mirror of
https://github.com/go-gitea/gitea.git
synced 2026-05-13 17:04:36 +00:00
09d823fcbb85075a2f56aaa16c7349e671cb5122
20780 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Lunny Xiao
|
09d823fcbb |
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
wxiaoguang
|
04f0bbcf38 | fix | ||
|
silverwind
|
79f7062d9e |
fix(actions): run TransferLogs on UpdateLog{Rows:[], NoMore:true} (#37631)
`UpdateLog` short-circuits on `len(Rows)==0` before honoring `NoMore`,
so a final empty `UpdateLog{NoMore:true}` never runs `TransferLogs`. The
task's `dbfs_data` rows are then never moved to log storage and never
deleted.
Fix: let `NoMore=true` with no new rows fall through to `TransferLogs`.
Bail when the runner has outrun the server (`Index > ack`) even with
`NoMore`, since archiving a log with a gap is worse than retrying.
Always call `WriteLogs` so `offset==0` bootstraps an empty DBFS file in
the no-output case (otherwise `TransferLogs` would fail at `dbfs.Open`).
Fixes: https://github.com/go-gitea/gitea/issues/37623
Ref: https://gitea.com/gitea/runner/pulls/952
Ref: https://gitea.com/gitea/runner/pulls/950
Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
|
||
|
GiteaBot
|
f01953e764 | [skip ci] Updated translations via Crowdin | ||
|
Giteabot
|
6a27066269 |
fix(deps): update dependency mermaid to v11.15.0 [security], add e2e test (#37662)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [mermaid](https://redirect.github.com/mermaid-js/mermaid) | [`11.14.0` → `11.15.0`](https://renovatebot.com/diffs/npm/mermaid/11.14.0/11.15.0) |  |  | --- ### Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection [CVE-2026-41148](https://nvd.nist.gov/vuln/detail/CVE-2026-41148) / [GHSA-xcj9-5m2h-648r](https://redirect.github.com/advisories/GHSA-xcj9-5m2h-648r) <details> <summary>More information</summary> #### Details ##### Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures `classDef` values with an unrestricted regex: ```jison // packages/mermaid/src/diagrams/state/parser/stateDiagram.jison:83 <CLASSDEFID>[^\n]* { this.popState(); return 'CLASSDEF_STYLEOPTS' } ``` The value passes unsanitized through `addStyleClass()` -> `createCssStyles()` -> `style.innerHTML` (mermaidAPI.ts:418). A `}` in the value closes the generated CSS selector, and everything after becomes a new CSS rule on the page. ##### PoC ``` stateDiagram-v2 classDef x }*{ background-image: url("http://media.giphy.com/media/SggILpMXO7Xt6/giphy.gif")} ``` Live demo: <https://mermaid.live/edit#pako:eNpFjzFvgzAQhf-KdVNbEcBgMHhtlkqtOnSJKi8ONsYKBmRMlRTx3-skanvTfbp7996t0IxSAYPZC6_2Rmgn7O4rQ00v5nmvWnRG29OKjqI5aTcug9wZK7RiaHH9A4fO-4kliVXSiFibqbvEzWjvnHxo_fI6vR3e6cGXyX2qTcvhcYMItDMSmHeLisAqZ8UVYeUDQhx8p6ziwEIrhTtx4MNVM4nhcxztrywE0h2wVvRzoGWS_z_8rahBKvcckntgmN5OAFvhDIzUNCZZQXCR5nVaZkUEF2BVFpOcEkoxxhUuyRbB980yjStapKHqoKFlhvPtB7BFZEU> ##### Patches This has been patched in: - [v11.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [e9b0f34d8d82a6260077764ee45e1d7d90957a0f]( |
||
|
Nicolas
|
71f3e28fe5 | ci: Also lint json5 files (#37659) | ||
|
Nicolas
|
de290f2121 |
fix(templates): avoid misleading compare message when branches lack merge base (#37651)
## Summary When comparing branches with **no common merge base** (e.g. unrelated histories or orphan branches), `PageIsComparePull` is false and `CommitCount` is zero. The compare template still showed `repo.commits.nothing_to_compare`, which in German reads like the branches are identical—even though the flash already explains there is no merge base. ## Changes - **`templates/repo/diff/compare.tmpl`**: Only render the grey “nothing to compare” segment when `CompareInfo.CompareBase` is set. <img width="1962" height="564" src="https://github.com/user-attachments/assets/adc3b4a0-6f03-45da-b297-e15e5ad0aa79" /> Fixes #37642 --------- Signed-off-by: Nicolas <bircni@icloud.com> |
||
|
Giteabot
|
8cd8291ed0 |
fix(deps): update npm dependencies (#37647)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | @​codemirror/autocomplete | [`6.20.1` → `6.20.2`](https://renovatebot.com/diffs/npm/@codemirror%2fautocomplete/6.20.1/6.20.2) |  |  | | @​codemirror/lint | [`6.9.5` → `6.9.6`](https://renovatebot.com/diffs/npm/@codemirror%2flint/6.9.5/6.9.6) |  |  | | @​codemirror/view | [`6.41.1` → `6.42.0`](https://renovatebot.com/diffs/npm/@codemirror%2fview/6.41.1/6.42.0) |  |  | | [vue](https://vuejs.org/) ([source](https://redirect.github.com/vuejs/core)) | [`3.5.33` → `3.5.34`](https://renovatebot.com/diffs/npm/vue/3.5.33/3.5.34) |  |  | --- ### Release Notes <details> <summary>vuejs/core (vue)</summary> ### [`v3.5.34`](https://redirect.github.com/vuejs/core/blob/HEAD/CHANGELOG.md#3534-2026-05-06) [Compare Source](https://redirect.github.com/vuejs/core/compare/v3.5.33...v3.5.34) ##### Bug Fixes - **compiler-sfc:** infer Vue ref wrapper types when source is unresolvable ([#​14758](https://redirect.github.com/vuejs/core/issues/14758)) ([7f46fd4]( |
||
|
wxiaoguang
|
2eb7b3c7da |
refactor: routing info middleware (#37653)
fix #37650 |
||
|
Giteabot
|
7621b65403 |
chore(deps): update action dependencies (major) (#37638)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [bitnamilegacy/minio](https://redirect.github.com/bitnami/containers) ([source](https://redirect.github.com/bitnami/containers/tree/HEAD/bitnami/minio)) | service | major | `2021.12.29` → `2025.7.23` | | [bitnamilegacy/minio](https://redirect.github.com/bitnami/containers) ([source](https://redirect.github.com/bitnami/containers/tree/HEAD/bitnami/minio)) | service | major | `2023.12.23` → `2025.7.23` | | [bitnamilegacy/mysql](https://redirect.github.com/bitnami/containers) ([source](https://redirect.github.com/bitnami/containers/tree/HEAD/bitnami/mysql)) | service | major | `8.4` → `9.4` | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
Giteabot
|
510b729212 |
fix(deps): update go dependencies (major) (#37639)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/dlclark/regexp2](https://redirect.github.com/dlclark/regexp2) | `v1.12.0` → `v2.0.1` |  |  | | [github.com/google/go-github/v84](https://redirect.github.com/google/go-github) | `v84.0.0` → `v85.0.0` |  |  | | [gitlab.com/gitlab-org/api/client-go](https://gitlab.com/gitlab-org/api/client-go) | `v1.46.0` → `v2.24.1` |  |  | --- ### Release Notes <details> <summary>dlclark/regexp2 (github.com/dlclark/regexp2)</summary> ### [`v2.0.1`](https://redirect.github.com/dlclark/regexp2/compare/v2.0.0...v2.0.1) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v2.0.0...v2.0.1) ### [`v2.0.0`](https://redirect.github.com/dlclark/regexp2/compare/v1.12.0...v2.0.0) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.12.0...v2.0.0) </details> <details> <summary>google/go-github (github.com/google/go-github/v84)</summary> ### [`v85.0.0`](https://redirect.github.com/google/go-github/releases/tag/v85.0.0) [Compare Source](https://redirect.github.com/google/go-github/compare/v84.0.0...v85.0.0) This release contains the following breaking API changes: - fix!: Resolve inconsistent options for `create` and `update` on custom org role ([#​4075](https://redirect.github.com/google/go-github/issues/4075)) BREAKING CHANGE: `GetOrgRole`, `CreateCustomOrgRole`, and `UpdateCustomOrgRole` have new params and return values. - fix!: Change `id` from `int64` to `string` in `ActivityService.MarkThreadDone` ([#​4056](https://redirect.github.com/google/go-github/issues/4056)) BREAKING CHANGE: `ActivityService.MarkThreadDone` accepts `string` `id` instead of `int64`. ...and the following additional changes: - chore: Bump version of go-github to v85.0.0 ([#​4173](https://redirect.github.com/google/go-github/issues/4173)) - chore: Update `openapi_operations.yaml` ([#​4172](https://redirect.github.com/google/go-github/issues/4172)) - security: Reject cross-host redirects to prevent Authorization leak ([#​4171](https://redirect.github.com/google/go-github/issues/4171)) - chore: Improve GitHub Actions workflows lint and testing ([#​4169](https://redirect.github.com/google/go-github/issues/4169)) - chore: Switch legacy redirect handling to new pattern ([#​4161](https://redirect.github.com/google/go-github/issues/4161)) - feat: Add `CodeSecurity` to `SecurityAndAnalysis` ([#​4155](https://redirect.github.com/google/go-github/issues/4155)) - fix: Reject URL path segments containing ".." in all request methods ([#​4150](https://redirect.github.com/google/go-github/issues/4150)) - feat: Refactor repositories download contents ([#​4153](https://redirect.github.com/google/go-github/issues/4153)) - chore: Bump google.org/x/tools to v0.44.0 in /tools ([#​4168](https://redirect.github.com/google/go-github/issues/4168)) - docs: Fix broken blog post link ([#​4160](https://redirect.github.com/google/go-github/issues/4160)) - build(deps): Bump github.com/sigstore/timestamp-authority/v2 from 2.0.3 to 2.0.6 in /example ([#​4156](https://redirect.github.com/google/go-github/issues/4156)) - chore: Update openapi\_operations.yaml ([#​4157](https://redirect.github.com/google/go-github/issues/4157)) - feat: Remove Google App Engine standard support ([#​4152](https://redirect.github.com/google/go-github/issues/4152)) - feat: Add `DownloadCopilotMetrics` helper method ([#​4149](https://redirect.github.com/google/go-github/issues/4149)) - docs: Add `apiVersion` to GitHub API link ([#​4147](https://redirect.github.com/google/go-github/issues/4147)) - chore: Simplify `redundantptr` custom linter ([#​4148](https://redirect.github.com/google/go-github/issues/4148)) - docs: Deprecate old Copilot metrics endpoints closed on April 2, 2026 ([#​4137](https://redirect.github.com/google/go-github/issues/4137)) - refactor: Remove redundant `github.Ptr` calls ([#​4145](https://redirect.github.com/google/go-github/issues/4145)) - fix: Add missing `User` fields ([#​4146](https://redirect.github.com/google/go-github/issues/4146)) - fix: Preserve `Marketplace.Stubbed` during client copy ([#​4144](https://redirect.github.com/google/go-github/issues/4144)) - refactor: Simplify array copying ([#​4143](https://redirect.github.com/google/go-github/issues/4143)) - build(deps): Bump golang.org/x/crypto from 0.49.0 to 0.50.0 in /example ([#​4141](https://redirect.github.com/google/go-github/issues/4141)) - build(deps): Bump github.com/getkin/kin-openapi from 0.134.0 to 0.135.0 in /tools ([#​4142](https://redirect.github.com/google/go-github/issues/4142)) - build(deps): Bump golang.org/x/term from 0.41.0 to 0.42.0 in /example ([#​4140](https://redirect.github.com/google/go-github/issues/4140)) - build(deps): Bump golang.org/x/net from 0.52.0 to 0.53.0 in /scrape ([#​4139](https://redirect.github.com/google/go-github/issues/4139)) - build(deps): Bump go.opentelemetry.io/otel to v1.43.0 ([#​4135](https://redirect.github.com/google/go-github/issues/4135)) - fix: Expand `sanitizeURL` secrets redactions ([#​4126](https://redirect.github.com/google/go-github/issues/4126)) - build(deps): Bump github.com/alecthomas/kong from 1.14.0 to 1.15.0 in /tools ([#​4132](https://redirect.github.com/google/go-github/issues/4132)) - build(deps): Bump actions/setup-go from 6.3.0 to 6.4.0 in the actions group ([#​4131](https://redirect.github.com/google/go-github/issues/4131)) - feat: Add support for custom names and methods that return structs with multiple `[]*T` fields in `gen-iterators.go` ([#​4128](https://redirect.github.com/google/go-github/issues/4128)) - fix: Limit webhook payload size in `ValidatePayloadFromBody` ([#​4125](https://redirect.github.com/google/go-github/issues/4125)) - build(deps): Bump codecov/codecov-action from 5.5.3 to 6.0.0 ([#​4123](https://redirect.github.com/google/go-github/issues/4123)) - fix: Synchronize `requestCount` in rate limit tests ([#​4124](https://redirect.github.com/google/go-github/issues/4124)) - chore: Simplify `generate.sh` by removing `git worktree` and using generator-based check ([#​4120](https://redirect.github.com/google/go-github/issues/4120)) - docs: Improve comments in /examples ([#​4122](https://redirect.github.com/google/go-github/issues/4122)) - chore: Use `golangci-lint-action`; remove `newreposecretwithlibsodium` ([#​4119](https://redirect.github.com/google/go-github/issues/4119)) - feat: Add custom image endpoints for GitHub-hosted runners ([#​4101](https://redirect.github.com/google/go-github/issues/4101)) - chore: Cache custom golangci-lint binaries in GHA workflow ([#​4116](https://redirect.github.com/google/go-github/issues/4116)) - build(deps): Bump github.com/ProtonMail/go-crypto from 1.4.0 to 1.4.1 in /example ([#​4115](https://redirect.github.com/google/go-github/issues/4115)) - build(deps): Bump golang.org/x/tools from 0.29.0 to 0.43.0 in /tools/extraneous-new ([#​4114](https://redirect.github.com/google/go-github/issues/4114)) - build(deps): Bump codecov/codecov-action from 5.5.2 to 5.5.3 ([#​4112](https://redirect.github.com/google/go-github/issues/4112)) - build(deps): Bump github.com/golangci/plugin-module-register from 0.1.1 to 0.1.2 in /tools/extraneous-new ([#​4113](https://redirect.github.com/google/go-github/issues/4113)) - build(deps): Bump github.com/getkin/kin-openapi from 0.133.0 to 0.134.0 in /tools ([#​4111](https://redirect.github.com/google/go-github/issues/4111)) - build(deps): Bump github.com/PuerkitoBio/goquery from 1.11.0 to 1.12.0 in /scrape ([#​4110](https://redirect.github.com/google/go-github/issues/4110)) - chore: Upgrade deps for linters using dependabot ([#​4107](https://redirect.github.com/google/go-github/issues/4107)) - chore: Use `structfield.Settings` in `check-structfield-settings` ([#​4108](https://redirect.github.com/google/go-github/issues/4108)) - build(deps): Bump google.golang.org/grpc from 1.78.0 to 1.79.3 in /example ([#​4109](https://redirect.github.com/google/go-github/issues/4109)) - chore: Remove unnecessary use of `new` and `&SomeStruct{}` and add new `extraneousnew` custom linter ([#​4106](https://redirect.github.com/google/go-github/issues/4106)) - feat: Add `NetworkConfigurationID` and `HostedRunnersURL` to enterprise runner group types ([#​4099](https://redirect.github.com/google/go-github/issues/4099)) - feat: Generate accessors for all fields ([#​4105](https://redirect.github.com/google/go-github/issues/4105)) - feat: Add `ListRunnerGroupHostedRunners` for org runner groups ([#​4100](https://redirect.github.com/google/go-github/issues/4100)) - chore: Enable `default: none` linters; remove duplicated ([#​4097](https://redirect.github.com/google/go-github/issues/4097)) - fix: Use `Cursor` pagination for `*.ListHookDeliveriesIter` ([#​4096](https://redirect.github.com/google/go-github/issues/4096)) - chore: Remove duplicated formatters ([#​4094](https://redirect.github.com/google/go-github/issues/4094)) - chore: Fix typos in comments and tests ([#​4093](https://redirect.github.com/google/go-github/issues/4093)) - chore: Fix typo in CONTRIBUTING.md ([#​4092](https://redirect.github.com/google/go-github/issues/4092)) - chore: Update openapi\_operations.yaml ([#​4091](https://redirect.github.com/google/go-github/issues/4091)) - build(deps): Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.17.0 to 2.18.0 in /example ([#​4084](https://redirect.github.com/google/go-github/issues/4084)) - chore: Bump go.opentelemetry.io/otel to v1.42.0 ([#​4090](https://redirect.github.com/google/go-github/issues/4090)) - build(deps): Bump golang.org/x/crypto from 0.48.0 to 0.49.0 in /example ([#​4081](https://redirect.github.com/google/go-github/issues/4081)) - build(deps): Bump golang.org/x/sync from 0.19.0 to 0.20.0 in /tools ([#​4078](https://redirect.github.com/google/go-github/issues/4078)) - build(deps): Bump golang.org/x/net from 0.51.0 to 0.52.0 in /scrape ([#​4079](https://redirect.github.com/google/go-github/issues/4079)) - test: Add fuzz test for `ParseWebHook` ([#​4076](https://redirect.github.com/google/go-github/issues/4076)) - feat: Add enterprise budgets API ([#​4069](https://redirect.github.com/google/go-github/issues/4069)) - feat: Add list organization fine-grained permissions ([#​4072](https://redirect.github.com/google/go-github/issues/4072)) - feat: Make `script/lint.sh` output simpler to read ([#​4073](https://redirect.github.com/google/go-github/issues/4073)) - chore: Speed up linting ([#​4071](https://redirect.github.com/google/go-github/issues/4071)) - build(deps): Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.41.0 in /otel ([#​4065](https://redirect.github.com/google/go-github/issues/4065)) - build(deps): Bump go.opentelemetry.io/otel from 1.40.0 to 1.41.0 in /otel ([#​4068](https://redirect.github.com/google/go-github/issues/4068)) - build(deps): Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.40.0 to 1.41.0 in /example ([#​4062](https://redirect.github.com/google/go-github/issues/4062)) - build(deps): Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.41.0 in /example ([#​4064](https://redirect.github.com/google/go-github/issues/4064)) - build(deps): Bump github.com/ProtonMail/go-crypto from 1.3.0 to 1.4.0 in /example ([#​4063](https://redirect.github.com/google/go-github/issues/4063)) - feat: Add `client_id` field to `App` ([#​4060](https://redirect.github.com/google/go-github/issues/4060)) - test: Simplify `CopilotService` tests ([#​4058](https://redirect.github.com/google/go-github/issues/4058)) - test: Fix flaky `TestDo_rateLimit_abuseRateLimitError_xRateLimitReset` ([#​4057](https://redirect.github.com/google/go-github/issues/4057)) - feat: Add support for enterprise audit log streaming API ([#​4035](https://redirect.github.com/google/go-github/issues/4035)) - feat: Add repository-level immutable releases settings ([#​4039](https://redirect.github.com/google/go-github/issues/4039)) - chore: Add `SAS` as a common initialism to `structfield` ([#​4054](https://redirect.github.com/google/go-github/issues/4054)) - fix: Fix data race on Windows ([#​4051](https://redirect.github.com/google/go-github/issues/4051)) - docs: Fix grammar in `README.md` ([#​4053](https://redirect.github.com/google/go-github/issues/4053)) - chore: Simplify form value assertions in tests ([#​4048](https://redirect.github.com/google/go-github/issues/4048)) - chore: Bump go-github from v83 to v84 in /scrape ([#​4050](https://redirect.github.com/google/go-github/issues/4050)) </details> <details> <summary>gitlab-org/api/client-go (gitlab.com/gitlab-org/api/client-go)</summary> ### [`v2.24.1`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.24.1) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.24.0...v2.24.1) #### 2.24.1 ##### 🐛 Bug Fixes - fix: add FormattedText field to OrbitGraphStatus and OrbitStatus ([!2876](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2876)) by [Dmitry Gruzd](https://gitlab.com/dgruzd) #### [2.24.1](https://gitlab.com/gitlab-org/api/client-go/compare/v2.24.0...v2.24.1) (2026-05-05) ##### Bug Fixes * add FormattedText field to OrbitGraphStatus and OrbitStatus ([9457ddc]( |
||
|
silverwind
|
b29af98a36 |
ci(renovate): update Go import paths on major bumps (#37641)
Enable `gomodUpdateImportPaths` so Renovate rewrites import paths (e.g. `foo/v2` → `foo/v3`) across the repo when bumping Go modules across major versions. --- This PR was written with the help of Claude Opus 4.7 Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
Lunny Xiao
|
5d87a70af9 |
fix(packages): Add label for private and internal package and fix composor package source permission check (#37610)
- Add permission checks for Composer package source links - Add private/internal visibility labels for packages, similar to repository visibility labels <img width="969" height="571" alt="image" src="https://github.com/user-attachments/assets/8a8ec3a0-bfbd-4dd6-b45b-58eda5db1a2d" /> - Add a link to change package visibility <img width="1309" height="208" alt="image" src="https://github.com/user-attachments/assets/3fa82b23-4c63-4a5e-b3f0-d37a103231ee" /> - Update link package descriptions <img width="1308" height="265" alt="image" src="https://github.com/user-attachments/assets/2c80b50e-5ffe-4d96-aedd-aa15964c4e05" /> --------- Co-authored-by: Nicolas <bircni@icloud.com> Co-authored-by: silverwind <me@silverwind.io> |
||
|
silverwind
|
5dc9d621fd |
refactor: replace Fomantic search module with first-party code (#37443)
- Replace fomantic `search` code with minimal first-party code - Added a small fix to vertically align search box and search button - Manually tested all search forms. - Add `errorName` helper, similar to `errorMessage`. Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
Giteabot
|
a603f89fce |
fix(deps): update npm dependencies (#37636)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[@typescript-eslint/parser](https://typescript-eslint.io/packages/parser)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser))
| [`8.59.1` →
`8.59.2`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.59.1/8.59.2)
|
|
|
| [eslint-plugin-vue](https://eslint.vuejs.org)
([source](https://redirect.github.com/vuejs/eslint-plugin-vue)) |
[`10.9.0` →
`10.9.1`](https://renovatebot.com/diffs/npm/eslint-plugin-vue/10.9.0/10.9.1)
|
|
|
| [jiti](https://redirect.github.com/unjs/jiti) | [`2.6.1` →
`2.7.0`](https://renovatebot.com/diffs/npm/jiti/2.6.1/2.7.0) |
|
|
| [postcss](https://postcss.org/)
([source](https://redirect.github.com/postcss/postcss)) | [`8.5.13` →
`8.5.14`](https://renovatebot.com/diffs/npm/postcss/8.5.13/8.5.14) |
|
|
| [stylelint](https://stylelint.io)
([source](https://redirect.github.com/stylelint/stylelint)) | [`17.10.0`
→
`17.11.0`](https://renovatebot.com/diffs/npm/stylelint/17.10.0/17.11.0)
|
|
|
|
[typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint))
| [`8.59.1` →
`8.59.2`](https://renovatebot.com/diffs/npm/typescript-eslint/8.59.1/8.59.2)
|
|
|
| [updates](https://redirect.github.com/silverwind/updates) | [`17.16.8`
→ `17.16.9`](https://renovatebot.com/diffs/npm/updates/17.16.8/17.16.9)
|
|
|
---
### Release Notes
<details>
<summary>typescript-eslint/typescript-eslint
(@​typescript-eslint/parser)</summary>
###
[`v8.59.2`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#8592-2026-05-04)
[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.1...v8.59.2)
This was a version bump only for parser to align it with other projects,
there were no code changes.
See [GitHub
Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2)
for more information.
You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.
</details>
<details>
<summary>vuejs/eslint-plugin-vue (eslint-plugin-vue)</summary>
###
[`v10.9.1`](https://redirect.github.com/vuejs/eslint-plugin-vue/blob/HEAD/CHANGELOG.md#1091)
[Compare
Source](https://redirect.github.com/vuejs/eslint-plugin-vue/compare/v10.9.0...v10.9.1)
##### Patch Changes
- Updated peer dependency version for
[`vue-eslint-parser`](https://redirect.github.com/vuejs/vue-eslint-parser)
to fix parsing errors in Vue SFCs
([#​3075](https://redirect.github.com/vuejs/eslint-plugin-vue/pull/3075))
</details>
<details>
<summary>unjs/jiti (jiti)</summary>
###
[`v2.7.0`](https://redirect.github.com/unjs/jiti/blob/HEAD/CHANGELOG.md#v270)
[Compare
Source](https://redirect.github.com/unjs/jiti/compare/v2.6.1...v2.7.0)
[compare
changes](https://redirect.github.com/unjs/jiti/compare/v2.6.1...v2.7.0)
##### 🚀 Enhancements
- Add explicit resource management (using/await using) support
([#​422](https://redirect.github.com/unjs/jiti/pull/422))
- Support opt-in `tsconfigPaths`
([#​427](https://redirect.github.com/unjs/jiti/pull/427))
- Support virtual modules option
([#​428](https://redirect.github.com/unjs/jiti/pull/428))
- Add `jiti/static` export
([#​430](https://redirect.github.com/unjs/jiti/pull/430))
##### 🔥 Performance
- **interopDefault:** Add caching to reduce proxy overhead by \~2x
([#​421](https://redirect.github.com/unjs/jiti/pull/421))
##### 🩹 Fixes
- **require:** Passthrough resolve options
([#​412](https://redirect.github.com/unjs/jiti/pull/412))
- **ci:** Skip `--coverage` flag for node 18
([fe264b4](https://redirect.github.com/unjs/jiti/commit/fe264b4))
- **require:** Fallback to transpilation when `tryNative` fails
([#​413](https://redirect.github.com/unjs/jiti/pull/413))
- Fallback for `ENAMETOOLONG` when evaluating esm
([#​429](https://redirect.github.com/unjs/jiti/pull/429))
##### 📦 Build
- Upgrade rspack
([55194fb](https://redirect.github.com/unjs/jiti/commit/55194fb))
- Experimental rolldown config
([8c0243f](https://redirect.github.com/unjs/jiti/commit/8c0243f))
##### 🏡 Chore
- Fix lint issues
([4045c7a](https://redirect.github.com/unjs/jiti/commit/4045c7a))
- Update deps
([e88ac44](https://redirect.github.com/unjs/jiti/commit/e88ac44))
- Update deps
([498e8d7](https://redirect.github.com/unjs/jiti/commit/498e8d7))
- Add missing prettier dep
([650bc48](https://redirect.github.com/unjs/jiti/commit/650bc48))
- Lint ([058d91a](https://redirect.github.com/unjs/jiti/commit/058d91a))
- Init agents.md
([c49c54e](https://redirect.github.com/unjs/jiti/commit/c49c54e))
- Update agents.md
([4deba16](https://redirect.github.com/unjs/jiti/commit/4deba16))
- Update deps
([
|
||
|
Giteabot
|
e1f0f9e896 |
fix(deps): update module code.gitea.io/sdk/gitea to v0.25.0 (#37637)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | code.gitea.io/sdk/gitea | `v0.24.1` → `v0.25.0` |  |  | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
pomidorry
|
67f86bc3fe |
feat(api): add last_sync to repository API (#37566)
This PR adds a new repository API field, `mirror_last_sync_at`, to expose the timestamp of the last successful pull mirror sync. Unlike `mirror_updated`, this field does not affect mirror scheduling and is updated only after a successful pull sync. Failed sync attempts leave the value unchanged. What changed - added `mirror_last_sync_at` to the repository API response - updated pull mirror sync flow to persist the timestamp only on successful sync - kept `mirror_updated` behavior unchanged for queue/scheduling purposes `mirror_updated` is currently tied to mirror queue behavior, so it cannot safely represent the last successful sync time. The new field makes that state explicit for API consumers without changing scheduling semantics. --------- Signed-off-by: pomidorry <106489913+Pomidorry@users.noreply.github.com> Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
TheFox0x7
|
c78c84c3ca |
test(e2e): run playwright via container (#37300)
Enable running playwright tests on unsupported platforms as well Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
silverwind
|
a61598884f |
feat(editor): broaden language detection in web code editor (#37619)
Use https://github.com/github-linguist/linguist/blob/main/lib/linguist/languages.yml to substantially improve syntax higlighting in Codemirror. File is generated on-demand only. Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
Copilot
|
0a3aaeafe7 |
refactor(log): replace log.Critical with log.Error (#37624)
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: wxiaoguang <2114189+wxiaoguang@users.noreply.github.com> |
||
|
wxiaoguang
|
093c9e8ee6 |
fix: "run as root" check (#37622)
Remove the hacky and fragile `sed os.Getuid()` patch. |
||
|
silverwind
|
ce089f498b |
fix: improve actions status icons and texts (#37206)
Action runs, jobs and steps have 8 statuses but the UI only showed 5
(from the commit status api) for the latter two. Align all 8 to GitHub
as closely as possible:
- waiting — `octicon-circle` (hollow circle), gray
- blocked — `octicon-blocked` (slashed circle), yellow
- running — `gitea-running` (rotating spinner), yellow
- cancelled — `octicon-stop` (gray), was `octicon-x` (red)
Descriptions also aligned with GitHub:
- "Has started running" → "In progress"
- "Has been cancelled" → "Cancelled after {dur}"
- "Has been skipped" → "Skipped"
Fixes: https://github.com/go-gitea/gitea/issues/32228
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Signed-off-by: silverwind <me@silverwind.io>
Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Nicolas <bircni@icloud.com>
|
||
|
silverwind
|
a5d81d9ce2 |
perf: replace goheader linter with custom check (#37599)
Replace the [slow `goheader` linter](https://github.com/denis-tingaikin/go-header/issues/70) with a custom check. Local go lint time is down from 247s to 32s. 6 new files that were previously undetected because of `//go:build ignore` are fixed. The exit code of the make target preserves the golangci-lint exit code, if present. Also refactors and consolidates the linting targets. Signed-off-by: silverwind <me@silverwind.io> Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
dependabot[bot]
|
73c0239f94 |
build(deps): bump fast-uri from 3.1.0 to 3.1.2 (#37616)
Bumps [fast-uri](https://github.com/fastify/fast-uri) from 3.1.0 to 3.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastify/fast-uri/releases">fast-uri's releases</a>.</em></p> <blockquote> <h2>v3.1.2</h2> <h2>⚠️ Security Release</h2> <ul> <li>Fix for <a href="https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc">https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Handle malformed fragment decoding as a parse error by <a href="https://github.com/mcollina"><code>@mcollina</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/171">fastify/fast-uri#171</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2">https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2</a></p> <h2>v3.1.1</h2> <h2>⚠️ Security Release</h2> <ul> <li>Fix for <a href="https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6">https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6</a></li> </ul> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/148">fastify/fast-uri#148</a></li> <li>build(deps): bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/149">fastify/fast-uri#149</a></li> <li>chore(.npmrc): ignore scripts by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/150">fastify/fast-uri#150</a></li> <li>build(deps-dev): remove <code>@fastify/pre-commit</code> by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/151">fastify/fast-uri#151</a></li> <li>build(deps): bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/152">fastify/fast-uri#152</a></li> <li>ci(ci): add concurrency config by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/153">fastify/fast-uri#153</a></li> <li>build(deps): bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/154">fastify/fast-uri#154</a></li> <li>build(deps): bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/156">fastify/fast-uri#156</a></li> <li>chore(license): standardise license notice by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/159">fastify/fast-uri#159</a></li> <li>style: remove trailing whitespace by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/161">fastify/fast-uri#161</a></li> <li>ci: remove unused github files by <a href="https://github.com/Tony133"><code>@Tony133</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/162">fastify/fast-uri#162</a></li> <li>chore: update readme by <a href="https://github.com/Tony133"><code>@Tony133</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/164">fastify/fast-uri#164</a></li> <li>build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/165">fastify/fast-uri#165</a></li> <li>build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/166">fastify/fast-uri#166</a></li> <li>build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/167">fastify/fast-uri#167</a></li> <li>ci: add lock-threads workflow by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/169">fastify/fast-uri#169</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Tony133"><code>@Tony133</code></a> made their first contribution in <a href="https://redirect.github.com/fastify/fast-uri/pull/162">fastify/fast-uri#162</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1">https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
wxiaoguang
|
1ed935f911 |
fix: make clone URL respect public URL detection setting (#37615)
Fix #37614 |
||
|
techknowlogick
|
ef040c5fc4 |
chore(deps): bump go-git/go-git/v5 to 5.19.0 (#37608)
Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
Giteabot
|
c81eca9904 |
chore(deps): update action dependencies (#37603)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/labeler](https://redirect.github.com/actions/labeler) | action | minor | `v6.0.1` → `v6.1.0` | | [aws-actions/configure-aws-credentials](https://redirect.github.com/aws-actions/configure-aws-credentials) | action | patch | `v6.1.0` → `v6.1.1` | | [docker.elastic.co/elasticsearch/elasticsearch](https://www.elastic.co/products/elasticsearch) ([source](https://redirect.github.com/elastic/elasticsearch)) | service | patch | `8.19.14` → `8.19.15` | | [renovatebot/github-action](https://redirect.github.com/renovatebot/github-action) | action | patch | `v46.1.12` → `v46.1.13` | --- ### Release Notes <details> <summary>actions/labeler (actions/labeler)</summary> ### [`v6.1.0`](https://redirect.github.com/actions/labeler/releases/tag/v6.1.0) [Compare Source](https://redirect.github.com/actions/labeler/compare/v6.0.1...v6.1.0) #### Enhancements - Add changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by [@​bluca](https://redirect.github.com/bluca) in [#​923](https://redirect.github.com/actions/labeler/pull/923) #### Bug Fixes - Improve Labeler Action documentation and permission error handling by [@​chiranjib-swain](https://redirect.github.com/chiranjib-swain) in [#​897](https://redirect.github.com/actions/labeler/pull/897) - Preserve manually added labels during workflow runs and refine label synchronization logic by [@​chiranjib-swain](https://redirect.github.com/chiranjib-swain) in [#​917](https://redirect.github.com/actions/labeler/pull/917) #### Dependency Updates - Upgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by [@​dependabot](https://redirect.github.com/dependabot) in [#​877](https://redirect.github.com/actions/labeler/pull/877) - Upgrade minimatch from 10.0.1 to 10.2.3 by [@​dependabot](https://redirect.github.com/dependabot) in [#​926](https://redirect.github.com/actions/labeler/pull/926) - Upgrade dependencies ([@​actions/core](https://redirect.github.com/actions/core), [@​actions/github](https://redirect.github.com/actions/github), js-yaml, minimatch, [@​typescript-eslint](https://redirect.github.com/typescript-eslint)) by [@​Copilot](https://redirect.github.com/Copilot) in [#​934](https://redirect.github.com/actions/labeler/pull/934) #### New Contributors - [@​chiranjib-swain](https://redirect.github.com/chiranjib-swain) made their first contribution in [#​897](https://redirect.github.com/actions/labeler/pull/897) - [@​bluca](https://redirect.github.com/bluca) made their first contribution in [#​923](https://redirect.github.com/actions/labeler/pull/923) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [#​934](https://redirect.github.com/actions/labeler/pull/934) **Full Changelog**: <https://github.com/actions/labeler/compare/v6...v6.1.0> </details> <details> <summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary> ### [`v6.1.1`](https://redirect.github.com/aws-actions/configure-aws-credentials/releases/tag/v6.1.1) [Compare Source](https://redirect.github.com/aws-actions/configure-aws-credentials/compare/v6.1.0...v6.1.1) ##### What's Changed - chore(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1722](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1722) - chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 25.5.0 to 25.5.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1723](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1723) - chore(deps-dev): bump [@​smithy/property-provider](https://redirect.github.com/smithy/property-provider) from 4.2.12 to 4.2.13 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1724](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1724) - chore(deps): bump proxy-agent from 8.0.0 to 8.0.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1726](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1726) - chore(deps): bump [@​smithy/node-http-handler](https://redirect.github.com/smithy/node-http-handler) from 4.5.1 to 4.5.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1725](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1725) - chore(deps): bump [@​aws-sdk/client-sts](https://redirect.github.com/aws-sdk/client-sts) from 3.1020.0 to 3.1025.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1727](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1727) - chore(deps): bump basic-ftp from 5.2.0 to 5.2.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1728](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1728) - chore(deps): bump basic-ftp from 5.2.1 to 5.2.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1729](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1729) - chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 25.5.2 to 25.6.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1730](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1730) - chore(deps-dev): bump [@​aws-sdk/credential-provider-env](https://redirect.github.com/aws-sdk/credential-provider-env) from 3.972.24 to 3.972.25 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1733](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1733) - chore(deps): bump [@​aws-sdk/client-sts](https://redirect.github.com/aws-sdk/client-sts) from 3.1025.0 to 3.1030.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1732](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1732) - chore(deps-dev): bump [@​biomejs/biome](https://redirect.github.com/biomejs/biome) from 2.4.10 to 2.4.11 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1734](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1734) - chore(deps): bump basic-ftp from 5.2.2 to 5.3.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1736](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1736) - chore(deps-dev): bump memfs from 4.57.1 to 4.57.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1737](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1737) - chore(deps-dev): bump typescript from 6.0.2 to 6.0.3 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1740](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1740) - chore(deps-dev): bump [@​smithy/property-provider](https://redirect.github.com/smithy/property-provider) from 4.2.13 to 4.2.14 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1741](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1741) - chore(deps-dev): bump [@​aws-sdk/credential-provider-env](https://redirect.github.com/aws-sdk/credential-provider-env) from 3.972.25 to 3.972.28 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1742](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1742) - chore(deps): bump [@​aws-sdk/client-sts](https://redirect.github.com/aws-sdk/client-sts) from 3.1030.0 to 3.1033.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1743](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1743) - chore(deps-dev): bump [@​biomejs/biome](https://redirect.github.com/biomejs/biome) from 2.4.11 to 2.4.12 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1739](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1739) - chore(deps-dev): bump [@​biomejs/biome](https://redirect.github.com/biomejs/biome) from 2.4.12 to 2.4.13 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1747](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1747) - chore(deps): bump postcss from 8.5.6 to 8.5.12 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1752](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1752) - chore(deps): bump [@​smithy/node-http-handler](https://redirect.github.com/smithy/node-http-handler) from 4.6.0 to 4.6.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1750](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1750) - chore(deps-dev): bump [@​aws-sdk/credential-provider-env](https://redirect.github.com/aws-sdk/credential-provider-env) from 3.972.28 to 3.972.32 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1751](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1751) - chore(deps): bump [@​aws-sdk/client-sts](https://redirect.github.com/aws-sdk/client-sts) from 3.1033.0 to 3.1038.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1749](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1749) - chore: release 6.1.1 by [@​lehmanmj](https://redirect.github.com/lehmanmj) in [#​1757](https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1757) **Full Changelog**: <https://github.com/aws-actions/configure-aws-credentials/compare/v6...v6.1.1> </details> <details> <summary>elastic/elasticsearch (docker.elastic.co/elasticsearch/elasticsearch)</summary> ### [`v8.19.15`](https://redirect.github.com/elastic/elasticsearch/releases/tag/v8.19.15): Elasticsearch 8.19.15 [Compare Source](https://redirect.github.com/elastic/elasticsearch/compare/v8.19.14...v8.19.15) Downloads: <https://elastic.co/downloads/elasticsearch> Release notes: <https://www.elastic.co/guide/en/elasticsearch/reference/8.19/release-notes-8.19.15.html> </details> <details> <summary>renovatebot/github-action (renovatebot/github-action)</summary> ### [`v46.1.13`](https://redirect.github.com/renovatebot/github-action/releases/tag/v46.1.13) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v46.1.12...v46.1.13) ##### Documentation - update references to renovatebot/github-action to v46.1.12 ([a871d4d]( |
||
|
silverwind
|
479bcdb503 |
fix(actions): fix blank lines after ::endgroup:: (#37597)
`endLogGroup` was incorrectly appending empty `<div>`s, producing a useless blank line after every group. Before and after: <img width="250" alt="Screenshot 2026-05-07 at 22 40 40" src="https://github.com/user-attachments/assets/8baf0fd0-99c8-4648-bf3f-edc6c4b197ec" /> <img width="250" alt="Screenshot 2026-05-07 at 22 37 12" src="https://github.com/user-attachments/assets/c45f28ae-1bbf-4b25-9d7b-281c19421f63" /> --------- Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
silverwind
|
29676adfd3 |
fix: treat email addresses case-insensitively (#37600)
Fixes #36184 and three more discovered cases. --- This PR was written with the help of Claude Opus 4.7 --------- Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
Lunny Xiao
|
7dc3087acd |
fix(git): Fix smart http request scope bug (#37583)
Co-authored-by: Nicolas <bircni@icloud.com> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> Co-authored-by: silverwind <me@silverwind.io> |
||
|
Giteabot
|
243c2d7146 |
chore(deps): update dependency go to v1.26.3 (#37601)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [go](https://go.dev/) ([source](https://redirect.github.com/golang/go)) | golang | patch | `1.26.2` → `1.26.3` | --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
silverwind
|
82d40296b0 |
chore(deps): bump tool deps and pin, update golangci-lint (#37574)
1. Pin all makefile go deps to exact version, renovate will bump them in the future 2. Bump all deps and golangci-lint and fix all new issues, most are from modernize Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
silverwind
|
b4085c7e3c |
build: update pnpm to v11 (#37591)
Update to https://github.com/pnpm/pnpm/releases/tag/v11.0.0 - move all pnpm settings to `pnpm-workspace.yaml`, pnpm v11 only reads that file - drop redundant or no-op settings - disable `strictDepBuilds` to avoid having to manually specify deps with build scripts, this is equivalent to v10 where it will not execute and warn. - add workarounds for https://github.com/SukkaW/nolyfill/issues/119 - remove dead eslintrc entry --- This PR was written with the help of Claude Opus 4.7 --------- Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
silverwind
|
bba748e8b5 |
chore(renovate): detect Makefile tools, enable go bumps (#37595)
- fix detection of Makefile tools and group them separately - Enable `go.mod` `go` directive bumps, schedule it at any time and exempt it from the release-age delay Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
wxiaoguang
|
2b93eaf55b |
refactor: only reset a database table when the table's data was changed (#37573)
Reduce CI time Saves about 3 minutes for each test suit test-unit: 13min -> 10min (-race) test-pgsql: 24min -> 20min (-race) test-mysql: 15min -> 12min test-mssql: 16min -> 12min --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
silverwind
|
6a509da96e |
refactor: lint bare fill/stroke colors, add vars for git graph color series (#37543)
- make `scale-unlimited/declaration-strict-value` cover fill and stroke - add new color vars for color series in gitgraph - move most rule disablement to per-line - remove dead highlight colors since https://github.com/go-gitea/gitea/pull/34948 - move stylelint config to ts now that the linked issue is fixed Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
Nicolas
|
601c6eb1a0 |
fix(actions): report individual step status in workflow job API response (#37592)
When a workflow job failed, the API response reported all steps as failed — even steps that had completed successfully before the failing step. `ToActionWorkflowJob` was calling `ToActionsStatus(job.Status)` for every step instead of `ToActionsStatus(step.Status)`, so the job's overall conclusion was propagated to each step. Each `ActionTaskStep` has its own `Status` field that tracks the actual outcome of that step independently of the job result. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
silverwind
|
e9f82b0ee3 |
ci: allow chore type in PR title lint (#37575)
Follow-up to #37498, adds `chore` to the allowed PR title types so the
set matches the standard
[`@commitlint/config-conventional`](
|
||
|
silverwind
|
3e69d6adbe |
refactor: remove obsolete export (#37579)
Leftover from
|
||
|
Nicolas
|
c9b9e376fb | fix: Invalid UTF-8 commit messages in JSON API responses (#37542) | ||
|
Nicolas
|
2200ed7499 |
fix: use consistent GetUser family functions (#37553)
fixes adding collaborative owners in Actions settings when the user or organization name contains capital letters. Fixes #37548 --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
Kausthubh J Rao
|
19f01691d5 |
fix(api): return 409 message instead of empty JSON for wrong commit id (#37572)
## Issue Closes #37217 The error string was getting lost while returning due to `ctx.JSON()` which cannot serialize the `error` object. ## Fix Use `ctx.APIError()` to return proper error messages back to the client. |
||
|
Kausthubh J Rao
|
630258410d |
fix(actions): prevent panic when workflow contains null jobs (#37570)
## The issue Closes #37568. Basically due to empty fields being present in the actions file, the jobs would be produced as `nil` inside `jobparser.go` . Because of this when we call `Parse` on the `jobparser` module. ```go Needs: job.Needs(), ``` would propagate the `nil` job down the chain. ## The fix For now i decide to fix it by guarding with an `if job == nil` check. --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
GiteaBot
|
cf48aa0188 | [skip ci] Updated translations via Crowdin | ||
|
wxiaoguang
|
a39af1a829 |
refactor: use modernc sqlite driver as default (#37562)
The mattn driver is still kept, can be enabled by TAGS="sqlite_mattn sqlite_unlock_notify" --------- Co-authored-by: TheFox0x7 <thefox0x7@gmail.com> |
||
|
Copilot
|
b093c2c43c |
refactor(templates): remove ctxData from tmpl files, use ctx.RootData instead (#37567)
Sub-templates have direct access to `ctx.RootData` (the root data map), so there is no need for callers to explicitly pass it as `ctxData` via `dict`. Also fix #37569 by the way --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: wxiaoguang <2114189+wxiaoguang@users.noreply.github.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
silverwind
|
ebc058f682 |
ci: increase renovate frequency and fix RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS (#37565)
1. Sync `RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS` with the recent `renovate.json5` change (#37537) — the npm group now runs `make svg nolyfill`, but the workflow allowlist still only matched `^make (tidy|svg)$`, so the post-upgrade task was being rejected. 2. Bump the cron from daily at 01:00 UTC to hourly at :23, matching the cadence of Mend's hosted Renovate App. Hourly gives sub-hour responsiveness to dependency-dashboard checkbox interactions and PR-close reactions; the `:23` offset avoids the GHA scheduler congestion at multiples of 15. Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
Giteabot
|
35dfc6b9e1 |
fix(deps): update go dependencies (#37541)
Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
silverwind
|
97211bf0c5 |
refactor(deps): migrate from nektos/act fork to gitea/runner (#37557)
Migrate to https://gitea.com/gitea/runner/releases/tag/v1.0.0 which includes the `act` package directory previously referenced by `nektos/act`. Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
Nicolas
|
45ffe5aa6a |
ci: lint PR titles with commitlint (#37498)
## Summary - Enforce **Conventional Commits** on PR titles (PRs are squash-merged, so the PR title becomes the final commit message). - Add a local `make lint-pr-title` target so contributors can validate titles before pushing. ## Why We squash-merge PRs, which means the final repository history is largely shaped by **PR titles**. Enforcing a consistent Conventional Commits format makes: - **Release notes & changelogs easier to generate** (types like `feat` / `fix` can be grouped automatically). - **History easier to scan** (uniform structure, optional scopes, explicit breaking changes via `!`). - **Automation more reliable** (future tooling can infer category and scope from the title). ## PR title format ```text type(scope)!: subject type: one of build|chore|ci|docs|feat|fix|perf|refactor|revert|style|test scope: optional (e.g. web, api, actions, repo, …) !: optional, indicates a breaking change subject: short, imperative, no trailing period ``` ## Examples ```text feat(web): add dark mode toggle fix(api): avoid panic when repo is missing chore(ci): lint PR titles with commitlint refactor(templates): reduce duplication in repo list rendering feat!: remove legacy OAuth endpoint ``` ## Local testing ```text make deps-frontend make lint-pr-title PR_TITLE="feat(web): add dark mode toggle" ``` --------- Signed-off-by: Nicolas <bircni@icloud.com> Co-authored-by: nb <nb@users.noreply.local> Co-authored-by: GPT-5.2 <gpt-5.2@openai.com> |
