b3e170ee606a2f7ac0faeab4e5574fb1ceade409
56704 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
b3e170ee60 |
fix(helm-deps): update chart valkey 2.3.3 → 2.3.4 (#48846)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [valkey](https://truecharts.org/charts/stable/valkey) ([source](https://redirect.github.com/bitnami/containers/tree/HEAD/bitnami/valkey)) | patch | `2.3.3` → `2.3.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWJsYXRlIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
4472545e47 | fix(filebrowser): update image docker.io/filebrowser/filebrowser v2.63.13 → v2.63.14 (#48852) | ||
|
|
92c592df4c |
feat(teslamate): update image docker.io/teslamate/teslamate 3.0.0 → 3.1.0 (#48853)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/teslamate/teslamate](https://redirect.github.com/teslamate-org/teslamate) | minor | `6569026` → `b7b8b21` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>teslamate-org/teslamate (docker.io/teslamate/teslamate)</summary> ### [`v3.1.0`](https://redirect.github.com/teslamate-org/teslamate/blob/HEAD/CHANGELOG.md#310---2026-06-07) [Compare Source](https://redirect.github.com/teslamate-org/teslamate/compare/v3.0.0...v3.1.0) MCU2 upgraded cars are now fully supported in the main release (please switch from the now deprecated mcu2 branch aka pr-4453). As always, there have been many improvements. We now use the latest version of Grafana (13.0.1+security-01). The dashboards have been improved in terms of performance, and all dashboards now function as expected even if no geofence exists. BRIN indexes are now maintained to prevent performance degradation over time. To make your TeslaMate experience even better, we have also made more than 80 other improvements. Enjoy! ##### ARMv7 deprecation This is the last TeslaMate release to include ARMv7 Docker images. To keep up with current Elixir versions, ARMv7 support will be dropped going forward. Please migrate your OS to ARM64 or AMD64 before upgrading to the next release. If this is not possible, please inform us in [#​5304](https://redirect.github.com/teslamate-org/teslamate/issues/5304). ##### New features - feat: handle sleep behavior of MCU2 upgraded cars ([#​4453](https://redirect.github.com/teslamate-org/teslamate/issues/4453) -> [f58df80](https://redirect.github.com/teslamate-org/teslamate/commit/f58df8088c3b935851e84e2f935a041fc393b3ff) - [@​micves](https://redirect.github.com/micves), [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld) and [@​brianmay](https://redirect.github.com/brianmay)) ##### Improvements and bug fixes - feat(webview): Sort vehicles by display\_priority ([#​5188](https://redirect.github.com/teslamate-org/teslamate/issues/5188) - [@​olsoybakk](https://redirect.github.com/olsoybakk) and [@​swiffer](https://redirect.github.com/swiffer)) - feat(webview): Make icons inherit text color for better contrast in dark mode ([#​5193](https://redirect.github.com/teslamate-org/teslamate/issues/5193) - [@​olsoybakk](https://redirect.github.com/olsoybakk)) - feat(webview): Add dark mode support for background and buttons in the map ([#​5240](https://redirect.github.com/teslamate-org/teslamate/issues/5240) - [@​olsoybakk](https://redirect.github.com/olsoybakk) and [@​swiffer](https://redirect.github.com/swiffer)) - fix(webview): Prevent rounding of map tiles via Bulma CSS ([#​5265](https://redirect.github.com/teslamate-org/teslamate/issues/5265) - [@​swiffer](https://redirect.github.com/swiffer)) - perf: ensure BRIN indexes don't degrade over time ([#​5276](https://redirect.github.com/teslamate-org/teslamate/issues/5276) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: fix folder creation and bash 3.2 compatibility in dashboards.sh ([#​5233](https://redirect.github.com/teslamate-org/teslamate/issues/5233) - [@​svennergr](https://redirect.github.com/svennergr)) - fix: handle nil tire pressure values in summary view ([#​5297](https://redirect.github.com/teslamate-org/teslamate/issues/5297) - [@​elemated](https://redirect.github.com/elemated)) - feat: use Grafana 13.0.1+security-01 ([#​5324](https://redirect.github.com/teslamate-org/teslamate/issues/5324) - [@​swiffer](https://redirect.github.com/swiffer)) ##### Build, CI, internal - build(deps): bump ex\_cldr from 2.46.0 to 2.47.1 to fix 100% CPU lock when accessing TeslaMate web ([#​5166](https://redirect.github.com/teslamate-org/teslamate/issues/5166)) - ci: migrate runners for arm from buildjet to gha native ([#​5206](https://redirect.github.com/teslamate-org/teslamate/issues/5206) - [@​adriankumpf](https://redirect.github.com/adriankumpf)) - ci: limit DevOps workflow runs of type push to branch main to prevent duplicate runs on PR ([#​5211](https://redirect.github.com/teslamate-org/teslamate/issues/5211) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): update flake.lock ([#​5186](https://redirect.github.com/teslamate-org/teslamate/issues/5186)) - fix(nix): update mix dependency hash in nix builds ([#​5186](https://redirect.github.com/teslamate-org/teslamate/issues/5186) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump actions/stale from 10.1.1 to 10.2.0 ([#​5162](https://redirect.github.com/teslamate-org/teslamate/issues/5162)) - build(deps): bump crate-ci/typos from 1.42.3 to 1.44.0 ([#​5163](https://redirect.github.com/teslamate-org/teslamate/issues/5163)) - build(deps): bump finch from 0.20.0 to 0.21.0 ([#​5165](https://redirect.github.com/teslamate-org/teslamate/issues/5165)) - build(deps): bump immutable from 5.1.4 to 5.1.5 in /assets ([#​5176](https://redirect.github.com/teslamate-org/teslamate/issues/5176)) - build(deps): bump svgo from 3.3.2 to 3.3.3 in /website ([#​5177](https://redirect.github.com/teslamate-org/teslamate/issues/5177)) - ci: bump actions to avoid warnings for node 20 ([#​5213](https://redirect.github.com/teslamate-org/teslamate/issues/5213) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: ensure fully purging PR related tags for images hosted on GHCR on PR close ([#​5212](https://redirect.github.com/teslamate-org/teslamate/issues/5212) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: build images for main branch and use buildcache of main as fallback for PR builds ([#​5212](https://redirect.github.com/teslamate-org/teslamate/issues/5212) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: run Purge PR images workflow only if PR is from our own repo ([#​5217](https://redirect.github.com/teslamate-org/teslamate/issues/5217) - [@​swiffer](https://redirect.github.com/swiffer)) - ci: for check\_paths ensure the job value is retrieved and set as workflow output correctly ([#​5219](https://redirect.github.com/teslamate-org/teslamate/issues/5219) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump castore from 1.0.17 to 1.0.18 ([#​5255](https://redirect.github.com/teslamate-org/teslamate/issues/5255)) - build(deps-dev): bump credo from 1.7.16 to 1.7.17 ([#​5254](https://redirect.github.com/teslamate-org/teslamate/issues/5254)) - build(deps): bump floki from 0.38.0 to 0.38.1 ([#​5249](https://redirect.github.com/teslamate-org/teslamate/issues/5249)) - build(deps): bump crate-ci/typos from 1.44.0 to 1.45.0 ([#​5251](https://redirect.github.com/teslamate-org/teslamate/issues/5251)) - build(deps): bump actions/cache from 5.0.3 to 5.0.4 ([#​5248](https://redirect.github.com/teslamate-org/teslamate/issues/5248)) - build(deps): bump dorny/paths-filter from 4.0.0 to 4.0.1 ([#​5247](https://redirect.github.com/teslamate-org/teslamate/issues/5247)) - build(deps): bump ecto\_sql from 3.13.4 to 3.13.5 ([#​5260](https://redirect.github.com/teslamate-org/teslamate/issues/5260) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump ex\_cldr from 2.47.1 to 2.47.2 ([#​5260](https://redirect.github.com/teslamate-org/teslamate/issues/5260) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps-dev): bump esbuild from 0.27.3 to 0.27.7 in /assets ([#​5261](https://redirect.github.com/teslamate-org/teslamate/issues/5261) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps-dev): bump esbuild-sass-plugin from 3.6.0 to 3.7.0 in /assets ([#​5261](https://redirect.github.com/teslamate-org/teslamate/issues/5261) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps-dev): bump sass from 1.97.3 to 1.99.0 in /assets ([#​5261](https://redirect.github.com/teslamate-org/teslamate/issues/5261) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): update packages in /website and remove obsolete overrides ([#​5266](https://redirect.github.com/teslamate-org/teslamate/issues/5266) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): update flake.lock ([#​5275](https://redirect.github.com/teslamate-org/teslamate/issues/5275)) - build(deps): update flake.lock ([#​5288](https://redirect.github.com/teslamate-org/teslamate/issues/5288)) - build(deps): bump docusaurus from 3.9.2 to 3.10.0 in /website ([#​5302](https://redirect.github.com/teslamate-org/teslamate/issues/5302) - [@​swiffer](https://redirect.github.com/swiffer)) - refactor: replace fake\_online\_state integer with typed mcu2\_online\_check atom ([#​5245](https://redirect.github.com/teslamate-org/teslamate/issues/5245) - [@​brianmay](https://redirect.github.com/brianmay)) - fix: update GitHub Actions configuration for Dependabot to include action directories ([#​5316](https://redirect.github.com/teslamate-org/teslamate/issues/5316) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump docker/login-action from 4.0.0 to 4.1.0, docker/build-push-action from 7.0.0 to 7.1.0, actions/upload-artifact from 7.0.0 to 7.0.1, actions/upload-artifact/merge from 7.0.0 to 7.0.1, erlef/setup-beam from 1.18.1 to 1.24.0, actions/cache from 5.0.4 to 5.0.5, actions/cache/restore from 5.0.4 to 5.0.5, actions/cache/save from 5.0.4 to 5.0.5 and crate-ci/typos from 1.45.0 to 1.46.0 ([#​5317](https://redirect.github.com/teslamate-org/teslamate/issues/5317)) - build(deps): bump leaflet-geoman-free from 2.19.2 to 2.19.3 in /assets ([#​5301](https://redirect.github.com/teslamate-org/teslamate/issues/5301) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump plug\_cowboy from 2.8.0 to 2.8.1 ([#​5314](https://redirect.github.com/teslamate-org/teslamate/issues/5314)) - build(deps-dev): bump esbuild from 0.27.7 to 0.28.0 in /assets ([#​5312](https://redirect.github.com/teslamate-org/teslamate/issues/5312)) - build(deps-dev): bump credo from 1.7.17 to 1.7.18 ([#​5315](https://redirect.github.com/teslamate-org/teslamate/issues/5315)) - sec(deps): add uuid override to version 14.0.0 in /website ([#​5320](https://redirect.github.com/teslamate-org/teslamate/issues/5320) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump [@​babel/plugin-transform-modules-systemjs](https://redirect.github.com/babel/plugin-transform-modules-systemjs) from 7.29.0 to 7.29.4 in /website ([#​5328](https://redirect.github.com/teslamate-org/teslamate/issues/5328)) - build(deps): bump fast-uri from 3.1.0 to 3.1.2 in /website ([#​5327](https://redirect.github.com/teslamate-org/teslamate/issues/5327)) - build(deps): update flake.lock ([#​5326](https://redirect.github.com/teslamate-org/teslamate/issues/5326)) - sec(deps): fix OSV vulnerabilities - update cowlib, decimal, and phoenix to patched versions ([#​5332](https://redirect.github.com/teslamate-org/teslamate/issues/5332) - [@​brianmay](https://redirect.github.com/brianmay)) - ci: add osv scanner to scan for vulnerabilities ([#​5332](https://redirect.github.com/teslamate-org/teslamate/issues/5332) - [@​brianmay](https://redirect.github.com/brianmay) and [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): update flake.lock ([#​5338](https://redirect.github.com/teslamate-org/teslamate/issues/5338)) - refactor: use frame key when specifying window to improve readability ([#​5339](https://redirect.github.com/teslamate-org/teslamate/issues/5339) - [@​swiffer](https://redirect.github.com/swiffer)) - build(deps): bump cowlib from 2.16.0 to 2.16.1 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump cowboy from 2.14.2 to 2.15.0 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump plug from 1.19.1 to 1.19.2 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump postgrex from 0.22.0 to 0.22.2 and db\_connection from 2.9.0 to 2.10.1 ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): update flake.lock ([#​5342](https://redirect.github.com/teslamate-org/teslamate/issues/5342) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump webpack-dev-server from 5.2.3 to 5.2.4 in /website ([#​5343](https://redirect.github.com/teslamate-org/teslamate/issues/5343)) - sec(deps): add ws override to version 8.20.1 in /website ([#​5344](https://redirect.github.com/teslamate-org/teslamate/issues/5344) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - feat(nix): update NixOS version to 26.05 ([#​5350](https://redirect.github.com/teslamate-org/teslamate/issues/5350) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - fix(nix): correct URL format for PostgreSQL connection in Grafana 13+ ([#​5351](https://redirect.github.com/teslamate-org/teslamate/issues/5351) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - fix(nix): make grafana.secretKeyFile optional with old insecure grafana default fallback ([#​5352](https://redirect.github.com/teslamate-org/teslamate/issues/5352) - [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) - build(deps): bump ex\_cldr from 2.47.2 to 2.47.4 ([#​5361](https://redirect.github.com/teslamate-org/teslamate/issues/5361)) - ci(deps): bump the actions-deps group across 4 directories with 11 updates ([#​5368](https://redirect.github.com/teslamate-org/teslamate/issues/5368)) - build(deps): update flake.lock ([#​5354](https://redirect.github.com/teslamate-org/teslamate/issues/5354)) - build(deps): bump finch from 0.21.0 to 0.22.0 ([#​5358](https://redirect.github.com/teslamate-org/teslamate/issues/5358)) - build(deps): bump react and react-dom from 19.2.5 to 19.2.6 in /website ([#​5366](https://redirect.github.com/teslamate-org/teslamate/issues/5366)) - build(deps-dev): bump sass from 1.99.0 to 1.100.0 in /assets ([#​5360](https://redirect.github.com/teslamate-org/teslamate/issues/5360)) - build(deps): bump [@​docusaurus/core](https://redirect.github.com/docusaurus/core), /faster and /preset-classic from 3.10.0 to 3.10.1 in /website ([#​5365](https://redirect.github.com/teslamate-org/teslamate/issues/5365)) ##### Dashboards - fix: use FLOOR/CEIL over ROUND for timestamps used in dashboard links to avoid timeranges becoming to narrow ([#​5187](https://redirect.github.com/teslamate-org/teslamate/issues/5187) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: ensure Charges / Drives dashboards load correctly if no Geofence exists ([#​5199](https://redirect.github.com/teslamate-org/teslamate/issues/5199), [#​5335](https://redirect.github.com/teslamate-org/teslamate/issues/5335) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: division by zero in SQL query for cost\_mileage in Trips dashboard ([#​5198](https://redirect.github.com/teslamate-org/teslamate/issues/5198) - [@​DrMichael](https://redirect.github.com/DrMichael)) - fix: handle incomplete data correctly in Charging Stats / Statistics / Trips dashboards ([#​5229](https://redirect.github.com/teslamate-org/teslamate/issues/5229) - [@​swiffer](https://redirect.github.com/swiffer)) - feat: enable timepicker in efficiency dashboard ([#​5257](https://redirect.github.com/teslamate-org/teslamate/issues/5257) - [@​swiffer](https://redirect.github.com/swiffer)) - fix: ensure low precision mode is used for consumption gross for larger intervals ([#​5257](https://redirect.github.com/teslamate-org/teslamate/issues/5257) - [@​swiffer](https://redirect.github.com/swiffer)) - feat: improve filters in Statistics dashboard ([#​5340](https://redirect.github.com/teslamate-org/teslamate/issues/5340) - [@​DrMichael](https://redirect.github.com/DrMichael)) - feat: add geofence filter to Charging Stats dashboard with default to all ([#​5355](https://redirect.github.com/teslamate-org/teslamate/issues/5355) - [@​faekz0r](https://redirect.github.com/faekz0r)) ##### Translations - i18n: updated Catalan default.po ([#​5180](https://redirect.github.com/teslamate-org/teslamate/issues/5180) - [@​pellix](https://redirect.github.com/pellix)) - i18n: Update Korean translations in default.po ([#​5218](https://redirect.github.com/teslamate-org/teslamate/issues/5218) - [@​dongbum](https://redirect.github.com/dongbum)) ##### Documentation - docs: drop private schema before restore ([#​5190](https://redirect.github.com/teslamate-org/teslamate/issues/5190) - [@​brianmay](https://redirect.github.com/brianmay)) - docs: remove references to mcu2-upgraded-cars branch ([#​5371](https://redirect.github.com/teslamate-org/teslamate/issues/5371)- [@​brianmay](https://redirect.github.com/brianmay)) - docs: update DROP SCHEMA commands to include IF EXISTS to avoid issues with old installations ([@​5372-](https://redirect.github.com/5372-) [@​JakobLichterfeld](https://redirect.github.com/JakobLichterfeld)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90ZXNsYW1hdGUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |
||
|
|
b57f910261 |
fix(cops): update image lscr.io/linuxserver/cops 4.3.3 → 4.3.5 (#48851)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [lscr.io/linuxserver/cops](https://redirect.github.com/linuxserver/docker-cops/packages) ([source](https://redirect.github.com/linuxserver/docker-cops)) | patch | `b8c59e4` → `f69e6c0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jb3BzIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
b30fe8dbf0 |
chore(kitchenowl): update image docker.io/tombursch/kitchenowl digest to 3406168 (#48848)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/tombursch/kitchenowl | digest | `9f8d7e7` → `3406168` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9raXRjaGVub3dsIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
64dc210088 |
chore(mariadb): update image docker.io/bitnamisecure/mariadb digest to 09ef3a5 (#48849)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/mariadb | digest | `107ba8c` → `09ef3a5` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tYXJpYWRiIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
da2ad27f6e |
chore(tt-rss): update image ghcr.io/tt-rss/tt-rss digest to c52f10e (#48850)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/tt-rss/tt-rss | digest | `3c626f5` → `c52f10e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dC1yc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
713ac4c54b |
chore(anything-llm): update image ghcr.io/mintplex-labs/anything-llm digest to 7331f62 (#48764)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/mintplex-labs/anything-llm | digest | `063af65` → `7331f62` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hbnl0aGluZy1sbG0iLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
32b722f7c6 | feat(ghostfolio): update image docker.io/ghostfolio/ghostfolio 3.7.0 → 3.8.0 (#48847) | ||
|
|
f527a6ddb4 |
chore(mylar): update image lscr.io/linuxserver/mylar3 digest to 9722737 (#48843)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [lscr.io/linuxserver/mylar3](https://redirect.github.com/linuxserver/docker-mylar3/packages) ([source](https://redirect.github.com/linuxserver/docker-mylar3)) | digest | `fef977a` → `9722737` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9teWxhciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
39bc5d1bde |
chore(lyrion-music-server): update image docker.io/lmscommunity/lyrionmusicserver digest to c6cdce2 (#48842)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/lmscommunity/lyrionmusicserver | digest | `573e4b6` → `c6cdce2` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9seXJpb24tbXVzaWMtc2VydmVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
ef58566669 |
chore(yacy): update image docker.io/yacy/yacy_search_server digest to 5a12196 (#48845)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/yacy/yacy_search_server | digest | `d6414ba` → `5a12196` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95YWN5IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
46c1944ec2 |
chore(nitter): update image docker.io/zedeus/nitter digest to 8987a08 (#48844)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/zedeus/nitter | digest | `1825a2a` → `8987a08` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9uaXR0ZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
51850b8ffc | chore(mysql-workbench): update image ghcr.io/linuxserver/mysql-workbench digest to 4899288 (#48834) | ||
|
|
fd8755ef58 |
fix(minecraft-router): update image docker.io/itzg/mc-router 1.43.0 → 1.43.1 (#48841)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/itzg/mc-router](https://redirect.github.com/itzg/mc-router) | patch | `1a7bdbd` → `b4f4c50` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>itzg/mc-router (docker.io/itzg/mc-router)</summary> ### [`v1.43.1`](https://redirect.github.com/itzg/mc-router/releases/tag/v1.43.1) [Compare Source](https://redirect.github.com/itzg/mc-router/compare/v1.43.0...v1.43.1) #### What's Changed - Upgrade to Go 1.26.4 by [@​itzg](https://redirect.github.com/itzg) in [#​554](https://redirect.github.com/itzg/mc-router/pull/554) **Full Changelog**: <https://github.com/itzg/mc-router/compare/v1.43.0...v1.43.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9taW5lY3JhZnQtcm91dGVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
57c716e4cd |
chore(tubesync): update image ghcr.io/meeb/tubesync digest to f1ff9e5 (#48837)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/meeb/tubesync | digest | `aa89fc9` → `f1ff9e5` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90dWJlc3luYyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
c2d8f414eb |
chore(pyload-ng): update image lscr.io/linuxserver/pyload-ng digest to a7f125b (#48835)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | lscr.io/linuxserver/pyload-ng | digest | `865c0e1` → `a7f125b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9weWxvYWQtbmciLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
28743b8766 |
chore(firefox): update image ghcr.io/linuxserver/firefox digest to a9e20f7 (#48833)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/firefox](https://redirect.github.com/linuxserver/docker-firefox/packages) ([source](https://redirect.github.com/linuxserver/docker-firefox)) | digest | `108231e` → `a9e20f7` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maXJlZm94IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
b569130968 | chore(dashy): update image ghcr.io/lissy93/dashy digest to 567eea6 (#48832) | ||
|
|
57c731d702 |
chore(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine digest to 3e12711 (#48831)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | digest | `47943cb` → `3e12711` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
c181a5467b |
chore(wordpress): update image docker.io/bitnamisecure/wordpress digest to 4afe239 (#48839)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/wordpress | digest | `0a93698` → `4afe239` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93b3JkcHJlc3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
aa7af8cf79 |
chore(valkey): update image docker.io/bitnamisecure/valkey digest to 5ce04fc (#48838)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/valkey | digest | `50df82d` → `5ce04fc` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC92YWxrZXkiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
bc30787ddc | fix(wallos): update image ghcr.io/ellite/wallos 4.9.3 → 4.9.5 (#48830) | ||
|
|
4563276d21 |
chore(speedtest-tracker): update image ghcr.io/linuxserver/speedtest-tracker digest to c3750c4 (#48827)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/speedtest-tracker](https://redirect.github.com/linuxserver/docker-speedtest-tracker/packages) ([source](https://redirect.github.com/linuxserver/docker-speedtest-tracker)) | digest | `79c0063` → `c3750c4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9zcGVlZHRlc3QtdHJhY2tlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
833cc8a867 |
chore(openvscode-server): update image ghcr.io/linuxserver/openvscode-server digest to a494986 (#48826)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/openvscode-server](https://redirect.github.com/linuxserver/docker-openvscode-server/packages) ([source](https://redirect.github.com/linuxserver/docker-openvscode-server)) | digest | `b87a986` → `a494986` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vcGVudnNjb2RlLXNlcnZlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
4f294354d0 |
chore(kdenlive): update image lscr.io/linuxserver/kdenlive digest to 3b98f1e (#48824)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | lscr.io/linuxserver/kdenlive | digest | `9a8807f` → `3b98f1e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9rZGVubGl2ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
04fbc43fc0 |
chore(traccar): update image docker.io/traccar/traccar digest to f187e0b (#48829)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/traccar/traccar](https://redirect.github.com/traccar/traccar) | digest | `a239e4d` → `f187e0b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90cmFjY2FyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
54540bafdc |
chore(automatic-ripping-machine): update image docker.io/automaticrippingmachine/automatic-ripping-machine digest to 47943cb (#48822)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/automaticrippingmachine/automatic-ripping-machine](https://redirect.github.com/automatic-ripping-machine/automatic-ripping-machine) | digest | `c03a556` → `47943cb` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hdXRvbWF0aWMtcmlwcGluZy1tYWNoaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
2fdd196a99 |
chore(adminer): update image adminer digest to 8326681 (#48821)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | adminer | digest | `cc64d25` → `8326681` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9hZG1pbmVyIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
e6fa3552c2 |
chore(iyuuplus): update image docker.io/iyuucn/iyuuplus digest to 506e078 (#48823)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/iyuucn/iyuuplus | digest | `db94aeb` → `506e078` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9peXV1cGx1cyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
aab2279470 | chore(tachidesk-docker): update image ghcr.io/suwayomi/tachidesk digest to a2961cc (#48828) | ||
|
|
b00184c720 |
chore(mongodb): update image docker.io/bitnamisecure/mongodb digest to 594309a (#48825)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/mongodb | digest | `f8e4213` → `594309a` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tb25nb2RiIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
c70569ab43 |
chore(redis): update image docker.io/bitnamisecure/redis digest to 6e7a020 (#48746)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/bitnamisecure/redis | digest | `1347d52` → `6e7a020` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9yZWRpcyIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvZGlnZXN0Il19--> |
||
|
|
46fd3c63f9 |
fix(helm-deps): update chart mongodb 17.3.3 → 17.3.4 (#48750)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [mongodb](https://truecharts.org/charts/stable/mongodb) ([source](https://redirect.github.com/bitnami/bitnami-docker-mongodb)) | patch | `17.3.3` → `17.3.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC95b3V0dWJlZGwtbWF0ZXJpYWwiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
1653069d50 |
fix(outline): update image docker.io/outlinewiki/outline 1.8.0 → 1.8.1 (#48820)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/outlinewiki/outline](https://redirect.github.com/outline/outline) | patch | `bbaac34` → `e224dcb` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>outline/outline (docker.io/outlinewiki/outline)</summary> ### [`v1.8.1`](https://redirect.github.com/outline/outline/releases/tag/v1.8.1) [Compare Source](https://redirect.github.com/outline/outline/compare/v1.8.0...v1.8.1) #### What's Changed ##### Improvements - Drag-and-drop now supports dragging from document lists in [#​12587](https://redirect.github.com/outline/outline/pull/12587) - Add admin interface to change user avatars in [#​12405](https://redirect.github.com/outline/outline/pull/12405) - Add automatic metrics tagging of outgoing emails in [#​12570](https://redirect.github.com/outline/outline/pull/12570) - Various improvements to mobile styling and layout in [#​12577](https://redirect.github.com/outline/outline/pull/12577), [#​12576](https://redirect.github.com/outline/outline/pull/12576) ##### Fixes - Fixed search term highlights missing on navigation from search in [#​12598](https://redirect.github.com/outline/outline/pull/12598) - Fixed an intermitent issue where sidebar element is not correctly active on first load in [#​12566](https://redirect.github.com/outline/outline/pull/12566) - Scrollbar no longer causes horizontal movement in comments sidebar in [#​12565](https://redirect.github.com/outline/outline/pull/12565) - Added protection against timing attacks on notification unsubscribe endpoints in [#​12551](https://redirect.github.com/outline/outline/pull/12551) - Icon picker is no longer auto-closed on choice in [#​12573](https://redirect.github.com/outline/outline/pull/12573) - Access requests can now be approved by collection managers in [#​12579](https://redirect.github.com/outline/outline/pull/12579) - Collection title and icon inline are now editable like documents in [#​12574](https://redirect.github.com/outline/outline/pull/12574) - Increased valid user-supplied URL length to 1024 in [#​12585](https://redirect.github.com/outline/outline/pull/12585) - Added handling of unhandled server error in MCP route in [#​12586](https://redirect.github.com/outline/outline/pull/12586) - Fixed sticky table header styling in Safari in [#​12590](https://redirect.github.com/outline/outline/pull/12590) - Private IP lookup is now invalid request rather than internal error in [#​12592](https://redirect.github.com/outline/outline/pull/12592) - Improved worker performance through caching in [#​12593](https://redirect.github.com/outline/outline/pull/12593) - chore: Improve handling of "expected" network errors from webhooks in [#​12599](https://redirect.github.com/outline/outline/pull/12599) - Mermaid is no longer persisted as last used coding language in [#​12601](https://redirect.github.com/outline/outline/pull/12601) - Fixed `collaboratorIds` iterable error when handling very old documents in [#​12602](https://redirect.github.com/outline/outline/pull/12602) - Fixed correct support for hard break serialization for commonMark in [#​12603](https://redirect.github.com/outline/outline/pull/12603) - Added email verification check during sign-in flow in [#​12605](https://redirect.github.com/outline/outline/pull/12605) **Full Changelog**: <https://github.com/outline/outline/compare/v1.8.0...v1.8.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vdXRsaW5lIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
f35d415024 |
fix(oscam): update image ghcr.io/linuxserver/oscam 11964-ls15 → 11965-ls15 (#48819)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/linuxserver/oscam](https://redirect.github.com/linuxserver/docker-oscam/packages) ([source](https://redirect.github.com/linuxserver/docker-oscam)) | patch | `d875f86` → `8e239f0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>linuxserver/docker-oscam (ghcr.io/linuxserver/oscam)</summary> ### [`v11965-ls15`](https://redirect.github.com/linuxserver/docker-oscam/releases/tag/11965-ls15) [Compare Source](https://redirect.github.com/linuxserver/docker-oscam/compare/11964-ls15...11965-ls15) **CI Report:** <https://ci-tests.linuxserver.io/linuxserver/oscam/11965-ls15/index.html> **LinuxServer Changes:** No changes **Remote Changes:** Updating to 11965 </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9vc2NhbSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
3e21935875 |
chore(jelu): update image docker.io/wabayang/jelu digest to 721680d (#48818)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/wabayang/jelu | digest | `4f0895a` → `721680d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9qZWx1IiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9kaWdlc3QiXX0=--> |
||
|
|
383982aa80 | simplify forgetool setup | ||
|
|
1c6d7fd9dd |
feat(wekan): update image docker.io/wekanteam/wekan v9.34 → v9.35 (#48816)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/wekanteam/wekan](https://redirect.github.com/wekan/wekan) | minor | `894f63f` → `7f926f0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>wekan/wekan (docker.io/wekanteam/wekan)</summary> ### [`v9.35`](https://redirect.github.com/wekan/wekan/blob/HEAD/CHANGELOG.md#v935-2026-06-06-WeKan--release) [Compare Source](https://redirect.github.com/wekan/wekan/compare/v9.34...v9.35) TLDR: - Admin Panel/Attachments/Move Files works: CollectionFS/Meteor-Files/S3/Azure Blob/Google Cloud Storage. - To have attachments and avatars visible, move them from CollectionFS to any other Storage - To upgrade, mongodump/mongorestore (older with [LD\_LIBRARY\_PATH](https://redirect.github.com/wekan/wekan/blob/main/docs/Backup/Backup.md#backup-wekan-snap-to-directory-dump)) to MongoDB 7.x, and copy WRITABLE\_PATH files/attachments/avatars if exists, at Snap /var/snap/wekan/common/files/, at Docker /data/files etc. This release adds the following [CRITICAL SECURITY FIXES](https://redirect.github.com/wekan/wekan/commit/357de728c03113b787065bac2c5832ad77f1a117): - [Fix GHSA-qfqv-42qw-vvwh: `cloneBoard` Meteor method has no authorization check — any user can clone (read) any private board by ID (CWE-639, CWE-862)](https://redirect.github.com/wekan/wekan/security/advisories/GHSA-qfqv-42qw-vvwh). The `cloneBoard` Meteor method in `models/import.js` copied an entire board — including all cards, comments, attachments, member info and activities — identified solely by a caller-supplied `sourceBoardId`, and performed no authorization check: it never verified that the calling user was a member of (or otherwise permitted to read) the source board. Any authenticated Wekan user who knew a board's ID (board IDs appear in board URLs and remain known to removed members) could call `Meteor.call('cloneBoard', '<targetBoardId>')` over DDP and obtain a permanent, fully-readable copy of that board's contents, even for private boards they had no access to. The method called `exporter.build()` directly, skipping the `canExport()` guard (`models/exporter.js`) that the REST export route correctly enforces. Fixed by requiring `this.userId` and running the same `exporter.canExport(user)` check the export route uses before building/cloning the board, so cloning a board now requires the same read authorization as exporting it. CVSS 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Thanks to dizconnectz for the coordinated disclosure, xet7 and Claude. and, while fixing the above, the following similar authorization issues found by code review were fixed (the [CloneBleed](https://wekan.fi/hall-of-fame/clonebleed/) group): - [Fix authorization guards that silently never ran in attachment, list, checklist, migration and webhook server methods (CWE-862, CWE-639)](https://redirect.github.com/wekan/wekan/blob/main/docs/hall-of-fame/clonebleed/). A review for the same class of bug as `cloneBoard` found several server-side methods whose access checks were present in the source but never actually enforced, plus a few methods missing a check entirely: - `server/models/checklists.js` `moveChecklist`: the membership guard called `allowIsBoardMemberByCard(...)`, but that helper is `async` and was both unimported and un-awaited, so `!allowIsBoardMemberByCard(...)` evaluated `!Promise` (always `false`) and the check never ran — any logged-in user could move a checklist between cards on boards they cannot access. Now imported and awaited, and login is required. - `server/models/lists.js` `updateListSort`: the guard read `typeof allowIsBoardMember === 'function' && !allowIsBoardMember(...)`, but `allowIsBoardMember` was never imported, so the `typeof` was always `false` and the guard never ran — any caller could reorder/re-assign any board's lists by ID. Replaced with a real `hasBoardWriteAccess` check, plus a check that the list actually belongs to the named board, and a login check. - `server/attachmentApi.js` and `server/routes/attachmentApi.js`: the attachment Meteor methods and REST handlers called `board.isBoardMember(...)`, which is not a method on the board model, so the permission check never behaved as intended. Replaced with the real `board.hasMember(...)`, and the upload path now also verifies the target card actually belongs to the named board (so `boardId` cannot be spoofed to a board the caller is a member of). - `server/models/users.js` `applyListWidth`: stored per-board list width with no authorization. Now requires the caller to be a member of the board and requires the list to belong to that board. - `server/models/boards.js` `getBackgroundImageURL`: returned any board's background image URL by ID. Now requires the board to be visible to the caller. - `server/migrations/fixMissingListsMigration.js` and `server/migrations/migrateAttachments.js`: the migration status/execute methods only checked that the caller was logged in. Reading status now requires board visibility, executing a board-rewriting migration now requires board admin (or instance admin), and the attachment migration methods now require board access (global status reads require instance admin). - `server/notifications/outgoing.js`: the webhook delivery method trusted the caller-supplied `integration` object and only checked that *some* integration with that URL existed. It now verifies a matching integration exists on its own board and that the caller is a member of that board, closing a path where any authenticated user could drive webhooks (and, via the two-way response path, overwrite comments) on boards they cannot access. - `server/models/userPositionHistory.js`: the `userPositionHistory.createCheckpoint`, `.getRecent`, `.getCheckpoints` and `.restoreToCheckpoint` methods only checked that the caller was logged in, even though the sibling `positionHistory.track*` methods (`server/methods/positionHistory.js`) already require the board to be visible to the caller — the same PositionHistoryBleed class fixed in v8.20/v8.21. All four now require board visibility (via the shared `isVisibleBy` guard) before reading or restoring position history scoped to a board. Thanks to xet7 and Claude. and, while auditing that client-side permission checks are also enforced server-side, the following gaps where the server did not re-verify a UI-gated permission were fixed: - [Fix client-side permission gates not re-verified server-side (CWE-862, CWE-269)](https://redirect.github.com/wekan/wekan/blob/main/docs/hall-of-fame/clonebleed/). The browser UI hides certain actions from read-only members and from non-admins, but those are cosmetic — the server-side `allow` rules and Meteor methods must enforce the same role. An audit found four places that did not: - `server/permissions/customFields.js`: the Custom Field `allow` insert/update/remove rules used `allowIsAnyBoardMember` (mere membership), so read-only/comment-only/worker members could create/modify/delete Custom Fields (board-wide schema) via direct DDP collection writes — the same read-only-write class as GHSA-6733, which had only fixed the REST path. Now uses the new `allowIsAnyBoardMemberWithWriteAccess` write-access helper. - `server/permissions/cardCommentReactions.js`: the reaction `allow` rules used `allowIsBoardMember`, letting read-only members add/remove comment reactions. Reacting is a form of commenting, so it now uses `allowIsBoardMemberCommentOnly` (Normal/Comment-only allowed, Read-only/No-comments denied), matching `CardComments.insert`. - `server/models/boards.js` `archiveBoard`: only required board membership, so any member (including read-only) could archive a board (hiding it for everyone) over DDP, although the UI gates archiving behind board admin. Now requires board admin (or global admin), matching the `Boards.allow` update/remove rules. - `server/models/settings.js` `sendSMTPTestEmail`: only required login, so any authenticated user could trigger the server to send an SMTP test (and have the server's SMTP error messages surfaced to them), although the UI gates it behind global admin. Now requires global admin. Thanks to xet7 and Claude. and, in the same access-control audit, the attachment write API was tightened: - **Security: attachment write operations in the REST/DDP API now require board write access, not just membership (CWE-862, CWE-639).** Both attachment API implementations (`server/routes/attachmentApi.js` HTTP routes and `server/attachmentApi.js` Meteor methods) gated upload / copy / move / delete on `board.hasMember()`, which is true for any active member regardless of role. This let read-only, comment-only, no-comments, worker and assigned-only board members add, copy, move and delete attachments through the API — actions the UI forbids for those roles. They now require board write access (global site admins still allowed); read operations (download / list / info) keep membership-level access. Added security tests in `server/lib/tests/attachmentApi.tests.js`. Thanks to xet7 and Claude. and adds the following new features: - **[Admin Panel / Attachments](https://redirect.github.com/wekan/wekan/commit/a86a087915aac9d204e157b1a698091c079e04e6): "Calculate file counts" on every storage backend, shown right below the "Read" toggle.** Azure Blob Storage and Google Cloud Storage now have a "Calculate file counts" button (new `getAzureStorageStats` / `getGcsStorageStats` methods) that reports how many attachments and avatars are stored on that backend, matching what Filesystem, MongoDB GridFS and S3 already offer. The count is read from the stored file metadata (fast, no cloud API calls). The S3 button was also moved up to sit directly under its "Read" checkbox, so all backends are consistent. Thanks to Claude. - \*\*[Admin Panel / Attachments: the MongoDB GridFS page notes how to make legacy files visible](https://redirect.github.com/wekan/wekan/commit/dca9427bfb58532778bc705e4c8c8014ba4b01ae). \*\* A translatable line under the "MongoDB GridFS Storage" title reminds admins: "To have attachments and avatars visible, move them from CollectionFS to any other Storage." Thanks to Claude. - **Admin Panel / Attachments: the Google Cloud Storage page now documents the required bucket permission.** A note under the "GCS Storage" title explains that the service account needs the **Storage Object Admin** role (`roles/storage.objectAdmin`) on the bucket (Cloud Console → Cloud Storage → Buckets → your bucket → Permissions → Grant access → add the service account → role "Storage Object Admin"), and that the bucket must exist in the same project — otherwise "Test connection" fails with `storage.objects.list denied`. Thanks to xet7 and Claude. - **Admin Panel / Attachments: a "Save" button next to the Enabled / Read toggles at the top of each cloud storage.** S3, Azure and Google Cloud Storage now have a Save button directly below the "\[ ] Enabled \[ ] Read" row, so those toggles can be saved without scrolling to the bottom of the (now quite long) storage page. It saves the same way as the existing bottom Save button — the server merges that provider's config and preserves secrets left blank — and the bottom Save button is kept. (Filesystem and GridFS have only a Read toggle, which already saves the instant it is toggled, so they need no button.) Thanks to Claude. - **Admin Panel / Attachments: bilingual, self-documenting cloud-storage fields (S3, Azure and Google Cloud Storage).** Each cloud-storage setting now guides the admin from top to bottom with both English and translated text, so it is easy to follow along while clicking through the provider's Cloud Console: - the field **label** uses the provider's own console wording in English (e.g. *Access key ID*, *Secret access key*, *Storage account key*, *Service account key (JSON)*), with the translated label shown below it; - a literal **example** of what the value should look like (e.g. `eu-west-1`, an example bucket name / endpoint / connection string), which is intentionally not translated; - a short **description** of the value, in English and then translated; - the **Cloud Console menu path** showing exactly where to find or create the value (e.g. *AWS Console → IAM → Users → your user → Security credentials → Access keys → Create access key*; *Azure Portal → Storage accounts → your account → Access keys → key1*; *Google Cloud Console → IAM & Admin → Service accounts → … → Keys → Add key → Create new key → JSON*), again in English and then translated. The provider field names, examples and menu paths are kept in English so they match what the Cloud Console actually shows, while the descriptions and menu paths are also translatable; section titles, the enable/read/force-path-style checkboxes and the Test/Save buttons remain fully translated. Thanks to Claude. - **Admin Panel / Attachments / Move Attachment: "Repair file locations" button and a persistent "last move" message.** The new **Repair file locations** button scans all attachments and avatars and finds any whose recorded storage (`versions.<v>.storage` / `path` / `meta.gridFsFileId`) no longer matches where the binary actually is — left inconsistent by an interrupted or failed move — and fixes the database to point at the real location: it detects the binary in GridFS (by the `metadata.fileId` stamped on upload, recovering files whose GridFS id reference was lost) or on the filesystem (using the storage strategy's own thorough path resolution, so the repair agrees with what a real download/move would find even when `versions.<v>.path` is stale), then corrects `storage`, `path` and `meta.gridFsFileId` accordingly. Cloud-stored files are left untouched, and files found nowhere are reported as "Not found". The scan is streamed (memory-safe) and shows a per-scope searched / repaired / not-found summary. Separately, after a move finishes the page now keeps showing the last move operation — source → destination (scope) and the date/time as `YYYY-MM-DD HH:MM:SS` — so it is clear what was last done. Thanks to xet7 and Claude. - **SVG image uploads are now sanitized instead of rejected.** Uploaded SVGs (attachments and avatars) are cleaned in place in `onAfterUpload` via the new `models/lib/sanitizeSvg.js`, which removes JavaScript (`<script>`, inline `on*=` event handlers, `javascript:`/`vbscript:` URIs, `<foreignObject>` / `<iframe>` / `<object>` / `<embed>` and similar active content) and XML loops (`<!DOCTYPE>` / `<!ENTITY>` entity-expansion / XXE constructs and `<?xml-stylesheet?>`), so SVG images can be uploaded safely. Thanks to Claude. - **Unified attachment/avatar storage migration: move any → any.** Admin Panel / Attachments / Move Attachment can now move **Attachments, Avatars, or both**, from **any source to any destination** across Filesystem, Meteor-Files GridFS, Cloud (S3/Azure/GCS) and legacy CollectionFS GridFS. The default source is "All Read-enabled storages" (every backend whose Read flag is enabled and whose settings work), so everything can be consolidated into one destination in a single run. All metadata is preserved (board / swimlane / list / card / user / uploaded date / name / type / size), attachment cover references (`cards.coverId`) are remapped when an id changes, and the legacy source is deleted only after the new copy is verified. Thanks to Claude. - **Legacy CollectionFS GridFS is now a first-class storage backend** (read, migrate-from, and export-to) for both attachments and avatars, via the new `models/lib/collectionFsStore.js` (binary keyed by `copies.<coll>.key` in the `cfs_gridfs.<coll>` bucket, metadata in `cfs.<coll>.filerecord`). Thanks to Claude. - **The storage strategy layer is now collection-aware.** `moveToStorage` and the GridFS/Cloud strategies previously hard-coded the `Attachments` collection, so moving avatars to GridFS/cloud would have updated the wrong collection. The factory now carries its collection (`Attachments` or `Avatars`), so **avatars can be stored in Meteor-Files GridFS and cloud**, not only on the filesystem. Attachment behavior is unchanged. Thanks to xet7 and Claude. and adds the following updates: - [Update Windows MongoDB](https://redirect.github.com/wekan/wekan/commit/beedf2fefa614018ce7ed499465092e814a050d9). Thanks to xet7. - [Update DDP transport and reactivity order for multi-tenant deployment](https://redirect.github.com/wekan/wekan/pull/6365). Thanks to italojs. - [Updated to Meteor 3.5-rc.1](https://redirect.github.com/wekan/wekan/commit/29b3f52e50ea2ee9bfbfb98d3842ce8a9b8e52e3). Thanks to Meteor developers. - **Documented the attachment / file REST API in the OpenAPI docs** — file upload, download, info, listing a board's files, copy, move and delete (the `/api/attachment/*` endpoints registered via `WebApp.handlers.use()`, which the generator cannot auto-discover) are now documented in `openapi/extra_paths.yml` and injected into the generated docs, including their authentication and permission requirements. Thanks to xet7 and Claude. and adds the following fixes: - **[Admin Panel / Attachments: "Run MongoDB compact" now actually compacts the database](https://redirect.github.com/wekan/wekan/commit/dca9427bfb58532778bc705e4c8c8014ba4b01ae).** MongoDB refuses `compact` on an active replica-set primary unless `force: true` is given, so every collection failed with "will not run compact on an active replica set primary … use force:true to force" — and because the usual Meteor setup is a single-node replica set (only a primary, no secondaries), nothing was compacted at all and no disk space was reclaimed. The primary is now compacted with `force: true` (secondaries are still compacted without it, so the primary stays available while they run), so the GridFS collections are actually rewritten and freed space is returned to the filesystem. Thanks to Claude. - **Admin Panel / Attachments: clearer cloud "Test connection" errors, and cloud config inputs are trimmed.** Testing an Azure/GCS/S3 connection used to report a single generic `Incomplete configuration or adapter not installed` even when the real problem was specific — e.g. Azure rejecting the config with `Invalid URL` (a stray space/newline in the account name, or a bad endpoint / connection string). `testCloudConnection` now reports the actual cause: adapter not installed, required fields missing, the adapter's own configuration error (such as `Invalid URL`), or the real `listFiles` error (auth failure, container not found, …). It also pre-validates the config and gives an actionable message before the adapter turns it into a cryptic error — e.g. for Azure it explains that the **Storage account name** must be just the account name (3–24 lowercase letters/numbers, e.g. `wekanstorage`, not a full `https://…` URL and with no spaces), or that the **Connection string** is malformed; and when Azure still returns `Invalid URL` the message appends which field to check. In addition, all cloud-storage text fields are now trimmed when read from the form, so leading/trailing whitespace from copy-paste no longer produces an invalid URL. Thanks to xet7 and Claude. - **[Fixed moving attachments to S3](https://redirect.github.com/wekan/wekan/commit/a86a087915aac9d204e157b1a698091c079e04e6) (and other cloud storage) failing and crashing the server.** Uploading to S3 failed two ways, each of which crashed the whole server because the rejection was unhandled and SyncedCron treats those as fatal. The `@tweedegolf/sab-adapter-amazon-s3` adapter uploaded with a `PutObjectCommand` whose `Body` was a live stream: (1) with no `ContentLength` the AWS SDK fell back to a chunked signed upload that needs a decoded content length, which was undefined for a stream of unknown size — `Invalid value "undefined" for header "x-amz-decoded-content-length"`; and (2) if the socket dropped mid-upload (`socket hang up`), the SDK's body-stream promise rejected unhandled. Fixed by uploading the file as a complete in-memory **buffer** (`addFileFromBuffer`) instead of a live stream: a buffer has a known length (no content-length error) and no socket-bound stream to re-reject. The cloud upload promise now never rejects — any failure is captured and exposed via `waitUntilStored()`, which `moveToStorage` checks inside a try/catch so a failed upload leaves the source file intact and is logged cleanly. (Files are moved one at a time, so peak memory is one file.) Thanks to Claude. - **Fixed `TypeError: Cannot read properties of undefined (reading 'on')` when moving attachments between Meteor-Files/GridFS and Filesystem.** If a file's source binary was missing at its recorded location (e.g. a file left half-moved by an earlier interrupted run — storage says "gridfs" but the GridFS id reference is gone, or a filesystem path that no longer exists), `getReadStream()`/`getWriteStream()` returned `undefined` and `moveToStorage` (and `copyFile`) called `.on()` on it, throwing. Both now detect a missing read/write stream, log a clear message (which file, version, from→to storage, and why), **skip that file and leave the source intact** so no data is lost, and continue with the rest. Use the new "Repair file locations" button to fix the underlying inconsistent records. Thanks to Claude. - **Fixed moving attachments/avatars from CollectionFS to Meteor-Files crashing the server, hanging the Admin Panel move at "File 1 / N", and leaving broken avatars.** Three problems in Admin Panel / Attachments / Move Attachment: - **Server crash on the first file** (`uncaughtException: TypeError: Cannot read properties of undefined (reading '_id')` at `AttachmentStoreStrategyGridFs.writeStreamFinished`). The current mongodb driver's GridFS `GridFSBucketWriteStream` `'finish'` event no longer passes the stored file document, so `finishedData._id` threw and killed the process (which is also why the move appeared stuck at "File 1 / 4" — the background job died mid-file and its persisted status was frozen). The GridFS strategy now reads the uploaded file id from the write stream itself (`gridFSFile._id` / `id`), the `'finish'` handler is wrapped so it can never crash the process, and a startup reconciliation clears a stale "running" move status left by a crashed run so the UI un-sticks and a new move can be started. - **Broken avatar after migrating avatars.** The bulk move only repointed card cover references (`cards.coverId`); a user's `profile.avatarUrl` still pointed at the deleted legacy `/cfs/files/avatars/<oldId>` URL, so the avatar rendered broken. The move now repoints `profile.avatarUrl` to the migrated avatar (`remapReferences` handles avatars), and migrated files stamp `meta.migratedFromId` so references can be repaired to the **exact** new file. The startup repair in `server/models/users.js` (previously a no-op: it string-replaced the URL prefix while keeping the now-deleted id and never saved the document) now points each affected user's avatar at their migrated Meteor-Files avatar — matched precisely by `meta.migratedFromId`, otherwise strictly by `userId` (newest migrated avatar first), so a user can only ever be given their own avatar, never another user's. - **`ObjectID` deprecation warning** from `models/lib/grid/createObjectId.js` (`MongoInternals.NpmModule.ObjectID` → `ObjectId`). Thanks to xet7 and Claude. - [Fix Dropdown list cannot be created with values](https://redirect.github.com/wekan/wekan/commit/e01f99eb52812df5e2754c193860002ec2716ecb). - **Fixed Dropdown custom field options not being addable / saving as empty.** Creating a "Dropdown" custom field showed the "List Options" box, but pressing Enter (or typing and saving) never added any option, and on the card the only selectable value was `(none)`. The custom-fields sidebar component was migrated from `BlazeComponent` to a plain `Template`, but the template still iterates the options with `{{#each dropdownItems.get}}` — under BlazeComponent that resolved to the instance's `dropdownItems` ReactiveVar, whereas a plain Template does not expose instance variables to the template, so the list rendered nothing. Because the options were never rendered as inputs, `getDropdownItems()` then overwrote the ReactiveVar with the empty DOM on save and every entered value was dropped. Fixed by re-adding the missing `dropdownItems` helper (returning the ReactiveVar), matching the pattern the other migrated templates already use. Thanks to Claude. - **Fixed `Exception in global helper _` when opening the Create Custom Field popup (and any translation containing a literal `%`).** i18n is configured with a global sprintf post-processor (`postProcess: ["sprintf"]`), so every translation is run through `i18next-sprintf-postprocessor`. The help text `custom-field-stringtemplate-format` (`"Format (use %{value} as placeholder)"`) contains a literal `%{value}` that sprintf cannot parse, so `vsprintf` threw and crashed the global Blaze `_` translation helper — breaking that popup and any string (in any language, including user translation overrides) that contains a stray `%`. `TAPi18n.__` now retries without the sprintf post-processor when it throws, returning the raw string (so `%{value}` is shown literally) instead of crashing. Thanks to rouceto1, xet7 and Claude. - [Fixed new checklists (and checklist items) on a newly added card not being visible until logout/login](https://redirect.github.com/wekan/wekan/commit/075e86b00e1f0dc0dea519acd37cece4d0a1fad3). The `board` publication batched checklists, checklist items, comments and attachments into board-level cursors filtered by `cardId: { $in: cardIds }`, where `cardIds` was a one-time snapshot. In `reywood:publish-composite` a child cursor only re-runs when its parent (the board) document changes, so the snapshot never refreshed when a card was added — a checklist on a card created after subscribing matched no published card and only appeared on the next subscribe (logout/login). This was a regression from the "Optimized board loading" change, which had replaced the original reactive per-card child cursors with these batched snapshots. Fixed by **denormalizing a `boardId` field onto `Checklists` and `ChecklistItems`** so they can be published with a single board-level cursor filtered by `boardId` — one cursor per collection (keeping the load optimization) that still reacts to checklists on newly added cards, because a new checklist is created already carrying the board's id. `boardId` is set on insert (server `before.insert` hooks, plus explicitly in the Trello/WeKan board importers, which use `direct.insert` and bypass hooks), re-derived when a checklist/item or its card moves to another card (`before.update` on `cardId`) or the card moves to another board (`Cards.after.update` cascade), and backfilled for existing data by an idempotent startup migration. New `{ boardId: 1 }` indexes were added on both collections. Comments and attachments instead remain reactive as per-card children of the cards cursor. Assigned-only board members still only receive checklists for cards assigned to them (the board-level cursor falls back to the assigned cards' ids for those roles). Thanks to ahlgrimma, xet7 and Claude. - [Fixed SyncedCron crash](https://redirect.github.com/wekan/wekan/commit/72767ad9a769fee2548f93bbd7174edd69995e97). **Fixed deleting archived lists (or many cards) crashing the server with `SyncedCron: Fatal error encountered (unhandledRejection): TypeError: Cannot read properties of undefined (reading 'boardId')` at `server/models/checklistItems.js`.** Deleting a list cascades into removing its cards, and each card's checklists, checklist items, comments and attachments (`cardRemover` in `models/cards.js`). `Cards.before.remove` called `cardRemover` **without `await`** (and was not `async`), so the card document was deleted first and the cascade then ran with the parent card already gone; the `ChecklistItems.before.remove` / `Checklists.before.remove` hooks dereferenced the now-undefined card (`card.boardId`) and threw, and because the promise was unhandled, SyncedCron caught the rejection and tore down all running cron jobs. Fixed by making `Cards.before.remove` `async` and awaiting `cardRemover` (so sub-items are removed while the card still exists), and the REST card-delete handler now runs `cardRemover` before removing the card. As defense in depth, every card-activity hook and helper that looked up a card and used its `boardId` / `listId` / `swimlaneId` now skips (with a warning) when the parent card — or, for checklist-completion activities, the parent checklist — is missing, instead of throwing: `before.remove` on checklist items and checklists, `Checklists.after.insert`, the `Cards.before.update` timing activity, and the shared `itemCreation` / `publishCheckActivity` / `publishChekListCompleted` / `publishChekListUncompleted` / `commentCreation` helpers (matching the guards already present in `server/models/cardComments.js`). Thanks to titver968, xet7 and Claude. - **[Fixed upgrade crash](https://redirect.github.com/wekan/wekan/commit/39f3c89b0a11c5671b77d3a0b95200ac7256a4f1) `An error occurred when creating an index for collection "users": Topology is closed` / `MongoServerSelectionError: Server selection timed out after 30000 ms`.** When WeKan started before MongoDB was reachable and had an elected replica-set primary (common right after an upgrade, while MongoDB replays its WiredTiger journal, or when the app container starts at the same instant as the database), the first index creation threw and Node exited. Now: - **WeKan waits until MongoDB is ready** (reachable, with an elected primary) before it starts, in every launch path: `start-wekan.sh`, `start-wekan.bat`, the Snap (`snap-src/bin/wekan-control`), and the app itself (`server/00waitForMongo.js` / `server/lib/mongoStartup.js`, which blocks the first `Meteor.startup` so it also protects the plain Docker image). The Docker `docker-compose.yml` and `docker-compose-multitenancy.yml` now give `wekandb` a `healthcheck` (primary elected) and the WeKan/tenant services `depends_on: condition: service_healthy`. - **If MongoDB stays unreachable for too long** (default 120s, configurable via `WEKAN_DB_WAIT_TIMEOUT`), a clear English-only message is printed to the Node.js console / `docker logs` / `snap logs` explaining that a database upgrade with `mongodump` (old MongoDB) and `mongorestore --drop` (new MongoDB) may be needed, and reminding that attachments and avatars live on disk under `WRITABLE_PATH` (`files`, `attachments`, `avatars`; on Snap `/var/snap/wekan/common/files`, on Docker the `wekan-files` volume at `/data`) and must be copied too. WeKan keeps retrying after printing it. - **Index creation is now idempotent and crash-safe.** A new `ensureIndex` helper checks the existing indexes and only creates the ones that are missing, and never throws — a single index problem is logged in English instead of taking the whole server down. All startup index creation across the model files was switched to it. Thanks to xet7 and Claude. - [Fixed OpenAPI REST API documentation generation](https://redirect.github.com/wekan/wekan/commit/c71a97cba20247ce227a288fa74ef23cb3c4c83e), which had been broken since after WeKan v7.93 and only generated docs for the `login`/`register` endpoints (2 operations) instead of the full API. The Meteor 3 migration moved the REST routes from `models/*.js` (`JsonRoutes.add(...)`) into `server/models/*.js` (`WebApp.handlers.get/post/put/delete(...)`) and introduced optional chaining (`?.`) that the `esprima` Python parser cannot read, so `openapi/generate_openapi.py` silently skipped every route file. The generator now understands both routing styles, scans both `models/` and `server/models/`, downlevels modern JS syntax so files parse, handles the `type: Array` SimpleSchema idiom, and `releases/rebuild-docs.sh` works directly with Python 3.12.x (PEP 668). The generated `public/api/wekan.yml` / `wekan.html` now cover the full API again (89 operations / 61 paths). Thanks to xet7 and Claude. - **The attachment copy API now honours the admin "Admin Panel / Attachments" API transfer limits.** Copying an attachment creates a new attachment but skipped the `apiUploadBlocked` / `apiUploadMaxBytes` checks that upload enforces; copy now respects them in both API implementations. Thanks to Claude. - [Fixed Admin Panel / Attachments / Move Attachment doing nothing / crashing](https://redirect.github.com/wekan/wekan/commit/d30803276d6d06db44f65ee1fb583cc11aac8b7b). Several issues in the bulk move: - The GridFS source matcher required `meta.gridFsFileId` to be *absent*, but Meteor-Files always sets it, so selecting "MongoDB Meteor-Files" matched zero files and "nothing happened". The matcher now recognizes real GridFS files (`versions.*.storage === 'gridfs'` or a `meta.gridFsFileId` reference), and a "nothing to move" message is shown when a source is empty instead of silently doing nothing. - Moving files crashed the whole server with `FilesCollection#findOne() not available in server` — `ReactiveCache.getAttachment` used a synchronous `findOne()`; it now uses `findOneAsync()`. The background job is also hardened so a single failing file is skipped instead of crashing the server via an unhandled rejection. - The attachment **copy** API now honours the admin API upload limits (it previously skipped them). - **Fixed the "MongoDB Meteor-Files" file-count statistic** in Admin Panel / Attachments, which counted *every* attachment metadata document (so files on the Filesystem were wrongly reported as being in GridFS). It now counts only attachments actually stored in GridFS, consistent with the move tool. Also renamed the mislabeled "Mongo-Files" column to "Meteor-Files". Thanks to Claude. - **Read legacy CollectionFS attachments and avatars in place** (without migrating). The backward-compatibility layer (`models/lib/attachmentBackwardCompatibility.js`) was broken — it looked up the GridFS binary by the filerecord `_id` and by filename instead of by `ObjectId(copies.<coll>.key)`, so legacy files were never found. It is fixed and generalized for attachments and avatars. Legacy attachments now appear in the card attachment gallery (new `legacyBoardAttachments` publication) and stream from the `cfs_gridfs.attachments` bucket, and legacy avatars (`/cfs/files/avatars/<id>` URLs) are served from the `cfs_gridfs.avatars` bucket instead of redirecting to a 404. Thanks to xet7 and Claude. - [Ask to install npm dependencies before running tests](https://redirect.github.com/wekan/wekan/commit/b77b62bfa2e7a63fdd2d2d071693d5aa485a34c5). Thanks to xet7 and Claude. Thanks to above GitHub users for their contributions and translators for their translations. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC93ZWthbiIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWlub3IiXX0=--> |
||
|
|
8318b8200c |
feat(fileflows): update image docker.io/revenz/fileflows 26.05 → 26.06 (#48814)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/revenz/fileflows | minor | `dca58ba` → `9a500ac` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlZmxvd3MiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |
||
|
|
83269be403 |
fix(xen-orchestra): update image docker.io/ronivay/xen-orchestra 5.202.1 → 5.202.2 (#48813)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/ronivay/xen-orchestra | patch | `ab27d7f` → `9c12781` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC94ZW4tb3JjaGVzdHJhIiwiYXV0b21lcmdlIiwicmVub3ZhdGUvY29udGFpbmVyIiwidHlwZS9wYXRjaCJdfQ==--> |
||
|
|
b8ae3790bc |
feat(metube): update image ghcr.io/alexta69/metube 2026.05.30 → 2026.06.06 (#48815)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | ghcr.io/alexta69/metube | minor | `c5ed53d` → `acf2011` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9tZXR1YmUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> |
||
|
|
fe69c54076 | chore(yourls): update image yourls digest to fb92307 (#48811) | ||
|
|
c5405f86f2 |
chore(filestash): update image docker.io/machines/filestash digest to bb45998 (#48810)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/machines/filestash | digest | `e03cd9a` → `bb45998` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlc3Rhc2giLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL2RpZ2VzdCJdfQ==--> |
||
|
|
086b537d7f |
fix(docker): update image docker 29.5.2 → 29.5.3 (#48812)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker | patch | `6b9cd91` → `7d85d0e` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9kb2NrZXIiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |
||
|
|
b1d94cd3f1 |
fix(filebrowser): update image docker.io/filebrowser/filebrowser v2.63.10 → v2.63.13 (#48757)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/filebrowser/filebrowser](https://redirect.github.com/filebrowser/filebrowser) | patch | `b030806` → `e79c381` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>filebrowser/filebrowser (docker.io/filebrowser/filebrowser)</summary> ### [`v2.63.13`](https://redirect.github.com/filebrowser/filebrowser/releases/tag/v2.63.13) [Compare Source](https://redirect.github.com/filebrowser/filebrowser/compare/v2.63.12...v2.63.13) #### Changelog - [`67ed670`](https://redirect.github.com/filebrowser/filebrowser/commit/67ed670d92966e0c8b57d7b726572be6b905fe8a) chore(release): 2.63.13 - [`a1a514d`](https://redirect.github.com/filebrowser/filebrowser/commit/a1a514dcbb216d2080412c5354eea1e1fb033050) fix: copy/move allow overwrite - [`5f7311d`](https://redirect.github.com/filebrowser/filebrowser/commit/5f7311d32437e98d7c14c7b307a4f68109275535) refactor: cleanup and simplify upload.ts ### [`v2.63.12`](https://redirect.github.com/filebrowser/filebrowser/releases/tag/v2.63.12) [Compare Source](https://redirect.github.com/filebrowser/filebrowser/compare/v2.63.11...v2.63.12) #### Changelog - [`998bd95`](https://redirect.github.com/filebrowser/filebrowser/commit/998bd95bfad1a9fbb81d214a77b168a393639718) chore(release): 2.63.12 - [`c1abe8f`](https://redirect.github.com/filebrowser/filebrowser/commit/c1abe8f561208bf36bde70879d1a15ef9de998fa) fix: await copy move conflict detection ([#​5978](https://redirect.github.com/filebrowser/filebrowser/issues/5978)) - [`0bb2768`](https://redirect.github.com/filebrowser/filebrowser/commit/0bb2768754d11b865d68e72dcd7cebb232a6308a) fix: keep mobile file sort controls visible ([#​5977](https://redirect.github.com/filebrowser/filebrowser/issues/5977)) - [`7b7ff8a`](https://redirect.github.com/filebrowser/filebrowser/commit/7b7ff8ae8f97393b2e6ae6e061c1f780077c32b6) fix: skip inaccessible children when listing directories ([#​5958](https://redirect.github.com/filebrowser/filebrowser/issues/5958)) ### [`v2.63.11`](https://redirect.github.com/filebrowser/filebrowser/releases/tag/v2.63.11) [Compare Source](https://redirect.github.com/filebrowser/filebrowser/compare/v2.63.10...v2.63.11) #### Changelog - [`1086903`](https://redirect.github.com/filebrowser/filebrowser/commit/1086903c14553545aef0f1a5321011cb139aca3d) chore(release): 2.63.11 - [`3471ec2`](https://redirect.github.com/filebrowser/filebrowser/commit/3471ec2c4b6473831c72ee889cb3c1a6849a1fb1) fix: incomplete fix for symlinked directories let scopes users and public-share recipients read and write files outside of scope </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9maWxlYnJvd3NlciIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
d373308157 |
fix(helm-deps): update chart memcached 17.3.3 → 17.3.4 (#48807)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [memcached](https://truecharts.org/charts/stable/memcached) ([source](https://redirect.github.com/bitnami/bitnami-docker-memcached)) | patch | `17.3.3` → `17.3.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9naXRlYSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=--> |
||
|
|
9026b20fb3 | feat(minecraft-router): update image docker.io/itzg/mc-router 1.42.1 → 1.43.0 (#48809) | ||
|
|
55b3c365b0 | fix(rdtclient): update image ghcr.io/rogerfar/rdtclient 2.0.136 → 2.0.138 (#48808) | ||
|
|
78ed562f5d |
fix(cloudreve): update image docker.io/cloudreve/cloudreve 4.16.0 → 4.16.1 (#48806)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.io/cloudreve/cloudreve | patch | `be8a6aa` → `5659c0f` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9jbG91ZHJldmUiLCJhdXRvbWVyZ2UiLCJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> |