongo-Files" column to "Meteor-Files". Thanks to Claude. - **Read legacy CollectionFS attachments and avatars in place** (without migrating). The backward-compatibility layer (`models/lib/attachmentBackwardCompatibility.js`) was broken — it looked up the GridFS binary by the filerecord `_id` and by filename instead of by `ObjectId(copies.<coll>.key)`, so legacy files were never found. It is fixed and generalized for attachments and avatars. Legacy attachments now appear in the card attachment gallery (new `legacyBoardAttachments` publication) and stream from the `cfs_gridfs.attachments` bucket, and legacy avatars (`/cfs/files/avatars/<id>` URLs) are served from the `cfs_gridfs.avatars` bucket instead of redirecting to a 404. Thanks to xet7 and Claude. - [Ask to install npm dependencies before running tests](https://redirect.github.com/wekan/wekan/commit/b77b62bfa2e7a63fdd2d2d071693d5aa485a34c5). Thanks to xet7 and Claude. Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
8318b8200c |
feat(fileflows): update image docker.io/revenz/fileflows 26.05 → 26.06 (#48814)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/revenz/fileflows | minor | `dca58ba` → `9a500ac` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlZmxvd3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |