mirror of
https://github.com/go-gitea/gitea.git
synced 2026-06-13 19:19:52 +00:00
ee9f31e9c90534fbc3be479a52236b7302ebb2e9
20947 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Giteabot
|
ee9f31e9c9 |
chore(deps): update dependency @eslint/json to v2 (#38030)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [@eslint/json](https://redirect.github.com/eslint/json) | [`1.2.0` →
`2.0.0`](https://renovatebot.com/diffs/npm/@eslint%2fjson/1.2.0/2.0.0) |
|
|
---
### Release Notes
<details>
<summary>eslint/json (@​eslint/json)</summary>
###
[`v2.0.0`](https://redirect.github.com/eslint/json/blob/HEAD/CHANGELOG.md#200-2026-05-28)
[Compare
Source](https://redirect.github.com/eslint/json/compare/72eb947ec708d1326047977c165670582ce58a26...804ffc4911bf489cea025a829f65ee98c975b7ee)
##### ⚠ BREAKING CHANGES
- add `meta.languages` to JSON rules
([#​238](https://redirect.github.com/eslint/json/issues/238))
##### Features
- add `meta.languages` to JSON rules
([#​238](https://redirect.github.com/eslint/json/issues/238))
([
|
||
|
bircni
|
3b1e75764e |
feat(actions): add job summaries (GITHUB_STEP_SUMMARY) (#37500)
- Add GitHub-style Actions **job summaries** support
(`GITHUB_STEP_SUMMARY` / `workflow/SUMMARY.md`) and render them on the
run Summary view.
- Store uploaded summaries internally in the DB (not as downloadable
artifacts).
- Add runtime-token endpoint for runners to upload summaries:
- `PUT
/api/actions_pipeline/_apis/pipelines/workflows/{run_id}/jobs/{job_id}/summary`
- Advertise support to runners via `RunnerService.Declare` response
header:
- `X-Gitea-Actions-Capabilities: job-summary`
- Devtest: extend `/devtest/repo-action-view/...` to include mock
`jobSummaries` for previewing UI rendering.
## Compatibility
- New Gitea + old runner: no summary upload → UI shows nothing (no
behavior change)
- New runner + old Gitea: capability not advertised → runner skips
upload (no behavior change)
## Screenshot:
<img width="2017" height="729"
src="https://github.com/user-attachments/assets/31f8b945-50c4-40e1-9f40-382901a53013"
/>
Fixes #23721
PR on gitea-runner https://gitea.com/gitea/runner/pulls/917
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
|
||
|
bircni
|
b1c088e9cf |
enhance(actions): Make Summary UI more beautiful with more infos (#37824)
## Summary - Redesign the Actions run summary header to follow GitHub Actions layout: trigger info on the left, Status / Total duration / Artifacts columns inline on the right - Expose trigger user avatar, pull request link, and PR head branch info from the run view API - Update the workflow graph header to show the workflow filename (linked to the run workflow file) and `on: <event>`, while keeping the jobs/dependencies/success stats line - Remove the redundant commit/workflow metadata row below the run title; that information now lives in the summary bar New: <img width="1564" height="639" src="https://github.com/user-attachments/assets/e6bc1623-c5fc-4e97-abc9-fde7f3c6aef9" /> Old: <img width="2038" height="1038" src="https://github.com/user-attachments/assets/0857f19a-8d3a-4da2-82fd-e9ebeb200062" /> Replaces https://github.com/go-gitea/gitea/pull/36721 --------- Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
Giteabot
|
e01af366e2 |
fix(deps): update npm dependencies (#38035)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | @​codemirror/autocomplete | [`6.20.2` → `6.20.3`](https://renovatebot.com/diffs/npm/@codemirror%2fautocomplete/6.20.2/6.20.3) |  |  | | [eslint-plugin-vue](https://eslint.vuejs.org) ([source](https://redirect.github.com/vuejs/eslint-plugin-vue)) | [`10.9.1` → `10.9.2`](https://renovatebot.com/diffs/npm/eslint-plugin-vue/10.9.1/10.9.2) |  |  | --- ### Release Notes <details> <summary>vuejs/eslint-plugin-vue (eslint-plugin-vue)</summary> ### [`v10.9.2`](https://redirect.github.com/vuejs/eslint-plugin-vue/blob/HEAD/CHANGELOG.md#1092) [Compare Source](https://redirect.github.com/vuejs/eslint-plugin-vue/compare/v10.9.1...v10.9.2) ##### Patch Changes - Fixed [`vue/custom-event-name-casing`](https://eslint.vuejs.org/rules/custom-event-name-casing.html) to check segments of colon-separated event names like `update:foo-bar` ([#​3079](https://redirect.github.com/vuejs/eslint-plugin-vue/pull/3079)) - Fixed [`vue/one-component-per-file`](https://eslint.vuejs.org/rules/one-component-per-file.html) to not report functions not imported from Vue ([#​3063](https://redirect.github.com/vuejs/eslint-plugin-vue/pull/3063)) - Fixed [`vue/prefer-import-from-vue`](https://eslint.vuejs.org/rules/prefer-import-from-vue.html) to not report imports/exports of names that are not re-exported by `vue` ([#​3081](https://redirect.github.com/vuejs/eslint-plugin-vue/pull/3081)) - Fixed [`vue/return-in-computed-property`](https://eslint.vuejs.org/rules/return-in-computed-property.html) and [`vue/require-render-return`](https://eslint.vuejs.org/rules/require-render-return.html) to not report exhaustive switch statements when TypeScript type information is available ([#​3067](https://redirect.github.com/vuejs/eslint-plugin-vue/pull/3067)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
TheFox0x7
|
d76a974b24 |
feat(ssh): auto generate additional ssh keys (#33974)
adds capabilities for gitea to generate ecdsa and ed25519 keys by default adds cli for built-in ssh key generation helpers closes: https://github.com/go-gitea/gitea/issues/33783 --------- Co-authored-by: Nicolas <bircni@icloud.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
Nico Schlömer
|
ade76fe838 |
enhance: allow MathML core elements (#38034)
Fixes #36352. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
bircni
|
54916f708e |
feat: Add avatar stacks (#37594)
Parse `Co-authored-by:` trailers from commit messages and surface contributors as an avatar stack across the commit page, commits list, PR commits tab, latest-commit row, blame, graph, and dashboard feed. - Up to 10 visible 20px avatars, GitHub-style overlap (6px first stride, 4px between subsequent), `+N` chip for the rest. - Label: 1 → name; 2 → `<a> and <b>`; 3+ → `<N> people` opens a Tippy popup with all participants. - Names and avatars link to the repo's commits-by-author search; fall back to profile or `mailto:`. - Trailer parsing uses `net/mail.ParseAddress`, scans only the trailing paragraph, filters out the commit's own author/committer. - Drops the non-standard `Co-committed-by:` emission on squash merge and web edits. Devtest: `/devtest/coauthor-avatars`. Fixes #25521 ---- <img width="353" height="277" alt="image" src="https://github.com/user-attachments/assets/72092ceb-97ca-4b09-9557-0b72d3c5458e" /> <img width="533" height="328" src="https://github.com/user-attachments/assets/11d0c8f8-8b3f-4f2e-9993-879f1c06bcc5" /> --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
Giteabot
|
2a84831400 |
chore(deps): update astral-sh/setup-uv action to v8.2.0 (#38036)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [astral-sh/setup-uv](https://redirect.github.com/astral-sh/setup-uv) | action | minor | `v8.1.0` → `v8.2.0` | --- ### Release Notes <details> <summary>astral-sh/setup-uv (astral-sh/setup-uv)</summary> ### [`v8.2.0`](https://redirect.github.com/astral-sh/setup-uv/releases/tag/v8.2.0): 🌈 New inputs `quiet` and `download-from-astral-mirror` [Compare Source](https://redirect.github.com/astral-sh/setup-uv/compare/v8.1.0...v8.2.0) #### Changes This release brings two new inputs and a few bug fixes. ##### New inputs Lets talk about the new inputs first. ##### quiet Pretty simple. It turns of all `info` loggings. Useful if you use this in a composite action and are not interested in all the details. In the upcoming releases we will add log groups to fully implement support for "less noise" > \[!NOTE]\ > Warnings and errors are always logged. ##### download-from-astral-mirror In some cases you may want to directly use the fallback of checking for available versions and downloading releases from GitHub instead of using the astral.sh mirror. Setting `download-from-astral-mirror: false` allows you to do that. ##### Bugfixes When using the astral.sh mirror to query available versions and download releases (done by default) we now stop sending the GitHub token in the header. The mirror never looked at it but we shouldn't be handing out that data even if it is just a short lived token. All other bugfixes try to limit the impact of failed GitHub queries due to retries and other faults. We couldn't pinpoint all rootcauses yet but added more logging for error cases to track them down. #### 🐛 Bug fixes - fix: report unexpected cache save failures [@​eifinger](https://redirect.github.com/eifinger) ([#​896](https://redirect.github.com/astral-sh/setup-uv/issues/896)) - fix: report unexpected setup failures [@​eifinger](https://redirect.github.com/eifinger) ([#​895](https://redirect.github.com/astral-sh/setup-uv/issues/895)) - fix: add timeout to fetch to prevent silent hangs [@​eifinger-bot](https://redirect.github.com/eifinger-bot) ([#​883](https://redirect.github.com/astral-sh/setup-uv/issues/883)) - Limit GitHub tokens to github.com download URLs [@​zsol](https://redirect.github.com/zsol) ([#​878](https://redirect.github.com/astral-sh/setup-uv/issues/878)) - increase libuv-workaround timeout to 100ms [@​eifinger](https://redirect.github.com/eifinger) ([#​880](https://redirect.github.com/astral-sh/setup-uv/issues/880)) #### 🚀 Enhancements - Add quiet input to suppress info-level log output [@​eifinger](https://redirect.github.com/eifinger) ([#​898](https://redirect.github.com/astral-sh/setup-uv/issues/898)) - feat: add `download-from-astral-mirror` input [@​eifinger](https://redirect.github.com/eifinger) ([#​897](https://redirect.github.com/astral-sh/setup-uv/issues/897)) #### 🧰 Maintenance - docs: update dependabot rollup biome guidance [@​eifinger](https://redirect.github.com/eifinger) ([#​902](https://redirect.github.com/astral-sh/setup-uv/issues/902)) - chore: update known checksums for 0.11.18 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​899](https://redirect.github.com/astral-sh/setup-uv/issues/899)) - chore: update known checksums for 0.11.17 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​892](https://redirect.github.com/astral-sh/setup-uv/issues/892)) - chore: update known checksums for 0.11.16 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​889](https://redirect.github.com/astral-sh/setup-uv/issues/889)) - chore: update known checksums for 0.11.15 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​885](https://redirect.github.com/astral-sh/setup-uv/issues/885)) - chore: update known checksums for 0.11.14 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​879](https://redirect.github.com/astral-sh/setup-uv/issues/879)) - chore: update known checksums for 0.11.13 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​877](https://redirect.github.com/astral-sh/setup-uv/issues/877)) - chore: update known checksums for 0.11.12 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​876](https://redirect.github.com/astral-sh/setup-uv/issues/876)) - chore: update known checksums for 0.11.11 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​873](https://redirect.github.com/astral-sh/setup-uv/issues/873)) - chore: update known checksums for 0.11.9/0.11.10 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​871](https://redirect.github.com/astral-sh/setup-uv/issues/871)) - chore: update known checksums for 0.11.8 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​867](https://redirect.github.com/astral-sh/setup-uv/issues/867)) - Bump setup-uv references to v8.1.0 SHA in docs [@​eifinger](https://redirect.github.com/eifinger) ([#​862](https://redirect.github.com/astral-sh/setup-uv/issues/862)) - Add update-docs.yml workflow [@​eifinger](https://redirect.github.com/eifinger) ([#​861](https://redirect.github.com/astral-sh/setup-uv/issues/861)) #### ⬆️ Dependency updates - chore(deps): roll up dependabot updates [@​eifinger](https://redirect.github.com/eifinger) ([#​903](https://redirect.github.com/astral-sh/setup-uv/issues/903)) - chore(deps): roll up dependabot updates [@​eifinger](https://redirect.github.com/eifinger) ([#​901](https://redirect.github.com/astral-sh/setup-uv/issues/901)) - chore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​900](https://redirect.github.com/astral-sh/setup-uv/issues/900)) - chore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​842](https://redirect.github.com/astral-sh/setup-uv/issues/842)) - chore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​893](https://redirect.github.com/astral-sh/setup-uv/issues/893)) - chore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​891](https://redirect.github.com/astral-sh/setup-uv/issues/891)) - chore(deps): bump release-drafter/release-drafter from 7.2.0 to 7.3.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​884](https://redirect.github.com/astral-sh/setup-uv/issues/884)) - chore(deps): bump zizmorcore/zizmor-action from 0.5.3 to 0.5.5 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​888](https://redirect.github.com/astral-sh/setup-uv/issues/888)) - chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​881](https://redirect.github.com/astral-sh/setup-uv/issues/881)) - chore(deps): bump github/codeql-action from 4.32.2 to 4.35.3 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​875](https://redirect.github.com/astral-sh/setup-uv/issues/875)) - chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​866](https://redirect.github.com/astral-sh/setup-uv/issues/866)) - chore(deps): bump zizmorcore/zizmor-action from 0.5.2 to 0.5.3 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​864](https://redirect.github.com/astral-sh/setup-uv/issues/864)) - chore(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​863](https://redirect.github.com/astral-sh/setup-uv/issues/863)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
wxiaoguang
|
136f7d18aa |
fix: api error message (#38031)
Fix various abuses and mistakes |
||
|
Zettat123
|
60f66a9bfd |
enhance(actions): improve reusable workflow uses handling and cancellation (#37991)
Follow up #37478 ## Changes 1. #37478 doesn't support absolute URL in `uses`. This PR provides partial support for URL-style reusable workflow references. A reusable workflow can now be referenced by an absolute URL, as long as it points to the local Gitea instance: ```yaml jobs: call: uses: https://your-gitea.example.com/OWNER/REPO/.gitea/workflows/ci.yaml@v1 ``` 2. Show an error message in the UI for invalid `uses`. <img width="1600" alt="image" src="https://github.com/user-attachments/assets/21b34e61-bf10-4af1-b9fd-4ee4e9fde049" /> 3. Fix reusable caller cancellation issue. A reusable caller's status is aggregated from its children, so cancellation should processes a caller's descendants deepest-first. --------- Signed-off-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: bircni <bircni@icloud.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
Giteabot
|
1e9ea9c8f5 |
fix(deps): update npm dependencies (#38029)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@primer/octicons](https://primer.style/octicons) ([source](https://redirect.github.com/primer/octicons)) | [`19.27.0` → `19.28.0`](https://renovatebot.com/diffs/npm/@primer%2focticons/19.27.0/19.28.0) |  |  | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | [`8.60.0` → `8.60.1`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.60.0/8.60.1) |  |  | | [@vitest/eslint-plugin](https://redirect.github.com/vitest-dev/eslint-plugin-vitest) | [`1.6.18` → `1.6.19`](https://renovatebot.com/diffs/npm/@vitest%2feslint-plugin/1.6.18/1.6.19) |  |  | | [eslint](https://eslint.org) ([source](https://redirect.github.com/eslint/eslint)) | [`10.4.0` → `10.4.1`](https://renovatebot.com/diffs/npm/eslint/10.4.0/10.4.1) |  |  | | [eslint-import-resolver-typescript](https://redirect.github.com/import-js/eslint-import-resolver-typescript) | [`4.4.4` → `4.4.5`](https://renovatebot.com/diffs/npm/eslint-import-resolver-typescript/4.4.4/4.4.5) |  |  | | [eslint-plugin-vue-scoped-css](https://future-architect.github.io/eslint-plugin-vue-scoped-css/) ([source](https://redirect.github.com/future-architect/eslint-plugin-vue-scoped-css)) | [`3.1.0` → `3.1.1`](https://renovatebot.com/diffs/npm/eslint-plugin-vue-scoped-css/3.1.0/3.1.1) |  |  | | [js-yaml](https://redirect.github.com/nodeca/js-yaml) | [`4.1.1` → `4.2.0`](https://renovatebot.com/diffs/npm/js-yaml/4.1.1/4.2.0) |  |  | | [pnpm](https://pnpm.io) ([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) | [`11.4.0` → `11.5.1`](https://renovatebot.com/diffs/npm/pnpm/11.4.0/11.5.1) |  |  | | [rolldown-license-plugin](https://redirect.github.com/silverwind/rolldown-license-plugin) | [`3.0.8` → `3.0.9`](https://renovatebot.com/diffs/npm/rolldown-license-plugin/3.0.8/3.0.9) |  |  | | [typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)) | [`8.60.0` → `8.60.1`](https://renovatebot.com/diffs/npm/typescript-eslint/8.60.0/8.60.1) |  |  | | [updates](https://redirect.github.com/silverwind/updates) | [`17.17.2` → `17.17.3`](https://renovatebot.com/diffs/npm/updates/17.17.2/17.17.3) |  |  | | [vite](https://vite.dev) ([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite)) | [`8.0.14` → `8.0.16`](https://renovatebot.com/diffs/npm/vite/8.0.14/8.0.16) |  |  | | [vitest](https://vitest.dev) ([source](https://redirect.github.com/vitest-dev/vitest/tree/HEAD/packages/vitest)) | [`4.1.7` → `4.1.8`](https://renovatebot.com/diffs/npm/vitest/4.1.7/4.1.8) |  |  | | [vue-tsc](https://redirect.github.com/vuejs/language-tools) ([source](https://redirect.github.com/vuejs/language-tools/tree/HEAD/packages/tsc)) | [`3.3.2` → `3.3.3`](https://renovatebot.com/diffs/npm/vue-tsc/3.3.2/3.3.3) |  |  | --- ### Release Notes <details> <summary>primer/octicons (@​primer/octicons)</summary> ### [`v19.28.0`](https://redirect.github.com/primer/octicons/blob/HEAD/CHANGELOG.md#19280) [Compare Source](https://redirect.github.com/primer/octicons/compare/v19.27.0...v19.28.0) ##### Minor Changes - [#​1208](https://redirect.github.com/primer/octicons/pull/1208) [`eddab3ff`](https://redirect.github.com/primer/octicons/commit/eddab3ff19f1450eb1d60c78b1d20c2c4bc3fd15) Thanks [@​dylanatsmith](https://redirect.github.com/dylanatsmith)! - Fix vscode icon: update 16px, add 24px, remove 32px and 48px </details> <details> <summary>typescript-eslint/typescript-eslint (@​typescript-eslint/parser)</summary> ### [`v8.60.1`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#8601-2026-06-01) [Compare Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.60.0...v8.60.1) This was a version bump only for parser to align it with other projects, there were no code changes. See [GitHub Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1) for more information. You can read about our [versioning strategy](https://typescript-eslint.io/users/versioning) and [releases](https://typescript-eslint.io/users/releases) on our website. </details> <details> <summary>vitest-dev/eslint-plugin-vitest (@​vitest/eslint-plugin)</summary> ### [`v1.6.19`](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/releases/tag/v1.6.19) [Compare Source](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.18...v1.6.19) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.18...v1.6.19) </details> <details> <summary>eslint/eslint (eslint)</summary> ### [`v10.4.1`](https://redirect.github.com/eslint/eslint/releases/tag/v10.4.1) [Compare Source](https://redirect.github.com/eslint/eslint/compare/v10.4.0...v10.4.1) #### Bug Fixes - [`e557467`](https://redirect.github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec) fix: update `@eslint/plugin-kit` version to 0.7.2 ([#​20930](https://redirect.github.com/eslint/eslint/issues/20930)) (Francesco Trotta) - [`d4ce898`](https://redirect.github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd) fix: propagate failures from delegated commands ([#​20917](https://redirect.github.com/eslint/eslint/issues/20917)) (Minh Vu) - [`f4f3507`](https://redirect.github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf) fix: prefer-arrow-callback invalid autofix with newline after `async` ([#​20916](https://redirect.github.com/eslint/eslint/issues/20916)) (kuldeep kumar) - [`c5bc78b`](https://redirect.github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85) fix: false positive for reference in `finally` block ([#​20655](https://redirect.github.com/eslint/eslint/issues/20655)) (Tanuj Kanti) - [`27538c0`](https://redirect.github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59) fix: add missing CodePath and CodePathSegment types ([#​20853](https://redirect.github.com/eslint/eslint/issues/20853)) (Pixel998) #### Documentation - [`61b0add`](https://redirect.github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30) docs: remove deprecated rule from related rules of `max-params` ([#​20921](https://redirect.github.com/eslint/eslint/issues/20921)) (Tanuj Kanti) - [`305d5b9`](https://redirect.github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43) docs: remove deprecated rules from related rules section ([#​20911](https://redirect.github.com/eslint/eslint/issues/20911)) (Tanuj Kanti) - [`49b0202`](https://redirect.github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c) docs: fix `display: none` of ad ([#​20901](https://redirect.github.com/eslint/eslint/issues/20901)) (Tanuj Kanti) - [`9067f94`](https://redirect.github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44) docs: switch build to Node.js 24 ([#​20893](https://redirect.github.com/eslint/eslint/issues/20893)) (Milos Djermanovic) - [`c91b041`](https://redirect.github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86) docs: Update README (GitHub Actions Bot) - [`e349265`](https://redirect.github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870) docs: clarify semver strings in rule deprecation objects ([#​20885](https://redirect.github.com/eslint/eslint/issues/20885)) (Milos Djermanovic) #### Chores - [`b0e466b`](https://redirect.github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584) test: add `data` property to invalid tests cases for rules ([#​20924](https://redirect.github.com/eslint/eslint/issues/20924)) (Tanuj Kanti) - [`f78838b`](https://redirect.github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46) test: add CodePath type coverage ([#​20904](https://redirect.github.com/eslint/eslint/issues/20904)) (Pixel998) - [`1daa4bd`](https://redirect.github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9) chore: update `eslint-plugin-eslint-comments` test data to latest commit ([#​20922](https://redirect.github.com/eslint/eslint/issues/20922)) (Francesco Trotta) - [`002942c`](https://redirect.github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c) ci: declare contents:read on update-readme workflow ([#​20919](https://redirect.github.com/eslint/eslint/issues/20919)) (Arpit Jain) - [`64bca24`](https://redirect.github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b) chore: update ecosystem plugins ([#​20912](https://redirect.github.com/eslint/eslint/issues/20912)) (ESLint Bot) - [`6d7c832`](https://redirect.github.com/eslint/eslint/commit/6d7c832950d5e92499d88e504080661f888f8f56) chore: ignore fflate updates in renovate ([#​20908](https://redirect.github.com/eslint/eslint/issues/20908)) (Pixel998) - [`b2c8638`](https://redirect.github.com/eslint/eslint/commit/b2c86382164d87c6203b78d52068cd6a2a6ffe30) ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 ([#​20889](https://redirect.github.com/eslint/eslint/issues/20889)) (dependabot\[bot]) - [`a9b8d7f`](https://redirect.github.com/eslint/eslint/commit/a9b8d7f74c50211701cfc49710fa541fd91b2aa5) chore: increase maxBuffer for ecosystem tests ([#​20881](https://redirect.github.com/eslint/eslint/issues/20881)) (sethamus) - [`b702ead`](https://redirect.github.com/eslint/eslint/commit/b702ead5e1ed7cb9f28238a454797662efb37396) chore: update ecosystem update PR settings ([#​20884](https://redirect.github.com/eslint/eslint/issues/20884)) (Pixel998) - [`507f60e`](https://redirect.github.com/eslint/eslint/commit/507f60e9a78c9a902bc8759f066ae17a1ea6cd81) chore: update ecosystem plugins ([#​20882](https://redirect.github.com/eslint/eslint/issues/20882)) (ESLint Bot) - [`92f5c5b`](https://redirect.github.com/eslint/eslint/commit/92f5c5bb6bf3a5d167c8ee53a430833410295c6d) test: add unit test for message-count ([#​20878](https://redirect.github.com/eslint/eslint/issues/20878)) (kuldeep kumar) - [`df32108`](https://redirect.github.com/eslint/eslint/commit/df321080af5758b1fa25e4b9a40e26135642dd6e) chore: add [@​eslint/markdown](https://redirect.github.com/eslint/markdown) and typescript-eslint ecosystem tests ([#​20837](https://redirect.github.com/eslint/eslint/issues/20837)) (sethamus) - [`327f91d`](https://redirect.github.com/eslint/eslint/commit/327f91d36aa49f2a50ded931d841a16374fd875f) chore: use includeIgnoreFile internally ([#​20876](https://redirect.github.com/eslint/eslint/issues/20876)) (Kirk Waiblinger) - [`f0dc4bd`](https://redirect.github.com/eslint/eslint/commit/f0dc4bd893fb3a9f44e4ddc3ad7063ffb0beacd3) chore: pin fflate\@​0.8.2 ([#​20877](https://redirect.github.com/eslint/eslint/issues/20877)) (Milos Djermanovic) - [`0f4bd25`](https://redirect.github.com/eslint/eslint/commit/0f4bd257a67a082b756de746d9e0c4842ab764ca) ci: run Discord alert for ecosystem test failures ([#​20873](https://redirect.github.com/eslint/eslint/issues/20873)) (Copilot) </details> <details> <summary>import-js/eslint-import-resolver-typescript (eslint-import-resolver-typescript)</summary> ### [`v4.4.5`](https://redirect.github.com/import-js/eslint-import-resolver-typescript/blob/HEAD/CHANGELOG.md#445) [Compare Source](https://redirect.github.com/import-js/eslint-import-resolver-typescript/compare/v4.4.4...v4.4.5) ##### Patch Changes - [#​473](https://redirect.github.com/import-js/eslint-import-resolver-typescript/pull/473) [`32c61ab`](https://redirect.github.com/import-js/eslint-import-resolver-typescript/commit/32c61abccf26bd2a2267f2e0e67d82e6f88d149a) Thanks [@​leey0818](https://redirect.github.com/leey0818)! - fix: check tsconfig matching before using resolver </details> <details> <summary>future-architect/eslint-plugin-vue-scoped-css (eslint-plugin-vue-scoped-css)</summary> ### [`v3.1.1`](https://redirect.github.com/future-architect/eslint-plugin-vue-scoped-css/blob/HEAD/CHANGELOG.md#311) [Compare Source](https://redirect.github.com/future-architect/eslint-plugin-vue-scoped-css/compare/v3.1.0...v3.1.1) ##### Patch Changes - Fix false positives in `vue-scoped-css/require-selector-used-inside` for selectors that start with ignored pseudo-classes such as `:has(...)`. ([#​496](https://redirect.github.com/future-architect/eslint-plugin-vue-scoped-css/pull/496)) </details> <details> <summary>nodeca/js-yaml (js-yaml)</summary> ### [`v4.2.0`](https://redirect.github.com/nodeca/js-yaml/blob/HEAD/CHANGELOG.md#420---2026-06-01) [Compare Source](https://redirect.github.com/nodeca/js-yaml/compare/4.1.1...590dbabadd172b099c07654fab2eabec8c7a07b9) ##### Added - Added `docs/safety.md` with notes about processing untrusted YAML. - Added `maxDepth` (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow. - Added `maxMergeSeqLength` (20) loader option. Not a problem after `merge` fix, but an additional restriction for safety. - Added sourcemaps to `dist/` builds. ##### Changed - Stop resolving numbers with underscores as numeric scalars, [#​627](https://redirect.github.com/nodeca/js-yaml/issues/627). - Switched dev toolchains to Vite / neostandard. - Updated demo. - Reorganized tests. - `dist/` files are no longer kept in the repository. ##### Fixed - Fix parsing of properties on the first implicit block mapping key, [#​62](https://redirect.github.com/nodeca/js-yaml/issues/62). - Fix trailing whitespace handling when folding flow scalar lines, [#​307](https://redirect.github.com/nodeca/js-yaml/issues/307). - Reject top-level block scalars without content indentation, [#​280](https://redirect.github.com/nodeca/js-yaml/issues/280). - Ensure numbers survive round-trip, [#​737](https://redirect.github.com/nodeca/js-yaml/issues/737). - Fix test coverage for issue [#​221](https://redirect.github.com/nodeca/js-yaml/issues/221). - Fix flow scalar trailing whitespace folding, [#​307](https://redirect.github.com/nodeca/js-yaml/issues/307). - Fix digits in YAML named tag handles. ##### Security - Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K). </details> <details> <summary>pnpm/pnpm (pnpm)</summary> ### [`v11.5.1`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1151) [Compare Source](https://redirect.github.com/pnpm/pnpm/compare/v11.5.0...v11.5.1) ##### Patch Changes - Improve `pnpm audit` performance by pruning non-vulnerable lockfile subtrees and stopping path enumeration once vulnerable findings reach the path cap. - Avoid crashing when the workspace state cache is partially written or malformed. - Set `npm_config_user_agent` for root lifecycle scripts during headless installs. - Preserve the `integrity` field of a remote (non-registry) tarball dependency when its lockfile entry is rebuilt. Re-resolving such a dependency without re-fetching it (for example via `pnpm update`, or when another dependency changes) produced a resolution with no integrity — URL/tarball resolvers only learn the integrity after the tarball is downloaded — so the previously recorded integrity was dropped, making later installs fail with `ERR_PNPM_MISSING_TARBALL_INTEGRITY` [#​12067](https://redirect.github.com/pnpm/pnpm/issues/12067). - Normalize a string `repository` field into the `{ type, url }` object form when creating the publish manifest, matching npm's behavior. Some registries (e.g. Gitea/Codeberg) reject a string `repository` with a 500 Internal Server Error during `pnpm publish` [#​12099](https://redirect.github.com/pnpm/pnpm/issues/12099). - Preserve compatible optional peer versions already present in the lockfile when resolving dependencies. - Fixed inconsistent resolution of a peer dependency that is shared through a diamond. When a package peer-depends on both another package and one of that package's own peer dependencies (for example `@typescript-eslint/eslint-plugin` peer-depends on both `@typescript-eslint/parser` and `typescript`, and `@typescript-eslint/parser` peer-depends on `typescript`), pnpm no longer reuses a hoisted instance of the shared peer that was resolved against a different version [#​12079](https://redirect.github.com/pnpm/pnpm/issues/12079). ### [`v11.5.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1150) [Compare Source](https://redirect.github.com/pnpm/pnpm/compare/v11.4.0...v11.5.0) ##### Minor Changes - Added a new `hoistingLimits` setting for `nodeLinker: hoisted` installs, mirroring yarn's `nmHoistingLimits`. It accepts `none` (the default — hoist as far as possible), `workspaces` (hoist only as far as each workspace package), or `dependencies` (hoist only up to each workspace package's direct dependencies). Originally proposed in [#​6468](https://redirect.github.com/pnpm/pnpm/pull/6468), closing [#​6457](https://redirect.github.com/pnpm/pnpm/issues/6457). - Replaced `enquirer` with `@inquirer/prompts` for all interactive prompts. Fixes the `update -i` scrolling overflow bug where long choice lists were clipped in the terminal [#​6643](https://redirect.github.com/pnpm/pnpm/issues/6643). **User-facing changes:** - `pnpm update -i` / `pnpm update -i --latest`: Scrolling now works correctly when many packages are available; the new library uses visual-line-aware pagination via `usePagination` - `pnpm audit --fix -i`: Same scrolling fix for vulnerability selection - `pnpm approve-builds`: Interactive build approval prompts updated - `pnpm patch`: Version selection and "apply to all" prompts updated - `pnpm patch-remove`: Patch removal selection updated - `pnpm publish`: Branch confirmation prompt updated - `pnpm login`: Credential prompts updated - `pnpm run` / `pnpm exec` (with `verifyDepsBeforeRun=prompt`): Confirmation prompt updated Vim-style `j`/`k` keys still work for up/down navigation in all interactive prompts. **Internal:** The `OtpEnquirer` and `LoginEnquirer` DI interfaces changed from `{ prompt }` to `{ input }` / `{ input, password }` respectively. Plugins or custom builds that inject their own enquirer mock will need to update. - Staged publishes are now recognized in the trust scale. When a package version's registry metadata carries an `approver` field, it is treated as the strongest trust evidence (ranked above trusted publishers and provenance attestations), since staged publishes require 2FA publish approvals. This prevents false-positive trust downgrade errors when moving from a staged publish to a lower trust level [#​11887](https://redirect.github.com/pnpm/pnpm/issues/11887). ##### Patch Changes - Fix pnpm hanging during peer resolution when an aliased install pulls in transitive packages with mutual peer cycles at different depths in the dependency tree (for example, `pnpm i nuxt@npm:nuxt-nightly@5x`). Cycles whose members hit the `findHit` cache instead of running their own `calculateDepPath` are now short-circuited by sibling resolutions at the level where the cycle is detected, so the cached path promises no longer deadlock. [#​11999](https://redirect.github.com/pnpm/pnpm/issues/11999). - Fix `pnpm dist-tag add` and `pnpm dist-tag rm` against npmjs.org failing without `--otp` with `[ERR_PNPM_UNAUTHORIZED] You must be logged in to set dist-tag … "You must provide a one-time pass. Upgrade your client to npm@latest in order to use 2FA."`. pnpm now sends `npm-auth-type: web` on dist-tag writes and surfaces the resulting OTP challenge through the existing browser-based 2FA flow (the same `withOtpHandling` helper used by `pnpm publish`), so the browser opens, the user authenticates, and the dist-tag is set on retry. `--otp=<code>` continues to work via the classic flow. - Fix `minimumReleaseAgeExclude` handling in npm resolution fast paths so excluded packages do not get pinned to stale versions. Excludes are honored consistently during `publishedBy` metadata selection and cache-mtime shortcuts. - Fix the `integrity` field being dropped from the lockfile entry of a remote (non-registry) https-tarball dependency when an unrelated package is installed afterwards. URL/tarball resolvers do not return an integrity (it is only known after the tarball is downloaded), so when such a dependency was reused from the lockfile without being re-fetched, its integrity was lost. It is now carried over from the existing resolution. With pnpm's lockfile-integrity hardening, the missing integrity made subsequent `--frozen-lockfile` installs fail with `ERR_PNPM_MISSING_TARBALL_INTEGRITY`. [#​12001](https://redirect.github.com/pnpm/pnpm/issues/12001). - Skip dependency re-resolution when `pnpm-lock.yaml` is missing but `node_modules/.pnpm/lock.yaml` exists and still satisfies the manifest. `pnpm install` now reuses the materialized snapshot to regenerate `pnpm-lock.yaml` instead of walking the registry to rebuild it from scratch, turning the cache+node\_modules variation into a near-no-op for users who deleted the lockfile but kept the install [#​11993](https://redirect.github.com/pnpm/pnpm/issues/11993). `--frozen-lockfile` still refuses to proceed when `pnpm-lock.yaml` is absent — the regenerated lockfile must be committed, so failing loudly is the correct behavior for CI. </details> <details> <summary>silverwind/rolldown-license-plugin (rolldown-license-plugin)</summary> ### [`v3.0.9`](https://redirect.github.com/silverwind/rolldown-license-plugin/releases/tag/3.0.9) [Compare Source](https://redirect.github.com/silverwind/rolldown-license-plugin/compare/3.0.8...3.0.9) - update deps (silverwind) - make: collapse patch/minor/major into one rule (silverwind) - simplify generateBundle: pair dir+raw, rename shadow, inline single-use const (silverwind) - make update a combination target, split out update-js (silverwind) - add update-actions make target (silverwind) - remove authorship attribution rule from AGENTS.md (silverwind) - docs: use defineConfig in README usage example (silverwind) </details> <details> <summary>typescript-eslint/typescript-eslint (typescript-eslint)</summary> ### [`v8.60.1`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/typescript-eslint/CHANGELOG.md#8601-2026-06-01) [Compare Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.60.0...v8.60.1) This was a version bump only for typescript-eslint to align it with other projects, there were no code changes. See [GitHub Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1) for more information. You can read about our [versioning strategy](https://typescript-eslint.io/users/versioning) and [releases](https://typescript-eslint.io/users/releases) on our website. </details> <details> <summary>silverwind/updates (updates)</summary> ### [`v17.17.3`](https://redirect.github.com/silverwind/updates/releases/tag/17.17.3) [Compare Source](https://redirect.github.com/silverwind/updates/compare/17.17.2...17.17.3) - fix prerelease drop in updateVersionRange and scope regex (silverwind) - fix 1.2.x ranges, docker tag corruption, and per-file cooldown (silverwind) - fix go +incompatible, cargo inline-table, and prerelease selection (silverwind) - fix --pin range parsing, url tag deps, and -s flag docs (silverwind) - make update a combination target, split out update-js (silverwind) - add update-actions make target (silverwind) - remove authorship attribution rule from AGENTS.md (silverwind) </details> <details> <summary>vitejs/vite (vite)</summary> ### [`v8.0.16`](https://redirect.github.com/vitejs/vite/blob/HEAD/packages/vite/CHANGELOG.md#small-8016-2026-06-01-small) [Compare Source](https://redirect.github.com/vitejs/vite/compare/v8.0.15...v8.0.16) ##### Bug Fixes - **deps:** reject UNC paths for launch-editor-middleware ([#​22571](https://redirect.github.com/vitejs/vite/issues/22571)) ([50b9512](https://redirect.github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9)) - reject windows alternate paths ([#​22572](https://redirect.github.com/vitejs/vite/issues/22572)) ([dc245c7](https://redirect.github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546)) ### [`v8.0.15`](https://redirect.github.com/vitejs/vite/blob/HEAD/packages/vite/CHANGELOG.md#small-8015-2026-06-01-small) [Compare Source](https://redirect.github.com/vitejs/vite/compare/v8.0.14...v8.0.15) ##### Features - send 408 on request timeout ([#​22476](https://redirect.github.com/vitejs/vite/issues/22476)) ([c85c9ee](https://redirect.github.com/vitejs/vite/commit/c85c9eeb9aaf41f477b48b057146887bd5620797)) - update rolldown to 1.0.3 ([#​22538](https://redirect.github.com/vitejs/vite/issues/22538)) ([646dbed](https://redirect.github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575)) ##### Bug Fixes - capitalize error messages and remove spurious space in parse error ([#​22488](https://redirect.github.com/vitejs/vite/issues/22488)) ([85a0eff](https://redirect.github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3)) - **deps:** update all non-major dependencies ([#​22511](https://redirect.github.com/vitejs/vite/issues/22511)) ([2686d7d](https://redirect.github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa)) - **dev:** fix html-proxy cache key mismatch for /@​fs/ HTML paths ([#​21762](https://redirect.github.com/vitejs/vite/issues/21762)) ([47c4213](https://redirect.github.com/vitejs/vite/commit/47c4213f134f562c41ed7c031e4788510cf7e31e)) - **glob:** error on relative glob in virtual module when no files match ([#​22497](https://redirect.github.com/vitejs/vite/issues/22497)) ([5c8e98f](https://redirect.github.com/vitejs/vite/commit/5c8e98f8b584ac5d42f0f9b8580c49792213b13c)) - **optimizer:** close the rolldown bundle when write() rejects ([#​22528](https://redirect.github.com/vitejs/vite/issues/22528)) ([e3cfb9d](https://redirect.github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815)) - **resolve:** provide onWarn for viteResolvePlugin in JS plugin containers ([#​22509](https://redirect.github.com/vitejs/vite/issues/22509)) ([40985f1](https://redirect.github.com/vitejs/vite/commit/40985f1c09b7696e594e6c5695fbc315d2da2c83)) ##### Miscellaneous Chores - **deps:** update rolldown-related dependencies ([#​22566](https://redirect.github.com/vitejs/vite/issues/22566)) ([3052a67](https://redirect.github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd)) ##### Code Refactoring - correct logic in `collectAllModules` function ([#​22562](https://redirect.github.com/vitejs/vite/issues/22562)) ([6978a9c](https://redirect.github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c)) </details> <details> <summary>vitest-dev/vitest (vitest)</summary> ### [`v4.1.8`](https://redirect.github.com/vitest-dev/vitest/releases/tag/v4.1.8) [Compare Source](https://redirect.github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8) ##### 🐞 Bug Fixes - **browser**: - Disable client `cdp` API when `allowWrite/allowExec: false` \[backport to v4] - by [@​hi-ogawa](https://redirect.github.com/hi-ogawa) and **Codex** in [#​10450](https://redirect.github.com/vitest-dev/vitest/issues/10450) [<samp>(e4067)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/e4067b3b1) - Remove orphaned Playwright route when same module is mocked via multiple ids \[backport to v4] - by [@​toxik](https://redirect.github.com/toxik) and [@​Zelys-DFKH](https://redirect.github.com/Zelys-DFKH) in [#​10474](https://redirect.github.com/vitest-dev/vitest/issues/10474) [<samp>(675b4)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/675b4343f) ##### [View changes on GitHub](https://redirect.github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8) </details> <details> <summary>vuejs/language-tools (vue-tsc)</summary> ### [`v3.3.3`](https://redirect.github.com/vuejs/language-tools/blob/HEAD/CHANGELOG.md#333-2026-05-30) [Compare Source](https://redirect.github.com/vuejs/language-tools/compare/v3.3.2...v3.3.3) ##### vscode - **fix:** prevent grammar scopes leakage in capitalized tags ([#​6073](https://redirect.github.com/vuejs/language-tools/issues/6073)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** preserve TS auto imports behavior in Vue files ([#​6072](https://redirect.github.com/vuejs/language-tools/issues/6072)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### workspace - **fix:** read PR title from env in `auto-version` workflow to prevent injection ([#​6074](https://redirect.github.com/vuejs/language-tools/issues/6074)) - Thanks to [@​arpitjain099](https://redirect.github.com/arpitjain099)! </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: bircni <bircni@icloud.com> |
||
|
Giteabot
|
6dcae57b54 | chore(deps): update action dependencies (#38027) | ||
|
bircni
|
1c289df6eb |
enhance: Adjust Workflow Graph styling (#37497)
- Fix workflow dependency graph overflow by making the graph container scrollable (no more clipped DAGs; addresses #37493). - Improve Actions job list readability by keeping durations fixed-width/right-aligned so long times don’t squeeze job names. - Make workflow graph layout more intuitive by vertically centering shorter columns to reduce misleading “looks like it depends on” alignments (addresses #37395). ### Screenshot <img width="966" height="439" src="https://github.com/user-attachments/assets/c180c5a2-4f56-4287-bcaa-f2735ba72949" /> <img width="949" height="559" src="https://github.com/user-attachments/assets/a383511d-a962-4920-b792-69f556847eff" /> Fixes #37493 Fixes #37395 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
bircni
|
ea35af1b68 |
fix: bound CODEOWNERS regex match time (#38011)
User-supplied CODEOWNERS patterns were compiled without a match timeout, so a crafted pattern (e.g. (a+)+) against a crafted file path could backtrack for tens of seconds inside the PR creation transaction and exhaust the database connection pool. Set MatchTimeout on each compiled rule; the caller already treats match errors as non-matches. --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
wxiaoguang
|
e2fbfc8730 |
fix: various dropdown problems (#38020)
1. remove legacy onResponseKeepSelectedItem, refactor the code to
dropdown.js
2. make dropdown correctly handle "single selection + remote query + filter"
* fix #38018
3. fix incorrect "transition" class usage for the dropdown dividers
|
||
|
wxiaoguang
|
9bbea90bfe | fix: pgsql lint (#38022) | ||
|
Copilot
|
5fe4f962e8 |
refactor(api): clarify APIError message usage and fix legacy lint error (#38012)
Avoid unclear & fragile "any" tricks, fix various abuses Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
bircni
|
c43eb7c33a |
fix(auth): do not auto-reactivate disabled users on OAuth2 callback (#38009)
The OAuth2 sign-in callback unconditionally set IsActive=true on the local user row whenever the IdP authenticated them, silently undoing an administrator's "Disable Account" action and granting the user a fresh session in the same response. Treat the local IsActive flag as an authoritative admin override: inactive users get a session and are routed through the existing activate / prohibit-login pages by verifyAuthWithOptions, matching the local-credentials sign-in path. Adds an integration regression test that disables a linked local user and asserts the row stays IsActive=false after a full OIDC callback. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
bircni
|
42513398c0 |
fix(lfs): reject unknown SSH LFS sub-verbs to prevent auth bypass (#38008)
An authenticated SSH user could pass a malformed sub-verb (e.g. `git-lfs-authenticate <repo> badverb`) so getAccessMode falls through to AccessModeNone (0). The permission check in routers/private/serv.go then evaluates `userMode < 0` which is always false, granting a valid LFS JWT for any private repository. The HTTP LFS handler only validates the Op claim on writes, so the token works for downloads. Validate the sub-verb in runServ before calling getAccessMode and fail fast for anything other than upload/download. |
||
|
Sandro
|
743bbaa9c2 |
fix: refactor git error handling and make archive streaming handle non-existing commit id (#38007)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
wxiaoguang
|
e88650cfcf |
chore: fix various layout problems (#37983)
Fix various misaligments, fix space between list item bar items, remove deadcode (milestone dashboard) |
||
|
bircni
|
4088d7e241 | fix(ui): keep actions run title intact when subject contains an issue ref (#38005) | ||
|
bircni
|
3659b5acc2 |
ci(workflows): add AgentScan workflow to flag possible AI-assisted PRs (#37962)
This PR adds an automated AgentScan workflow to help detect and handle pull requests that appear to be created or authored primarily by automated agents. - If a PR is classified as `automation` or community-flagged, the workflow: - Adds the `possible bot` label, - Posts a policy comment linking to the repository AI Contribution Policy (`CONTRIBUTING.md#ai-contribution-policy`) and listing required disclosures and checks, - Optionally closes the PR if classification indicates an automated/unwelcome submission. |
||
|
bircni
|
aa63d1583d |
fix(actions): return 404 when job log blob is missing (#38003)
- When the `action_task` row exists but the underlying dbfs/storage blob is gone, `OpenLogs` returns a wrapped `os.ErrNotExist` which surfaces as a 500 on the job logs endpoints. - Translate it to the same `util.NewNotExistErrorf` shape already used for unknown job ids / expired logs, so both the API (`/api/v1/repos/.../actions/jobs/<id>/logs`) and the web download handler return a clean 404 instead. Fixes #37990. |
||
|
GiteaBot
|
7a26d5a2ae | [skip ci] Updated translations via Crowdin | ||
|
wxiaoguang
|
dac41a124f |
fix!: raise git required version to 2.13 (#37996)
format `lstrip=2` is only supported in git >= 2.13 https://git-scm.com/docs/git-for-each-ref/2.13.7 ref: #37994 Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
Alexey Ivanov
|
aaf4b149fa |
chore(deps): upgrade zstd seekable package (#37988)
Upgrade `github.com/SaveTheRbtz/zstd-seekable-format-go/pkg` from `v0.8.3` to `v0.10.0`: https://github.com/SaveTheRbtz/zstd-seekable-format-go/releases/tag/pkg%2Fv0.10.0 This keeps Gitea's seekable zstd wrapper on the stable v0.10 API while preserving the existing public `modules/zstd` API. API migration: - update `SeekableWriter` and `SeekableReader` internals for the concrete `*seekable.Writer` and `*seekable.Reader` types introduced by SaveTheRbtz/zstd-seekable-format-go#264 - update generated dependency metadata after `go mod tidy` removed the now-unused `github.com/google/btree` transitive dependency - no Gitea call sites needed changes because `modules/zstd` still exposes the same constructors and interfaces Validation: - `go test ./modules/zstd` - `make --always-make checks-backend` --------- Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
Harsh Mahajan
|
792fa5eeba |
feat(api): add q parameter to list branches API for server-side filtering (#37982)
The GET /repos/{owner}/{repo}/branches endpoint currently has no way to
filter branches by name server-side, forcing API consumers to paginate
through all branches and filter client-side.
The UI already supports branch search (added in
[#27055](https://github.com/go-gitea/gitea/pull/27055)). The underlying
DB layer has a Keyword field on FindBranchOptions in
models/git/branch_list.go that does a LIKE %keyword% SQL filter, it just
wasn't wired up to the API handler.
This PR exposes a ?q= query parameter on the endpoint that maps to
FindBranchOptions.Keyword.
Example:
```GET /repos/owner/repo/branches?q=feature ```
Closes #37981
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
||
|
Thomas Sayen
|
b2748d7654 |
feat(ui): add "follow rename" to file commit history list (#34994)
Fix #28253 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
TheFox0x7
|
735e940a61 |
fix(oauth2): not respecting claims before second login (#37874)
fixes defect where claims where only applies on login but not during account linking making only the second login take them into account fixes: https://github.com/go-gitea/gitea/issues/32566 |
||
|
Dawid Góra
|
623bb81bb9 |
fix(releases): generate notes for initial tag (#37697)
Fixes https://github.com/go-gitea/gitea/issues/37286 Automatic release notes for the first release in a repository were empty when there was no previous tag. Before this change, the release notes generator used the tag name to build the changelog link, but reused that state for pull request collection. When `PreviousTag` was empty, the PR collection logic did not scan a useful commit range, so merged pull requests were omitted from the generated notes. This pull request fixes that by decoupling the internal PR collection range from the rendered changelog link: - when a previous tag exists, behavior stays unchanged - when no previous tag exists, release notes collect merged pull requests from the full reachable history up to the target tag - the displayed full changelog link for the first release still uses the existing `/commits/tag/{tag}` format Tests were updated to cover: - generating notes for a repository with no previous tags - including merged pull requests before the first tag - preserving existing behavior when a previous tag exists |
||
|
wxiaoguang
|
fbaaac9c14 |
fix: remove "no-transfrom" from the cache-control header (#37985)
Cloudflare has officially removed the "auto-minify" feature https://community.cloudflare.com/t/655677, so we don't need such option anymore. Fix #34521 |
||
|
puni9869
|
79810ba2e3 |
fix: use committer time where ever possible as default (#37969)
Fix https://github.com/go-gitea/gitea/issues/37857 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
Giteabot
|
9619d93e3b |
chore(deps): update action dependencies (#37964)
This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [aws-actions/configure-aws-credentials](https://redirect.github.com/aws-actions/configure-aws-credentials) | action | patch | `v6.1.1` → `v6.1.2` | `v6.1.3` | | [docker/build-push-action](https://redirect.github.com/docker/build-push-action) | action | minor | `v7.1.0` → `v7.2.0` | | | [docker/login-action](https://redirect.github.com/docker/login-action) | action | minor | `v4.1.0` → `v4.2.0` | | | [docker/metadata-action](https://redirect.github.com/docker/metadata-action) | action | minor | `v6.0.0` → `v6.1.0` | | | [docker/setup-buildx-action](https://redirect.github.com/docker/setup-buildx-action) | action | minor | `v4.0.0` → `v4.1.0` | | | [docker/setup-qemu-action](https://redirect.github.com/docker/setup-qemu-action) | action | minor | `v4.0.0` → `v4.1.0` | | | redis | service | digest | `48e78eb` → `e74c9b9` | | --- ### Release Notes <details> <summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary> ### [`v6.1.2`](https://redirect.github.com/aws-actions/configure-aws-credentials/releases/tag/v6.1.2) [Compare Source](https://redirect.github.com/aws-actions/configure-aws-credentials/compare/v6.1.1...v6.1.2) ##### Bug Fixes - additional filesystem checks ([#​1799](https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1799)) ([c39f282](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/c39f282697aca8a78c522ecf1f7da9899a31432c)) </details> <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v7.2.0`](https://redirect.github.com/docker/build-push-action/releases/tag/v7.2.0) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v7.1.0...v7.2.0) - Bump [@​actions/core](https://redirect.github.com/actions/core) from 3.0.0 to 3.0.1 in [#​1525](https://redirect.github.com/docker/build-push-action/pull/1525) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.87.0 to 0.90.0 in [#​1517](https://redirect.github.com/docker/build-push-action/pull/1517) - Bump brace-expansion from 2.0.2 to 5.0.6 in [#​1534](https://redirect.github.com/docker/build-push-action/pull/1534) - Bump fast-xml-builder from 1.1.4 to 1.2.0 in [#​1529](https://redirect.github.com/docker/build-push-action/pull/1529) - Bump fast-xml-parser from 5.5.7 to 5.8.0 in [#​1521](https://redirect.github.com/docker/build-push-action/pull/1521) - Bump postcss from 8.5.6 to 8.5.10 in [#​1526](https://redirect.github.com/docker/build-push-action/pull/1526) - Bump tar from 6.2.1 to 7.5.15 in [#​1533](https://redirect.github.com/docker/build-push-action/pull/1533) **Full Changelog**: <https://github.com/docker/build-push-action/compare/v7.1.0...v7.2.0> </details> <details> <summary>docker/login-action (docker/login-action)</summary> ### [`v4.2.0`](https://redirect.github.com/docker/login-action/releases/tag/v4.2.0) [Compare Source](https://redirect.github.com/docker/login-action/compare/v4.1.0...v4.2.0) - Bump [@​actions/core](https://redirect.github.com/actions/core) from 3.0.0 to 3.0.1 in [#​976](https://redirect.github.com/docker/login-action/pull/976) - Bump [@​aws-sdk/client-ecr](https://redirect.github.com/aws-sdk/client-ecr) and [@​aws-sdk/client-ecr-public](https://redirect.github.com/aws-sdk/client-ecr-public) to 3.1050.0 in [#​960](https://redirect.github.com/docker/login-action/pull/960) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.86.0 to 0.90.0 in [#​970](https://redirect.github.com/docker/login-action/pull/970) - Bump brace-expansion from 2.0.1 to 5.0.6 in [#​993](https://redirect.github.com/docker/login-action/pull/993) - Bump fast-xml-builder from 1.1.4 to 1.2.0 in [#​985](https://redirect.github.com/docker/login-action/pull/985) - Bump fast-xml-parser from 5.3.6 to 5.8.0 in [#​963](https://redirect.github.com/docker/login-action/pull/963) - Bump http-proxy-agent and https-proxy-agent to 9.0.0 in [#​961](https://redirect.github.com/docker/login-action/pull/961) - Bump postcss from 8.5.6 to 8.5.10 in [#​979](https://redirect.github.com/docker/login-action/pull/979) - Bump tar from 6.2.1 to 7.5.15 in [#​991](https://redirect.github.com/docker/login-action/pull/991) - Bump vite from 7.3.1 to 7.3.3 in [#​986](https://redirect.github.com/docker/login-action/pull/986) **Full Changelog**: <https://github.com/docker/login-action/compare/v4.1.0...v4.2.0> </details> <details> <summary>docker/metadata-action (docker/metadata-action)</summary> ### [`v6.1.0`](https://redirect.github.com/docker/metadata-action/releases/tag/v6.1.0) [Compare Source](https://redirect.github.com/docker/metadata-action/compare/v6...v6.1.0) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.79.0 to 0.90.0 in [#​613](https://redirect.github.com/docker/metadata-action/pull/613) - Bump brace-expansion from 1.1.12 to 5.0.6 in [#​658](https://redirect.github.com/docker/metadata-action/pull/658) [#​630](https://redirect.github.com/docker/metadata-action/pull/630) - Bump csv-parse from 6.1.0 to 6.2.1 in [#​617](https://redirect.github.com/docker/metadata-action/pull/617) - Bump fast-xml-parser from 5.4.2 to 5.8.0 in [#​620](https://redirect.github.com/docker/metadata-action/pull/620) - Bump flatted from 3.3.3 to 3.4.2 in [#​623](https://redirect.github.com/docker/metadata-action/pull/623) - Bump glob from 10.3.15 to 10.5.0 in [#​621](https://redirect.github.com/docker/metadata-action/pull/621) - Bump handlebars from 4.7.8 to 4.7.9 in [#​629](https://redirect.github.com/docker/metadata-action/pull/629) - Bump lodash from 4.17.23 to 4.18.1 in [#​639](https://redirect.github.com/docker/metadata-action/pull/639) - Bump moment-timezone from 0.6.0 to 0.6.1 in [#​619](https://redirect.github.com/docker/metadata-action/pull/619) - Bump picomatch from 4.0.3 to 4.0.4 in [#​626](https://redirect.github.com/docker/metadata-action/pull/626) - Bump postcss from 8.5.6 to 8.5.10 in [#​649](https://redirect.github.com/docker/metadata-action/pull/649) - Bump tar from 6.2.1 to 7.5.15 in [#​657](https://redirect.github.com/docker/metadata-action/pull/657) - Bump undici from 6.23.0 to 6.25.0 in [#​614](https://redirect.github.com/docker/metadata-action/pull/614) - Bump vite from 7.3.1 to 7.3.2 in [#​637](https://redirect.github.com/docker/metadata-action/pull/637) **Full Changelog**: <https://github.com/docker/metadata-action/compare/v6.0.0...v6.1.0> </details> <details> <summary>docker/setup-buildx-action (docker/setup-buildx-action)</summary> ### [`v4.1.0`](https://redirect.github.com/docker/setup-buildx-action/releases/tag/v4.1.0) [Compare Source](https://redirect.github.com/docker/setup-buildx-action/compare/v4...v4.1.0) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.79.0 to 0.90.0 in [#​489](https://redirect.github.com/docker/setup-buildx-action/pull/489) - Bump brace-expansion from 1.1.12 to 5.0.6 in [#​547](https://redirect.github.com/docker/setup-buildx-action/pull/547) [#​508](https://redirect.github.com/docker/setup-buildx-action/pull/508) - Bump fast-xml-builder from 1.0.0 to 1.2.0 in [#​540](https://redirect.github.com/docker/setup-buildx-action/pull/540) - Bump fast-xml-parser from 5.4.2 to 5.8.0 in [#​496](https://redirect.github.com/docker/setup-buildx-action/pull/496) - Bump flatted from 3.3.3 to 3.4.2 in [#​499](https://redirect.github.com/docker/setup-buildx-action/pull/499) - Bump glob from 10.3.12 to 13.0.6 in [#​495](https://redirect.github.com/docker/setup-buildx-action/pull/495) - Bump handlebars from 4.7.8 to 4.7.9 in [#​504](https://redirect.github.com/docker/setup-buildx-action/pull/504) - Bump lodash from 4.17.23 to 4.18.1 in [#​523](https://redirect.github.com/docker/setup-buildx-action/pull/523) - Bump picomatch from 4.0.3 to 4.0.4 in [#​503](https://redirect.github.com/docker/setup-buildx-action/pull/503) - Bump postcss from 8.5.6 to 8.5.10 in [#​537](https://redirect.github.com/docker/setup-buildx-action/pull/537) - Bump tar from 6.2.1 to 7.5.15 in [#​545](https://redirect.github.com/docker/setup-buildx-action/pull/545) - Bump undici from 6.23.0 to 6.25.0 in [#​492](https://redirect.github.com/docker/setup-buildx-action/pull/492) - Bump vite from 7.3.1 to 7.3.2 in [#​520](https://redirect.github.com/docker/setup-buildx-action/pull/520) **Full Changelog**: <https://github.com/docker/setup-buildx-action/compare/v4.0.0...v4.1.0> </details> <details> <summary>docker/setup-qemu-action (docker/setup-qemu-action)</summary> ### [`v4.1.0`](https://redirect.github.com/docker/setup-qemu-action/releases/tag/v4.1.0) [Compare Source](https://redirect.github.com/docker/setup-qemu-action/compare/v4...v4.1.0) - Add `reset` input to uninstall current emulators by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​21](https://redirect.github.com/docker/setup-qemu-action/pull/21) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.77.0 to 0.91.0 in [#​250](https://redirect.github.com/docker/setup-qemu-action/pull/250) [#​247](https://redirect.github.com/docker/setup-qemu-action/pull/247) - Bump brace-expansion from 1.1.12 to 1.1.15 in [#​265](https://redirect.github.com/docker/setup-qemu-action/pull/265) - Bump fast-xml-builder from 1.0.0 to 1.2.0 in [#​286](https://redirect.github.com/docker/setup-qemu-action/pull/286) - Bump fast-xml-parser from 5.4.2 to 5.8.0 in [#​255](https://redirect.github.com/docker/setup-qemu-action/pull/255) - Bump flatted from 3.3.3 to 3.4.2 in [#​257](https://redirect.github.com/docker/setup-qemu-action/pull/257) - Bump glob from 10.3.15 to 10.5.0 in [#​254](https://redirect.github.com/docker/setup-qemu-action/pull/254) - Bump handlebars from 4.7.8 to 4.7.9 in [#​262](https://redirect.github.com/docker/setup-qemu-action/pull/262) - Bump lodash from 4.17.23 to 4.18.1 in [#​273](https://redirect.github.com/docker/setup-qemu-action/pull/273) - Bump postcss from 8.5.6 to 8.5.10 in [#​285](https://redirect.github.com/docker/setup-qemu-action/pull/285) - Bump tar from 6.2.1 to 7.5.15 in [#​287](https://redirect.github.com/docker/setup-qemu-action/pull/287) - Bump tmp from 0.2.5 to 0.2.6 in [#​291](https://redirect.github.com/docker/setup-qemu-action/pull/291) - Bump undici from 6.23.0 to 6.26.0 in [#​251](https://redirect.github.com/docker/setup-qemu-action/pull/251) - Bump vite from 7.3.1 to 7.3.2 in [#​271](https://redirect.github.com/docker/setup-qemu-action/pull/271) **Full Changelog**: <https://github.com/docker/setup-qemu-action/compare/v4.0.0...v4.1.0> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: silverwind <me@silverwind.io> |
||
|
Giteabot
|
798578115b |
fix(deps): update npm dependencies, remove nolyfill (#37968)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[@eslint-community/eslint-plugin-eslint-comments](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments)
| [`4.7.1` →
`4.7.2`](https://renovatebot.com/diffs/npm/@eslint-community%2feslint-plugin-eslint-comments/4.7.1/4.7.2)
|
|
|
| [@primer/octicons](https://primer.style/octicons)
([source](https://redirect.github.com/primer/octicons)) | [`19.26.0` →
`19.27.0`](https://renovatebot.com/diffs/npm/@primer%2focticons/19.26.0/19.27.0)
|
|
|
|
[@typescript-eslint/parser](https://typescript-eslint.io/packages/parser)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser))
| [`8.59.4` →
`8.60.0`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.59.4/8.60.0)
|
|
|
|
[@vitest/eslint-plugin](https://redirect.github.com/vitest-dev/eslint-plugin-vitest)
| [`1.6.17` →
`1.6.18`](https://renovatebot.com/diffs/npm/@vitest%2feslint-plugin/1.6.17/1.6.18)
|
|
|
| [dayjs](https://day.js.org)
([source](https://redirect.github.com/iamkun/dayjs)) | [`1.11.20` →
`1.11.21`](https://renovatebot.com/diffs/npm/dayjs/1.11.20/1.11.21) |
|
|
| [katex](https://katex.org)
([source](https://redirect.github.com/KaTeX/KaTeX)) | [`0.16.47` →
`0.17.0`](https://renovatebot.com/diffs/npm/katex/0.16.47/0.17.0) |
|
|
|
[material-icon-theme](https://redirect.github.com/material-extensions/vscode-material-icon-theme/blob/main/README.md)
([source](https://redirect.github.com/material-extensions/vscode-material-icon-theme))
| [`5.34.0` →
`5.35.0`](https://renovatebot.com/diffs/npm/material-icon-theme/5.34.0/5.35.0)
|
|
|
| [pnpm](https://pnpm.io)
([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) |
[`11.2.1` →
`11.4.0`](https://renovatebot.com/diffs/npm/pnpm/11.2.1/11.4.0) |
|
|
|
[rolldown-license-plugin](https://redirect.github.com/silverwind/rolldown-license-plugin)
| [`3.0.7` →
`3.0.8`](https://renovatebot.com/diffs/npm/rolldown-license-plugin/3.0.7/3.0.8)
|
|
|
|
[typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint))
| [`8.59.4` →
`8.60.0`](https://renovatebot.com/diffs/npm/typescript-eslint/8.59.4/8.60.0)
|
|
|
| [updates](https://redirect.github.com/silverwind/updates) |
[`17.16.13` →
`17.17.2`](https://renovatebot.com/diffs/npm/updates/17.16.13/17.17.2) |
|
|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`8.0.13` →
`8.0.14`](https://renovatebot.com/diffs/npm/vite/8.0.13/8.0.14) |
|
|
| [vue](https://vuejs.org/)
([source](https://redirect.github.com/vuejs/core)) | [`3.5.34` →
`3.5.35`](https://renovatebot.com/diffs/npm/vue/3.5.34/3.5.35) |
|
|
| [vue-tsc](https://redirect.github.com/vuejs/language-tools)
([source](https://redirect.github.com/vuejs/language-tools/tree/HEAD/packages/tsc))
| [`3.3.1` →
`3.3.2`](https://renovatebot.com/diffs/npm/vue-tsc/3.3.1/3.3.2) |
|
|
---
### Release Notes
<details>
<summary>eslint-community/eslint-plugin-eslint-comments
(@​eslint-community/eslint-plugin-eslint-comments)</summary>
###
[`v4.7.2`](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/releases/tag/v4.7.2)
[Compare
Source](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/compare/v4.7.1...v4.7.2)
##### Bug Fixes
- **deps:** pin `modern-monaco` version to 0.4.0
([#​320](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/issues/320))
([62a2c3a](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/commit/62a2c3a4ee304a8383f170369c9999198d9bdac8))
- **docs:** use `modern-monaco` instead of `monaco-editor`
([#​311](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/issues/311))
([42919d0](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/commit/42919d06d8a221e061de3ec98e35bf508ea2b5d2))
</details>
<details>
<summary>primer/octicons (@​primer/octicons)</summary>
###
[`v19.27.0`](https://redirect.github.com/primer/octicons/blob/HEAD/CHANGELOG.md#19270)
[Compare
Source](https://redirect.github.com/primer/octicons/compare/v19.26.0...v19.27.0)
##### Minor Changes
- [#​1203](https://redirect.github.com/primer/octicons/pull/1203)
[`a69618e4`](https://redirect.github.com/primer/octicons/commit/a69618e4b64988784c9c0a06bbf809a3fa343642)
Thanks [@​ericwbailey](https://redirect.github.com/ericwbailey)! -
Add flag icon
##### Patch Changes
- [#​1212](https://redirect.github.com/primer/octicons/pull/1212)
[`02bd1ef8`](https://redirect.github.com/primer/octicons/commit/02bd1ef8d15abffaa45be8e00c5fbc896e276c54)
Thanks [@​ericwbailey](https://redirect.github.com/ericwbailey)! -
remove hardcoded fill from flag icon
</details>
<details>
<summary>typescript-eslint/typescript-eslint
(@​typescript-eslint/parser)</summary>
###
[`v8.60.0`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#8600-2026-05-25)
[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.4...v8.60.0)
This was a version bump only for parser to align it with other projects,
there were no code changes.
See [GitHub
Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0)
for more information.
You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.
</details>
<details>
<summary>vitest-dev/eslint-plugin-vitest
(@​vitest/eslint-plugin)</summary>
###
[`v1.6.18`](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/releases/tag/v1.6.18)
[Compare
Source](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.17...v1.6.18)
##### 🐞 Bug Fixes
- Correct `requiresTypeChecking` metadata for four rules - by
[@​inglec-arista](https://redirect.github.com/inglec-arista) in
[#​905](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/issues/905)
[<samp>(e06a3)</samp>](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/commit/e06a3dc)
##### [View changes on
GitHub](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.17...v1.6.18)
</details>
<details>
<summary>iamkun/dayjs (dayjs)</summary>
###
[`v1.11.21`](https://redirect.github.com/iamkun/dayjs/blob/HEAD/CHANGELOG.md#11121-2026-05-26)
[Compare
Source](https://redirect.github.com/iamkun/dayjs/compare/v1.11.20...v1.11.21)
##### Bug Fixes
- preserve unsupported year tokens in format
([#​3015](https://redirect.github.com/iamkun/dayjs/issues/3015))
([#​3016](https://redirect.github.com/iamkun/dayjs/issues/3016))
([8fda602](https://redirect.github.com/iamkun/dayjs/commit/8fda602beac5abbc64230ddc49085aa532320f26))
</details>
<details>
<summary>KaTeX/KaTeX (katex)</summary>
###
[`v0.17.0`](https://redirect.github.com/KaTeX/KaTeX/blob/HEAD/CHANGELOG.md#0170-2026-05-22)
[Compare
Source](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.47...v0.17.0)
##### Performance Improvements
- simplify `defineFunction` to avoid destructuring, improve typing
([#​4222](https://redirect.github.com/KaTeX/KaTeX/issues/4222))
([fb604e6](https://redirect.github.com/KaTeX/KaTeX/commit/fb604e6ba63e99809e242d37f9c8359209d55431))
##### BREAKING CHANGES
- The internal API for `__defineFunction` changed: you should no longer
wrap properties in `props`.
####
[0.16.47](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.46...v0.16.47)
(2026-05-16)
##### Bug Fixes
- correct size of `[` big delimiter
([#​4217](https://redirect.github.com/KaTeX/KaTeX/issues/4217))
([7ba0027](https://redirect.github.com/KaTeX/KaTeX/commit/7ba0027d2f04abddd3b215362f867ab8260b09d7)),
closes
[#​4215](https://redirect.github.com/KaTeX/KaTeX/issues/4215)
####
[0.16.46](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.45...v0.16.46)
(2026-05-13)
##### Bug Fixes
- preserve math font in some styling commands
([#​4214](https://redirect.github.com/KaTeX/KaTeX/issues/4214))
([e9ee046](https://redirect.github.com/KaTeX/KaTeX/commit/e9ee0464ddb31da9bf9649eeb70e52236e7a974a)),
closes
[#​4213](https://redirect.github.com/KaTeX/KaTeX/issues/4213)
####
[0.16.45](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.44...v0.16.45)
(2026-04-05)
##### Bug Fixes
- wrap vcenter mpadded in mrow for valid MathML
([#​4193](https://redirect.github.com/KaTeX/KaTeX/issues/4193))
([ee66b78](https://redirect.github.com/KaTeX/KaTeX/commit/ee66b78d24340edbbd05b08a4a429ce9ed158b25)),
closes
[#​4078](https://redirect.github.com/KaTeX/KaTeX/issues/4078)
####
[0.16.44](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44)
(2026-03-27)
##### Bug Fixes
- remove extra \jot space at bottom of align/gather/etc.
([#​4184](https://redirect.github.com/KaTeX/KaTeX/issues/4184))
([3870ee9](https://redirect.github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62))
####
[0.16.43](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43)
(2026-03-26)
##### Bug Fixes
- use makeEm() consistently to truncate long CSS decimals
([#​4181](https://redirect.github.com/KaTeX/KaTeX/issues/4181))
([0967dcc](https://redirect.github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd))
####
[0.16.42](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42)
(2026-03-24)
##### Features
- \underbracket and \overbracket
([#​4147](https://redirect.github.com/KaTeX/KaTeX/issues/4147))
([5be9abb](https://redirect.github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc))
####
[0.16.41](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41)
(2026-03-24)
##### Bug Fixes
- \sout in text mode
([#​4173](https://redirect.github.com/KaTeX/KaTeX/issues/4173))
([e748578](https://redirect.github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a))
####
[0.16.40](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40)
(2026-03-20)
##### Bug Fixes
- **css:** specify position: relative for .katex
([#​4170](https://redirect.github.com/KaTeX/KaTeX/issues/4170))
([020f0d8](https://redirect.github.com/KaTeX/KaTeX/commit/020f0d89567d59229bac5fc8d8f5832a9508a85f))
####
[0.16.39](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39)
(2026-03-19)
##### Bug Fixes
- middle dot in text mode
([#​4169](https://redirect.github.com/KaTeX/KaTeX/issues/4169))
([edb45b0](https://redirect.github.com/KaTeX/KaTeX/commit/edb45b0b17c7b33349ce5142fe39156da05cb4d8)),
closes
[#​3641](https://redirect.github.com/KaTeX/KaTeX/issues/3641)
####
[0.16.38](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38)
(2026-03-08)
##### Bug Fixes
- accent skew mixed with font specifiers
([#​4159](https://redirect.github.com/KaTeX/KaTeX/issues/4159))
([aea3375](https://redirect.github.com/KaTeX/KaTeX/commit/aea33758d6c98896017007d0244885301773856a)),
closes
[#​4121](https://redirect.github.com/KaTeX/KaTeX/issues/4121)
####
[0.16.37](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.36...v0.16.37)
(2026-03-06)
##### Bug Fixes
- negative-width `\hphantom` and symmetric `\smash`
([#​4153](https://redirect.github.com/KaTeX/KaTeX/issues/4153))
([d4799ca](https://redirect.github.com/KaTeX/KaTeX/commit/d4799cae585d909e2a4e3dedbebdc2f142998ca9))
####
[0.16.36](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.35...v0.16.36)
(2026-03-06)
##### Bug Fixes
- contrib esm bloat
([#​4157](https://redirect.github.com/KaTeX/KaTeX/issues/4157))
([2bde1ad](https://redirect.github.com/KaTeX/KaTeX/commit/2bde1adab2a23f61519145923329c915b04d4778))
####
[0.16.35](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.34...v0.16.35)
(2026-03-05)
##### Bug Fixes
- version number regression
([#​4155](https://redirect.github.com/KaTeX/KaTeX/issues/4155))
([db26b73](https://redirect.github.com/KaTeX/KaTeX/commit/db26b733805f2d0d71e82596475b313c8706557e))
####
[0.16.34](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.33...v0.16.34)
(2026-03-05)
##### Bug Fixes
- emoji with variation selector
([#​4151](https://redirect.github.com/KaTeX/KaTeX/issues/4151))
([c2606e5](https://redirect.github.com/KaTeX/KaTeX/commit/c2606e5db91ae199ee1ff0c8c2f7f9f70fcf589b))
####
[0.16.33](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.32...v0.16.33)
(2026-02-23)
##### Bug Fixes
- **scss:** forward variables to fonts module
([#​4146](https://redirect.github.com/KaTeX/KaTeX/issues/4146))
([9349a64](https://redirect.github.com/KaTeX/KaTeX/commit/9349a64a051ca408da713baf061e32ade80ed22a))
####
[0.16.32](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.31...v0.16.32)
(2026-02-22)
##### Bug Fixes
- italic separation in \mathnormal
([#​4143](https://redirect.github.com/KaTeX/KaTeX/issues/4143))
([71305a0](https://redirect.github.com/KaTeX/KaTeX/commit/71305a05140ca6203092bfdc14f689168b26ab8c))
####
[0.16.31](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.30...v0.16.31)
(2026-02-22)
##### Bug Fixes
- `\*frac` sizing
([#​4137](https://redirect.github.com/KaTeX/KaTeX/issues/4137))
([ef51f18](https://redirect.github.com/KaTeX/KaTeX/commit/ef51f18ded4ab9ba54ba750f2866241c4676c41c))
####
[0.16.30](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.29...v0.16.30)
(2026-02-22)
##### Bug Fixes
- no line breaks after `\not`
([#​4140](https://redirect.github.com/KaTeX/KaTeX/issues/4140))
([2d1ba86](https://redirect.github.com/KaTeX/KaTeX/commit/2d1ba86143bd45540d5a773cfa456081318f3f33))
####
[0.16.29](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.28...v0.16.29)
(2026-02-22)
##### Bug Fixes
- `\imath` and other `\html@mathml` macros in arguments
([#​4139](https://redirect.github.com/KaTeX/KaTeX/issues/4139))
([a850cce](https://redirect.github.com/KaTeX/KaTeX/commit/a850cce7ccbf95a0b187313d1e54d8d40dfc7273))
####
[0.16.28](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.27...v0.16.28)
(2026-01-25)
##### Bug Fixes
- **type:** add missing types definition path to package.json
([#​4125](https://redirect.github.com/KaTeX/KaTeX/issues/4125))
([0ef8921](https://redirect.github.com/KaTeX/KaTeX/commit/0ef8921d189346b0ff8f84a77f7f552349b76893))
####
[0.16.27](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.26...v0.16.27)
(2025-12-07)
##### Features
- support equals sign and surrounding whitespace in \htmlData attribute
values
([#​4112](https://redirect.github.com/KaTeX/KaTeX/issues/4112))
([c77aaec](https://redirect.github.com/KaTeX/KaTeX/commit/c77aaec00c766f5bb02e332a1dc416b82a65fe8f))
####
[0.16.26](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.25...v0.16.26)
(2025-12-07)
##### Bug Fixes
- \mathop followed by integral symbol
([6fbad18](https://redirect.github.com/KaTeX/KaTeX/commit/6fbad18857351e4d2a88ed3e3348bd76caad9be3))
####
[0.16.25](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.24...v0.16.25)
(2025-10-13)
##### Features
- **css:** provide `katex-swap.css` that uses `font-display: swap`
([#​3940](https://redirect.github.com/KaTeX/KaTeX/issues/3940))
([b3f9ce6](https://redirect.github.com/KaTeX/KaTeX/commit/b3f9ce691e89a52dea7ec8f10cc6ed4ddc8fc161)),
closes
[#​2242](https://redirect.github.com/KaTeX/KaTeX/issues/2242)
####
[0.16.24](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.23...v0.16.24)
(2025-10-12)
##### Features
- support hex colors with alpha
([#​4090](https://redirect.github.com/KaTeX/KaTeX/issues/4090))
([8c9b306](https://redirect.github.com/KaTeX/KaTeX/commit/8c9b3063965acc0d6e6a0b6df4d051169de9e1a9)),
closes
[#​4067](https://redirect.github.com/KaTeX/KaTeX/issues/4067)
[#fA6](https://redirect.github.com/KaTeX/KaTeX/issues/fA6)
[#fA6f1](https://redirect.github.com/KaTeX/KaTeX/issues/fA6f1)
####
[0.16.23](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.22...v0.16.23)
(2025-10-03)
##### Bug Fixes
- Support `\def` with arguments via `macros` option
([#​4087](https://redirect.github.com/KaTeX/KaTeX/issues/4087))
([80a8158](https://redirect.github.com/KaTeX/KaTeX/commit/80a815856a8c26d78b3669e9c05fff00efe82247))
####
[0.16.22](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.21...v0.16.22)
(2025-04-09)
##### Bug Fixes
- \relax in base or exponent of super/subscript
([#​4045](https://redirect.github.com/KaTeX/KaTeX/issues/4045))
([1f43c84](https://redirect.github.com/KaTeX/KaTeX/commit/1f43c84a175fb689f8c8d1d72b1e8b896a8b43d1))
####
[0.16.21](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.20...v0.16.21)
(2025-01-17)
##### Bug Fixes
- escape \htmlData attribute name
([57914ad](https://redirect.github.com/KaTeX/KaTeX/commit/57914ad91eff401357f44bf364b136d37eba04f8))
####
[0.16.20](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.19...v0.16.20)
(2025-01-12)
##### Bug Fixes
- \providecommand does not overwrite existing macro
([#​4000](https://redirect.github.com/KaTeX/KaTeX/issues/4000))
([6d30fe4](https://redirect.github.com/KaTeX/KaTeX/commit/6d30fe47b06f9da9b836fe518d5cbbecf6a6a3a1)),
closes
[#​3928](https://redirect.github.com/KaTeX/KaTeX/issues/3928)
####
[0.16.19](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.18...v0.16.19)
(2024-12-29)
##### Bug Fixes
- **types:** improve `strict` function type
([#​4009](https://redirect.github.com/KaTeX/KaTeX/issues/4009))
([4228b4e](https://redirect.github.com/KaTeX/KaTeX/commit/4228b4eb529b8e35def66cc6e4fa467383b98c86))
####
[0.16.18](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.17...v0.16.18)
(2024-12-18)
##### Bug Fixes
- Actually publish TypeScript type definitions
([#​4008](https://redirect.github.com/KaTeX/KaTeX/issues/4008))
([629b873](https://redirect.github.com/KaTeX/KaTeX/commit/629b87354fdfc04a3769f09b69f6bbadebcb9ae8))
####
[0.16.17](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.16...v0.16.17)
(2024-12-17)
##### Bug Fixes
- MathML combines multidigit numbers with sup/subscript, comma
separators, and multicharacter text when outputting to DOM
([#​3999](https://redirect.github.com/KaTeX/KaTeX/issues/3999))
([7d79e22](https://redirect.github.com/KaTeX/KaTeX/commit/7d79e220f465c42d4334dc95f1c41e333667e168)),
closes
[#​3995](https://redirect.github.com/KaTeX/KaTeX/issues/3995)
####
[0.16.16](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.15...v0.16.16)
(2024-12-17)
##### Features
- ESM exports, TypeScript types
([#​3992](https://redirect.github.com/KaTeX/KaTeX/issues/3992))
([ea9c173](https://redirect.github.com/KaTeX/KaTeX/commit/ea9c173a0de953b49b2ce5d131e88b785f5dffa1))
####
[0.16.15](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.14...v0.16.15)
(2024-12-09)
##### Features
- italic sans-serif in math mode via `\mathsfit` command
([#​3998](https://redirect.github.com/KaTeX/KaTeX/issues/3998))
([2218901](https://redirect.github.com/KaTeX/KaTeX/commit/22189018b63c9312ec4ad126804514a7390d60b5))
####
[0.16.14](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.13...v0.16.14)
(2024-12-08)
##### Features
- \dddot and \ddddot support
([#​3834](https://redirect.github.com/KaTeX/KaTeX/issues/3834))
([bda35cd](https://redirect.github.com/KaTeX/KaTeX/commit/bda35cdb0a6bbbc52dd27c79e4d984688be3b745)),
closes
[#​2744](https://redirect.github.com/KaTeX/KaTeX/issues/2744)
####
[0.16.13](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.12...v0.16.13)
(2024-12-08)
##### Bug Fixes
- `\vdots` and `\rule` support in text mode
([#​3997](https://redirect.github.com/KaTeX/KaTeX/issues/3997))
([0e08352](https://redirect.github.com/KaTeX/KaTeX/commit/0e0835262345d991df61a435800a16b069a4d5c7)),
closes
[#​3990](https://redirect.github.com/KaTeX/KaTeX/issues/3990)
####
[0.16.12](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.11...v0.16.12)
(2024-12-08)
##### Features
- **css:** configurable margin for display math
([#​3638](https://redirect.github.com/KaTeX/KaTeX/issues/3638))
([3405001](https://redirect.github.com/KaTeX/KaTeX/commit/3405001225b8ee0cf8b35b2e3a6c1fa2191e5fef))
####
[0.16.11](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.10...v0.16.11)
(2024-07-02)
##### Features
- add \emph
([#​3963](https://redirect.github.com/KaTeX/KaTeX/issues/3963))
([9f34da4](https://redirect.github.com/KaTeX/KaTeX/commit/9f34da4b3cf228a7af8134c394394d780a089f2b)),
closes
[#​3566](https://redirect.github.com/KaTeX/KaTeX/issues/3566)
####
[0.16.10](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.9...v0.16.10)
(2024-03-24)
##### Bug Fixes
- \edef bypassing maxExpand via exponential blowup
([e88b4c3](https://redirect.github.com/KaTeX/KaTeX/commit/e88b4c357f978b1bca8edfe3297f0aa309bcbe34))
- escape \includegraphics src and alt
([c5897fc](https://redirect.github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770))
- force protocol to be lowercase for better protocol filtering
([fc5af64](https://redirect.github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de)),
closes
[/datatracker.ietf.org/doc/html/rfc3986#section-3](https://redirect.github.com//datatracker.ietf.org/doc/html/rfc3986/issues/section-3)
- maxExpand limit with Unicode sub/superscripts
([085e21b](https://redirect.github.com/KaTeX/KaTeX/commit/085e21b5da05414efefa932570e7201a7c70e5b2))
####
[0.16.9](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.8...v0.16.9)
(2023-10-02)
##### Features
- Support bold Fraktur
([#​3777](https://redirect.github.com/KaTeX/KaTeX/issues/3777))
([
|
||
|
Giteabot
|
ab2a72fe04 |
fix(deps): update module github.com/google/go-github/v87 to v88 (#37971)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/google/go-github/v87](https://redirect.github.com/google/go-github) | `v87.0.0` → `v88.0.0` |  |  | --- ### Release Notes <details> <summary>google/go-github (github.com/google/go-github/v87)</summary> ### [`v88.0.0`](https://redirect.github.com/google/go-github/releases/tag/v88.0.0) [Compare Source](https://redirect.github.com/google/go-github/compare/v87.0.0...v88.0.0) This release contains the following breaking API changes: - refactor!: Change app installation `Find*` methods to `Get*` ([#​4243](https://redirect.github.com/google/go-github/issues/4243)) BREAKING CHANGE: App installation methods are renamed from `Find*` to `Get*`. ...and the following additional changes: - chore: Bump version of go-github to v88.0.0 ([#​4245](https://redirect.github.com/google/go-github/issues/4245)) - chore: Update `openapi_operations.yaml` ([#​4242](https://redirect.github.com/google/go-github/issues/4242)) - feat: Add support for setting client URLs ([#​4240](https://redirect.github.com/google/go-github/issues/4240)) - refactor: Add constants for API versions ([#​4236](https://redirect.github.com/google/go-github/issues/4236)) - docs: Formatting and punctuation changes ([#​4235](https://redirect.github.com/google/go-github/issues/4235)) - feat: Add `GetParentIssue` for sub-issues ([#​4232](https://redirect.github.com/google/go-github/issues/4232)) - chore: Bump go-github from v86 to v87 in /scrape ([#​4234](https://redirect.github.com/google/go-github/issues/4234)) </details> --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
Giteabot
|
9aa4e897e7 |
chore(deps): update tool dependencies (#37965)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/air-verse/air](https://redirect.github.com/air-verse/air) | `v1.65.2` → `v1.65.3` |  |  | | [github.com/editorconfig-checker/editorconfig-checker/v3](https://redirect.github.com/editorconfig-checker/editorconfig-checker) | `v3.6.1` → `v3.7.0` |  |  | --- ### Release Notes <details> <summary>air-verse/air (github.com/air-verse/air)</summary> ### [`v1.65.3`](https://redirect.github.com/air-verse/air/releases/tag/v1.65.3) [Compare Source](https://redirect.github.com/air-verse/air/compare/v1.65.2...v1.65.3) ##### What's Changed - Extend stale workflow timeout by [@​xiantang](https://redirect.github.com/xiantang) in [#​903](https://redirect.github.com/air-verse/air/pull/903) - Increase stale workflow operation limit by [@​xiantang](https://redirect.github.com/xiantang) in [#​904](https://redirect.github.com/air-verse/air/pull/904) - Add review guidelines for coding agents by [@​xiantang](https://redirect.github.com/xiantang) in [#​905](https://redirect.github.com/air-verse/air/pull/905) - Add configurable color output mode by [@​xiantang](https://redirect.github.com/xiantang) in [#​907](https://redirect.github.com/air-verse/air/pull/907) - fix: rewatch files after atomic saves by [@​xiantang](https://redirect.github.com/xiantang) in [#​908](https://redirect.github.com/air-verse/air/pull/908) - follow-up: fix watcher recovery after atomic saves by [@​xiantang](https://redirect.github.com/xiantang) in [#​909](https://redirect.github.com/air-verse/air/pull/909) - Accept .config/air.toml by [@​bersace](https://redirect.github.com/bersace) in [#​716](https://redirect.github.com/air-verse/air/pull/716) - fix: keep built binary after app shutdown by [@​mariusvniekerk](https://redirect.github.com/mariusvniekerk) in [#​911](https://redirect.github.com/air-verse/air/pull/911) ##### New Contributors - [@​bersace](https://redirect.github.com/bersace) made their first contribution in [#​716](https://redirect.github.com/air-verse/air/pull/716) **Full Changelog**: <https://github.com/air-verse/air/compare/v1.65.2...v1.65.3> </details> <details> <summary>editorconfig-checker/editorconfig-checker (github.com/editorconfig-checker/editorconfig-checker/v3)</summary> ### [`v3.7.0`](https://redirect.github.com/editorconfig-checker/editorconfig-checker/releases/tag/v3.7.0) [Compare Source](https://redirect.github.com/editorconfig-checker/editorconfig-checker/compare/v3.6.1...v3.7.0) ##### Features - **files:** expand glob patterns in passed-file args ([#​190](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/190)) ([#​558](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/558)) ([4c0f326](https://redirect.github.com/editorconfig-checker/editorconfig-checker/commit/4c0f326cfa71fb0dd80c0c71b1844b2550ed799e)) ##### Bug Fixes - **cli:** auto-enable no-color when output format is github-actions ([#​557](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/557)) ([9f4014c](https://redirect.github.com/editorconfig-checker/editorconfig-checker/commit/9f4014ce0944f601472e5cbfaec31f711890c780)) - detect binary files before decoding to prevent false text ([#​550](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/550)) ([f47b30c](https://redirect.github.com/editorconfig-checker/editorconfig-checker/commit/f47b30c96713107bc4fe0b7a05e79a293c4874dd)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
wxiaoguang
|
85f563da6c | chore: various frontend changes (#37973) | ||
|
Lunny Xiao
|
689ace1ce2 |
feat(orgs): Add search bar for organization members tab page (#37347)
Resolve #37072 <img width="1312" height="186" alt="image" src="https://github.com/user-attachments/assets/3ca9eddb-9230-4b0d-992f-5b19e475e267" /> --------- Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: bircni <bircni@icloud.com> |
||
|
TheFox0x7
|
9155a81b9d |
docs: mark openapi3 as autogenerated in attributes (#37963)
Change from Co-Authored by trailer to Assisted-By and explicitly forbid LLMs from signing off on commits. --------- Signed-off-by: bircni <bircni@icloud.com> Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: bircni <bircni@icloud.com> Co-authored-by: silverwind <me@silverwind.io> |
||
|
GiteaBot
|
5c084c883c | [skip ci] Updated translations via Crowdin | ||
|
silverwind
|
a39b2775ed |
test: speed up two tests (#37905)
Two test-only changes that cut the `-race` backend unit job's critical path, with no behavior change. - **`modules/auth/password/hash`** — `TestHashing`/`TestVectors` exercised the CPU-bound KDFs (scrypt `N=65536`, pbkdf2, bcrypt, argon2) serially on one core. Marking the subtests `t.Parallel()` fans them across cores. The hasher registry they read is only mutated by the non-parallel `Test_registerHasher`, so this is race-free. - **`services/release`** — `TestRelease_Update`/`TestRelease_createTag` slept `6x time.Sleep(2s)` only to cross the 1-second `CreatedUnix` boundary. Replaced with an advancing mocked clock (`timeutil.MockSet`), making the timestamp assertions deterministic and removing the real waits. --- This PR was written with the help of Claude Opus 4.8 Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
silverwind
|
d0eba5e961 |
chore(deps): update urfave/cli/v3 to v3.9.0 (#37863)
Updates `github.com/urfave/cli/v3` to [v3.9.0](https://github.com/urfave/cli/releases/tag/v3.9.0) and removes the renovate pin now that [urfave/cli#2319](https://github.com/urfave/cli/pull/2319) (the `-c` help flag parsing fix) is merged. v3.9.0 prepends the default command name to the root command's args, which broke the old `Root().Args()` check in `isValidDefaultSubCommand`. It now uses the command's own `Args()`. Behavior change: `./gitea web <extra-positional-arg>` now errors with `unknown command` instead of starting the web server and ignoring the trailing arg. `web` takes no positional args, so this is stricter (and arguably more correct) input handling. The intended `./gitea bad-cmd` rejection is unchanged. --- This PR was written with the help of Claude Opus 4.7 --------- Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
Lunny Xiao
|
4e5f43896e |
fix(auth): ignore stale OIDC external login links to organizations (#37875)
## Summary This fixes an OIDC sign-in edge case where a stale `external_login_user` record can still point to an organization or a deleted user. In that situation, Gitea may keep resolving the external login to the wrong account during sign-in. For affected instances, this matches the behavior reported in #36439 and #37812, where a user signing in with OIDC/Entra ID could appear as an organization, or hit a 404 after that organization was removed. ## What changed - validate the user resolved from `external_login_user` during OAuth2/OIDC login - ignore stale links when the linked user no longer exists - ignore stale links when the linked user is not an individual user - remove the stale external login row so the sign-in flow can relink the external account to the correct user ## Related - Fixes #37812 - Related to #36439 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
silverwind
|
28096162fa |
chore(css): remove unneeded CSS vendor prefixes (#37903)
Removes redundant/obsolete WebKit prefixes: - `-webkit-mask-*` — duplicate the unprefixed `mask-*` siblings already present; every supported browser handles unprefixed CSS Masking longhands. - `-webkit-overflow-scrolling: touch` — a no-op outside iOS Safari <13. Browser floor (all support unprefixed `mask`): Chrome 120+, Safari 15.4+, Firefox 53+, and PaleMoon/Goanna (verified: unprefixed `mask` longhands implemented unconditionally in UXP). --- This PR was written with the help of Claude Opus 4.8 Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
silverwind
|
82cf75b68a | enhance(markup): improve issue title rendering (#37908) | ||
|
Zettat123
|
0359746abe |
feat(actions)!: improve support for reusable workflows (#37478)
## Summary This PR improves reusable workflow support for Gitea Actions. The parsing of the called workflow now happens on Gitea side, not on the runner. When the caller becomes ready, Gitea fetches the called workflow source, parses it, and inserts each child job into the database as a `ActionRunJob` linked to the caller via `ParentCallJobID`. As a result, every callee job is dispatched as its own task and its logs surface as an independent job entry in the UI, rather than being inlined into the caller's "Set up job" step. This PR supports two kinds of `uses` : - same-repo call: `uses: ./.gitea/workflows/foo.yaml` - cross-repo call: `uses: OWNER/REPO/.gitea/workflows/foo.yaml@REF` ## **⚠️ BREAKING ⚠️** External reusable workflows (`uses: https://other-gitea-instance/OWNER/REPO/.gitea/workflows/test.yaml@REF`) are no longer supported. To keep using them, clone the repositories to the local instance. ## Main changes ### Execution model - Each caller job carries `IsReusableCaller=true` and won't be fetched by runners. - `ParentCallJobID` can link a called job to its caller. - Caller status is derived from its direct children. ### Workflow syntax - `jobparser` now supports parsing `on: workflow_call` trigger with `inputs:`, `outputs:`, and `secrets:` declarations. - **Max nesting depth**: capped at `MaxReusableCallLevels = 9`, which means a top-level caller may have at most 9 nested callers below it. - **Cycle prevention**: at expansion time, `checkCallerChain` walks the caller's ancestor chain via `ParentCallJobID` and rejects if the same `uses:` string appears anywhere upstream (`reusable workflow call cycle detected`). This catches both direct (`A -> A`) and indirect (`A -> B -> A`) cycles. ### Cross-repo access - To share reusable workflows from private repos, use `Collaborative Owners` introduced by #32562 ### Rerun semantics - `expandRerunJobIDs` partitions the latest attempt's jobs into: - a **rerun set**: jobs being rerun + downstream siblings within the same scope. - an **ancestor set**: reusable callers whose only *some* descendants are being rerun (the caller itself is not). - Cloning behavior for callers in `execRerunPlan`: - **Caller is fully rerun** (caller's `AttemptJobID` in `rerunSet`): none of its descendants are cloned. The caller is cloned with `IsCallerExpanded=false`, and re-expansion (which reinserts the children fresh) happens later when the resolver brings the caller to `Waiting` again. - **Caller is in ancestor set** (only some descendants rerun): the caller is pass-through (`Status` will be updated by its fresh children). Its non-rerun descendants are also pass-through clones (point `SourceTaskID` at the original task). Their `ParentCallJobID` is remapped to the new attempt's caller row. ### UI - Job list in `RepoActionView.vue` is now tree-shaped: callers indent their children. Callers default to collapsed. - New caller detail page using `WorkflowGraph` to show direct children only; the run summary's `WorkflowGraph` shows top-level callers and their immediate descendants. ### Known trade-offs - **Caller expansion runs inside the enclosing write transaction.** `expandReusableWorkflowCaller` performs a git read of the called workflow while holding the row locks that update the caller and insert its children. This is intentional: the caller-row update and child-row inserts must commit atomically. None of the call sites is hot (each caller is expanded once per attempt), so the trade-off is acceptable. - **A malformed `if:` expression on a job leaves it `Blocked` silently.** `evaluateJobIf` now runs server-side as part of resolver passes; deterministic expression errors (typos, undefined context fields) are logged but do not surface in the UI. This is the same behavior the resolver already had for concurrency-expression errors. Distinguishing transient DB errors from user-authored expression errors and writing the latter back as `StatusFailure` is a follow-up. #### Screenshots <img width="1600" alt="image" src="https://github.com/user-attachments/assets/bfaa9b7a-07e9-4127-8de9-a81f86e82828" /> <img width="1600" alt="image" src="https://github.com/user-attachments/assets/8af109b3-ef28-4b53-aaad-d4632b923224" /> ## References - https://docs.github.com/en/actions/how-tos/reuse-automations/reuse-workflows - https://docs.github.com/en/actions/reference/workflows-and-actions/reusing-workflow-configurations --- Replace #36388 --------- Signed-off-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
silverwind
|
2960d6889c |
ci: stabilize Elasticsearch tests (#37906)
At a 512m heap the CI Elasticsearch GC-thrashes under the jobs' memory pressure and goes unresponsive, flaking `test-unit` (ES indexer tests time out) and `test-mysql` (the ES-backed issue indexer blocks the per-test queue flush). Raise the heap to 1g and disable ML + the startup GeoIP download. Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
Nicolas
|
a342206a21 |
fix(locales): Replace hardcoded strings (#37788)
The Workflow Dependencies graph in the Actions run details view had hard-coded English strings. Also in projects view and contributors view I found some hard-coded strings. The other items in the issue #37787 (Summary / All jobs / Run Details / Workflow file / Triggered via / Total duration) were already wired through ctx.Locale.Tr; their translations just need to land in the non-English locale_*.json files via the translation pipeline. Fixes #37787 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
Giteabot
|
d07a42e777 |
fix(deps): update module golang.org/x/image to v0.41.0 [security] (#37904)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [golang.org/x/image](https://pkg.go.dev/golang.org/x/image) | [`v0.40.0` → `v0.41.0`](https://cs.opensource.google/go/x/image/+/refs/tags/v0.40.0...refs/tags/v0.41.0) |  |  | --- ### Panic when reading out of bound palette index in golang.org/x/image/bmp [CVE-2026-42500](https://nvd.nist.gov/vuln/detail/CVE-2026-42500) / [GO-2026-5031](https://pkg.go.dev/vuln/GO-2026-5031) <details> <summary>More information</summary> #### Details Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image. #### Severity Unknown #### References - [https://go.dev/issue/79576](https://go.dev/issue/79576) - [https://groups.google.com/g/golang-announce/c/uhYX90BlBvI](https://groups.google.com/g/golang-announce/c/uhYX90BlBvI) - [https://go.dev/cl/781500](https://go.dev/cl/781500) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5031) and the [Go Vulnerability Database](https://redirect.github.com/golang/vulndb) ([CC-BY 4.0](https://redirect.github.com/golang/vulndb#license)). </details> --- ### Excessive resource consumption in PackBits decompression in golang.org/x/image/tiff [CVE-2026-46599](https://nvd.nist.gov/vuln/detail/CVE-2026-46599) / [GO-2026-5032](https://pkg.go.dev/vuln/GO-2026-5032) <details> <summary>More information</summary> #### Details The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded size) to make the decoder decode large amounts of compressed data. #### Severity Unknown #### References - [https://go.dev/issue/79577](https://go.dev/issue/79577) - [https://go.dev/cl/759960](https://go.dev/cl/759960) - [https://groups.google.com/g/golang-announce/c/uhYX90BlBvI](https://groups.google.com/g/golang-announce/c/uhYX90BlBvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5032) and the [Go Vulnerability Database](https://redirect.github.com/golang/vulndb) ([CC-BY 4.0](https://redirect.github.com/golang/vulndb#license)). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |