silverwind
b915e6908c
Add JSON linting ( #36192 )
...
Uses https://github.com/eslint/json to lint all JSON and JSONC files in the repo.
2025-12-19 06:27:21 +00:00
silverwind
36aa39fffe
Bump setup-node to v6, re-enable cache ( #36207 )
2025-12-19 02:07:34 +00:00
dependabot[bot]
5fa40bacea
Bump astral-sh/setup-uv from 6 to 7 ( #36198 )
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6
to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/setup-uv/releases ">astral-sh/setup-uv's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0 🌈 node24 and a lot of bugfixes</h2>
<h2>Changes</h2>
<p>This release comes with a load of bug fixes and a speed up. Because
of switching from node20 to node24 it is also a breaking change. If you
are running on GitHub hosted runners this will just work, if you are
using self-hosted runners make sure, that your runners are up to date.
If you followed the normal installation instructions your self-hosted
runner will keep itself updated.</p>
<p>This release also removes the deprecated input
<code>server-url</code> which was used to download uv releases from a
different server.
The <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#manifest-file ">manifest-file</a>
input supersedes that functionality by adding a flexible way to define
available versions and where they should be downloaded from.</p>
<h3>Fixes</h3>
<ul>
<li>The action now respects when the environment variable
<code>UV_CACHE_DIR</code> is already set and does not overwrite it. It
now also finds <a
href="https://docs.astral.sh/uv/reference/settings/#cache-dir ">cache-dir</a>
settings in config files if you set them.</li>
<li>Some users encountered problems that <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#disable-cache-pruning ">cache
pruning</a> took forever because they had some <code>uv</code> processes
running in the background. Starting with uv version <code>0.8.24</code>
this action uses <code>uv cache prune --ci --force</code> to ignore the
running processes</li>
<li>If you just want to install uv but not have it available in path,
this action now respects <code>UV_NO_MODIFY_PATH</code></li>
<li>Some other actions also set the env var <code>UV_CACHE_DIR</code>.
This action can now deal with that but as this could lead to unwanted
behavior in some edgecases a warning is now displayed.</li>
</ul>
<h3>Improvements</h3>
<p>If you are using minimum version specifiers for the version of uv to
install for example</p>
<pre lang="toml"><code>[tool.uv]
required-version = ">=0.8.17"
</code></pre>
<p>This action now detects that and directly uses the latest version.
Previously it would download all available releases from the uv repo
to determine the highest matching candidate for the version specifier,
which took much more time.</p>
<p>If you are using other specifiers like <code>0.8.x</code> this action
still needs to download all available releases because the specifier
defines an upper bound (not 0.9.0 or later) and "latest" would
possibly not satisfy that.</p>
<h2>🚨 Breaking changes</h2>
<ul>
<li>Use node24 instead of node20 <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/608 ">#608</a>)</li>
<li>Remove deprecated input server-url <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/607 ">#607</a>)</li>
</ul>
<h2>🐛 Bug fixes</h2>
<ul>
<li>Respect UV_CACHE_DIR and cache-dir <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/612 ">#612</a>)</li>
<li>Use --force when pruning cache <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/611 ">#611</a>)</li>
<li>Respect UV_NO_MODIFY_PATH <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/603 ">#603</a>)</li>
<li>Warn when <code>UV_CACHE_DIR</code> has changed <a
href="https://github.com/jamesbraza "><code>@jamesbraza</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/601 ">#601</a>)</li>
</ul>
<h2>🚀 Enhancements</h2>
<ul>
<li>Shortcut to latest version for minimum version specifier <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/598 ">#598</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>Bump dependencies <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/613 ">#613</a>)</li>
<li>Fix test-uv-no-modify-path <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/604 ">#604</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="681c641abahttps://redirect.github.com/astral-sh/setup-uv/issues/712 ">#712</a>)</li>
<li><a
href="2e85713bb0https://redirect.github.com/astral-sh/setup-uv/issues/715 ">#715</a>)</li>
<li><a
href="58b6d7b303https://redirect.github.com/astral-sh/setup-uv/issues/716 ">#716</a>)</li>
<li><a
href="e8b52af86ehttps://redirect.github.com/astral-sh/setup-uv/issues/714 ">#714</a>)</li>
<li><a
href="ed21f2f24fhttps://redirect.github.com/astral-sh/setup-uv/issues/695 ">#695</a>)</li>
<li><a
href="93202d8fbehttps://redirect.github.com/astral-sh/setup-uv/issues/709 ">#709</a>)</li>
<li><a
href="5ce090076dhttps://redirect.github.com/astral-sh/setup-uv/issues/708 ">#708</a>)</li>
<li><a
href="4180991cd9https://redirect.github.com/astral-sh/setup-uv/issues/707 ">#707</a>)</li>
<li><a
href="0439606c8ehttps://redirect.github.com/astral-sh/setup-uv/issues/698 ">#698</a>)</li>
<li><a
href="7dd56c18e9https://redirect.github.com/astral-sh/setup-uv/issues/706 ">#706</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/setup-uv/compare/v6...v7 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-12-18 22:41:25 +00:00
dependabot[bot]
dcad5d8879
Bump dev-hanz-ops/install-gh-cli-action from 0.1.0 to 0.2.1 ( #36195 )
...
Bumps
[dev-hanz-ops/install-gh-cli-action](https://github.com/dev-hanz-ops/install-gh-cli-action )
from 0.1.0 to 0.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/releases ">dev-hanz-ops/install-gh-cli-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.1 - arm64 support</h2>
<ul>
<li>support arm64 architecture - <a
href="https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/pull/10 ">dev-hanz-ops/install-gh-cli-action#10</a>
(by <a
href="https://github.com/whatthefinemanual "><code>@whatthefinemanual</code></a>)</li>
</ul>
<h2>v0.2.0 - update to node20</h2>
<ul>
<li><a
href="8fff9050daaf38ce09b1eef2976cedhttps://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/10 ">#10</a>)</li>
<li><a
href="2d19dc38f3https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/8 ">#8</a>)</li>
<li><a
href="8fff9050da67bfd053934474568036https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/3 ">#3</a>)</li>
<li>See full diff in <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/compare/v0.1.0...v0.2.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 21:37:06 +00:00
dependabot[bot]
5f5a87f015
Bump aws-actions/configure-aws-credentials from 4 to 5 ( #36196 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials )
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/releases ">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<p>NOTE: This release tag originally pointed to
59b441846ad109fa4a1549b73ef4e149c4bfb53b, but a critical bug was
discovered shortly after publishing. We updated this tag to
d0834ad3a60a024346910e522a81b0002bd37fea to prevent anyone using the
4.3.0 tag from encountering the bug, and we published 4.3.1 to allow
workflows to auto update correctly.</p>
<h3>Features</h3>
<ul>
<li>dependency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b05b3c89504637fe9a740bcbea70821e3f7c218721https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.0...v4.2.1 ">4.2.1</a>
(2025-05-14)</h2>
<h3>Bug Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md ">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1 ">5.1.1</a>
(2025-11-24)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>release 5.1.1 (<a
href="56d6a583f0https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0 ">5.1.0</a>
(2025-10-06)</h2>
<h3>Features</h3>
<ul>
<li>Add global timeout support (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487 ">#1487</a>)
(<a
href="1584b8b0e2https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="dde9b22a8ehttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485 ">#1485</a>)
(<a
href="97ef425d73https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486 ">#1486</a>)
(<a
href="cea42985achttps://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.1...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<h3>Features</h3>
<ul>
<li>depenency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b061815dcd50https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1564 ">#1564</a>)</li>
<li><a
href="56d6a583f04a54c24244https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1563 ">#1563</a>)</li>
<li><a
href="b2793c943dhttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1559 ">#1559</a>)</li>
<li><a
href="8c230bf21df7a5b07d53https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1558 ">#1558</a>)</li>
<li><a
href="730fc04382https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1555 ">#1555</a>)</li>
<li><a
href="bc0dd36aechttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1556 ">#1556</a>)</li>
<li><a
href="f2964c7281cf464951behttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1548 ">#1548</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4...v5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 20:59:23 +00:00
dependabot[bot]
aca6726607
Bump docker/build-push-action from 5 to 6 ( #36197 )
...
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action )
from 5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Export build record and generate <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">build
summary</a> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1120 ">docker/build-push-action#1120</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1132 ">docker/build-push-action#1132</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1136 ">docker/build-push-action#1136</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1138 ">docker/build-push-action#1138</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1137 ">docker/build-push-action#1137</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This major release adds support for generating <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">Build
summary</a> and exporting build record for your build. You can disable
this feature by setting <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary ">
<code>DOCKER_BUILD_SUMMARY: false</code> environment variable in your
workflow</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 ">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 </a></p>
<h2>v5.4.0</h2>
<ul>
<li>Show builder information before building by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1128 ">docker/build-push-action#1128</a></li>
<li>Handle attestations correctly with provenance and sbom inputs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1086 ">docker/build-push-action#1086</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1088 ">docker/build-push-action#1088</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1105 ">docker/build-push-action#1105</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1121 ">docker/build-push-action#1121</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1127 ">docker/build-push-action#1127</a></li>
<li>Bump undici from 5.28.3 to 5.28.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1090 ">docker/build-push-action#1090</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 ">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 </a></p>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080 ">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 ">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 </a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074 ">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia "><code>@favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019 ">docker/build-push-action#1019</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070 ">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057 ">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 ">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 </a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992 ">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren "><code>@elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980 ">docker/build-push-action#980</a></li>
<li>Bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991 ">docker/build-push-action#991</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990 ">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006 ">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 ">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318dhttps://redirect.github.com/docker/build-push-action/issues/1381 ">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e010bb1f27d6b5f9dbf956c0788c444d8https://redirect.github.com/docker/build-push-action/issues/1375 ">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f41dc7386353https://redirect.github.com/docker/build-push-action/issues/1364 ">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="9c9803f364db1f6c46e8721e8c79dehttps://github.com/docker/build-push-action/compare/v5...v6 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-18 20:09:24 +00:00
silverwind
3e57ba5b36
Add permissions tofiles-changed jobs ( #36142 )
...
Followup to https://github.com/go-gitea/gitea/pull/36140 .
`files-changed` is a job that imports another workflow via `uses`
statement but CodeQL still complains about lack of permissions on these
jobs, so add it. This will fix the remaining [3 CodeQL
issues](https://github.com/go-gitea/gitea/security/code-scanning?query=is%3Aopen+branch%3Amain+permissions ).
2025-12-12 18:38:59 +01:00
silverwind
4c06c98dda
Add explicit permissions to all actions workflows ( #36140 )
...
Explicitely specify all workflow
[`permissions`](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#permissions ).
This will fix [26 CodeQL
alerts](https://github.com/go-gitea/gitea/security/code-scanning?query=permissions+is%3Aopen+branch%3Amain+ ).
2025-12-12 16:48:29 +00:00
silverwind
87b855bd15
Bump actions/checkout to v6 ( #36136 )
...
https://github.com/actions/checkout#checkout-v6
Result of `perl -p -i -e
's#actions\/checkout\@v5#actions/checkout\@v6#g' .github/workflows/*`
2025-12-12 16:44:53 +01:00
silverwind
66707bc3ea
Fix actions lint ( #36029 )
...
actionlint since https://github.com/rhysd/actionlint/releases/tag/v1.7.9
detects constant conditions and this workflow was being disabled in
58d2a87c6chttps://github.com/go-gitea/gitea/actions/runs/19673752806/job/56349128912?pr=36028
Instead, remove the whole workflow file. I'm sure we can re-create it if
the need arises.
Also, I locked the actionlint dependency to prevent similar surprises in
the future.
2025-11-26 10:13:37 -08:00
TheFox0x7
685c8c314f
Add cache to container build ( #35697 )
...
add mount cache directives to container builds, which speeds up local
builds bypassing node and go package download entirely on second build
and caching go compilation.
drop job level split on regular/rootless, which allows to reuse the
previously made stage for rootless, skipping duplicate builds in CI.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2025-11-02 09:42:25 +00:00
silverwind
5bf7cf788d
Bump actions/labeler to v6 ( #35681 )
...
https://github.com/actions/labeler/releases/tag/v6.0.0
2025-10-16 19:00:41 +02:00
silverwind
96102c69e7
Bump setup-go to v6 ( #35660 )
2025-10-14 14:28:05 -04:00
silverwind
912515e63a
Bump actions/checkout to v5 ( #35644 )
2025-10-12 18:01:42 +00:00
junoberryferry
151ef80e28
use experimental go json v2 library ( #35392 )
...
details: https://pkg.go.dev/encoding/json/v2
---------
Co-authored-by: techknowlogick <matti@mdranta.net >
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2025-09-28 08:03:36 +00:00
silverwind
4d43d85941
Bump setup-node to v5 ( #35448 )
...
See https://github.com/actions/setup-node/releases/tag/v5.0.0
Caching is now enabled by default when `packageManager` is present in
package.json, and we have that. `cache-dependency-path` is unneccesary
because the action will automatically detect it.
2025-09-10 16:11:14 +00:00
techknowlogick
361e59fd53
Switch to pnpm ( #35274 )
...
Co-authored-by: 6543 <6543@obermui.de >
Co-authored-by: silverwind <me@silverwind.io >
2025-09-04 01:17:14 +00:00
silverwind
ca6c0dee2e
Switch bitnami images to bitnamilegacy on CI ( #35402 )
...
As per https://github.com/bitnami/containers/issues/83267 , my
understanding is that the `docker.io/bitnami` images will be deleted on
September 29.
To prevent this failure mode, use the images on the `bitnamilegacy` org
instead which are snapshots from when they stopped updating them.
Long-term, we should replace these images with official ones.
2025-09-03 14:17:16 +00:00
techknowlogick
ed8d4dc37a
rename nightly docker tag for main branch ( #35344 )
...
fixes https://github.com/go-gitea/gitea/issues/35338
2025-08-24 13:40:50 +08:00
silverwind
3531e9dbfd
Replace setup-python with setup-uv ( #35116 )
2025-07-18 14:02:57 +00:00
silverwind
7413e8583d
Replace poetry with uv ( #35084 )
2025-07-15 21:19:39 +00:00
silverwind
dcc9206a59
Raise minimum Node.js version to 20, test on 24 ( #34713 )
...
- Node.js 18 is now EOL, so raise minimum version to current LTS v20
- Test on 24
- Change devcontainers to use LTS version (currently 22),
[ref](https://github.com/devcontainers/features/tree/main/src/node )
2025-06-13 13:40:39 -04:00
silverwind
8365365c9c
Run integration tests against postgres 14 ( #34514 )
...
postgres 12 is end of life since 6 months. 13 and above are still
supported but I think it's overall better if we test a more recent
version of postgres because that's what new users will be running on.
Ref: https://endoflife.date/postgresql
2025-05-23 04:40:21 +00:00
wxiaoguang
58d2a87c6c
update go&js dependencies ( #34262 )
2025-04-23 21:22:40 +00:00
Meng Zhuo
921d3a394d
feat: add riscv64 support ( #34199 )
2025-04-14 16:32:54 +00:00
Allen Conlon
4a3ab5a2cd
fix( #33711 ): cross-publish docker images to ghcr.io ( #34148 )
...
This PR will cross-publish the release, rc, and nightly images from
`docker.io` to `ghcr.io` as docker hub has imposed rate-limiting
Signed-off-by: Allen Conlon <software@conlon.dev >
2025-04-10 19:39:37 +00:00
wxiaoguang
32258e0f22
Update go mod dependencies ( #33988 )
...
blevesearch is skipped because it causes errors
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: silverwind <me@silverwind.io >
2025-03-25 05:51:52 +00:00
wxiaoguang
7290bfaccb
Only keep popular licenses ( #33832 )
...
Fix #33467
2025-03-10 06:40:37 +08:00
wxiaoguang
75e85c25c1
Refactor repo-issue.ts ( #33784 )
...
And remove jQuery
2025-03-04 17:58:17 +00:00
silverwind
43c8d85f19
Disable vet as part of go test ( #33662 )
...
`go vet` implicitely runs as part of `go test`, but we already have
`make lint-go-vet`, so we were essentially running it twice. This should
hopefully make `go test` slightly faster.
Ref: https://pkg.go.dev/cmd/go#hdr-Test_packages
> As part of building a test binary, go test runs go vet
2025-03-03 06:03:42 +00:00
silverwind
2aa59ba9e5
Update files-changed and labeler globs ( #33720 )
...
Few tweaks, should be self-explanatory.
2025-02-25 11:33:23 -08:00
Arif Er
adf7018bfd
Fix OCI image.version annotation for releases to use full semver ( #33698 )
...
This commit fixes the docker build workflow such that semver-tagged
releases use the full semver for the OCI
`org.opencontainers.image.version` annotation, instead of using the
major version only.
This is done by changing the order of the tags that the
`docker/metadata-action` action is told to generate. Since the tags that
the action is told to generate are all of the same priority, the first
in the list will be used to set the annotation.
There is no need to fix the other two docker build workflows, i.e., (i)
the nightly releases and (ii) the rc-tagged releases. This is because
(i) the nightly releases do not get tagged with a semver, so the issue
does not exist, and (ii) rc-tagged releases only get built with one tag,
so the issue of needing to set an order of how tags are generated is
irrelevant.
Resolves go-gitea/gitea#33697 .
2025-02-24 01:37:37 -05:00
wxiaoguang
4adb7cad8b
Improve swagger generation ( #33664 )
...
Remove most "sed" tricks
---------
Co-authored-by: silverwind <me@silverwind.io >
2025-02-21 00:04:30 -08:00
silverwind
b3302748fa
Run yamllint with strict mode, fix issue ( #33551 )
...
Previously yamllint would issue warnings for certain things, while still
exiting with zero. Now warnings are treated like errors and will cause
non-zero exit:
```
-s, --strict return non-zero exit code on warnings as well as errors
```
2025-02-10 22:33:40 +00:00
Lunny Xiao
3ebfc77e83
Disable cron task to update license ( #33486 )
...
Help #33467
The file can be changed or removed after that issue is resolved.
2025-02-03 22:52:20 +02:00
techknowlogick
566f5356db
use dedicated runners for release artifacts ( #32811 )
...
GH runners are having trouble, so switch the remaining release jobs to
use dedicated runners.
2024-12-12 12:02:59 -05:00
wxiaoguang
ecbb03dc6d
Improve testing and try to fix MySQL hanging ( #32515 )
...
By some CI fine tunes (`run tests`), SQLite & MSSQL could complete
in about 12~13 minutes (before > 14), MySQL could complete in 18 minutes
(before: about 23 or even > 30)
Major changes:
1. use tmpfs for MySQL storage
1. run `make test-mysql` instead of `make integration-test-coverage`
because the code coverage is not really used at the moment.
1. refactor testlogger to make it more reliable and be able to report
stuck stacktrace
1. do not requeue failed items when a queue is being flushed (failed
items would keep failing and make flush uncompleted)
1. reduce the file sizes for testing
1. use math ChaCha20 random data instead of crypot/rand (for testing
purpose only)
1. no need to `DeleteRepository` in `TestLinguist`
1. other related refactoring to make code easier to maintain
2024-11-15 23:45:07 +08:00
silverwind
9880c1372e
Bump CI,Flake and Snap to Node 22 ( #32487 )
...
Node 22 is LTS since 2024-10-29. Updated it everywhere.
---------
Co-authored-by: techknowlogick <techknowlogick@gitea.com >
2024-11-13 21:39:55 +00:00
techknowlogick
38e3d8b4e6
use rebuilt mssql-2017 image ( #32109 )
2024-09-23 16:54:20 -04:00
wxiaoguang
3b10fd9b34
Only use Host header from reverse proxy ( #32060 )
...
X-Forwarded-Host has many problems: non-standard, not well-defined
(X-Forwarded-Port or not), conflicts with Host header, it already caused
problems like #31907 . So do not use X-Forwarded-Host, just use Host
header directly.
Official document also only uses `Host` header and never mentioned
others.
2024-09-20 14:57:55 +00:00
Lunny Xiao
af1f0dfcc6
Remove docs sub folder since docs has been moved to https://gitea.com/gitea/docs ( #31536 )
2024-07-10 01:46:08 +00:00
Lunny Xiao
fb7b743bd0
Azure blob storage support ( #30995 )
...
This PR implemented object storages(LFS/Packages/Attachments and etc.)
for Azure Blob Storage. It depends on azure official golang SDK and can
support both the azure blob storage cloud service and azurite mock
server.
Replace #25458
Fix #22527
- [x] CI Tests
- [x] integration test, MSSQL integration tests will now based on
azureblob
- [x] unit test
- [x] CLI Migrate Storage
- [x] Documentation for configuration added
------
TODO (other PRs):
- [ ] Improve performance of `blob download`.
---------
Co-authored-by: yp05327 <576951401@qq.com >
2024-05-30 07:33:50 +00:00
techknowlogick
90f4cf51a3
align s3 files with docker naming ( #31050 )
...
docker images have `-nightly`, this will append the same to binaries
uploaded to s3.
2024-05-22 23:34:52 +00:00
Chongyi Zheng
9a0b449c4f
Remove disk-clean workflow ( #30741 )
...
The jobs in the workflow runs in parallel. The `disk-clean` job actually
does nothing, i.e. it will not clean the disk for `nightly-binary`,
`nightly-docker-rootful`, `nightly-docker-rootless`
2024-04-28 05:47:48 +00:00
silverwind
acfe29fc2b
Enable npm cache on setup-node action ( #30577 )
...
Enable npm dependency cache in
[setup-node](https://github.com/actions/setup-node ). This should work
reliably and across branches as well.
2024-04-19 03:29:08 +00:00
Denys Konovalov
f32ce753f6
Use Crowdin action for translation sync ( #30054 )
...
Switch from the old self-built action to the official one.
We get:
- config managed inside the repo
- automatic upload when source file changes
- automatic invalidation if source string changes (tested)
- automatic download of new translation files
Tested both upload and download.
2024-03-30 18:11:50 +00:00
silverwind
f31a88d3cb
Add stylelint-value-no-unknown-custom-properties and convert stylelint config to js ( #30117 )
...
Add
[`stylelint-value-no-unknown-custom-properties`](https://github.com/csstools/stylelint-value-no-unknown-custom-properties )
which lints for undefined CSS variables. No current violations.
To make it work properly with editor integrations, I had to convert the
config to JS to be able to pass absolute paths to the plugin, but this
is a needed change anyways.
2024-03-29 20:32:35 +00:00
silverwind
2ab5f05f40
Add svg linter and fix incorrect svgs ( #30086 )
...
Fixes https://github.com/go-gitea/gitea/issues/30082 .
Adds a new linter that searches for non-existant SVG images in
templates. Output before the fix was:
```
$ make lint-templates
SVG "octicon-warning" not found, used in templates/devtest/flex-list.tmpl
SVG "octicon-warning" not found, used in templates/devtest/flex-list.tmpl
SVG "octicon-markup" not found, used in templates/repo/diff/comment_form.tmpl
make: *** [Makefile:438: lint-templates] Error 1
```
<img width="306" alt="Screenshot 2024-03-25 at 23 31 05"
src="https://github.com/go-gitea/gitea/assets/115237/1052d1a9-bfec-4d5a-9cae-f895f78f7c93 ">
2024-03-26 11:19:15 +00:00
Yarden Shoham
6ed2c29b14
Don't lock using GitHub actions ( #29913 )
...
We have our bot for this. See:
- https://github.com/GiteaBot/gitea-backporter?tab=readme-ov-file#locks
- https://github.com/GiteaBot/gitea-backporter/blob/main/src/lock.ts
Signed-off-by: Yarden Shoham <git@yardenshoham.com >
Co-authored-by: silverwind <me@silverwind.io >
2024-03-20 00:38:16 +00:00
Denys Konovalov
225fc40528
Update to labeler v5 ( #29721 )
...
Updated to actions/labeler@v5
Updated labeler config accordingly, also improved the config and added
more labels.
---------
Co-authored-by: Giteabot <teabot@gitea.io >
2024-03-12 22:09:02 +00:00
