mirror of
https://github.com/go-gitea/gitea
synced 2026-06-11 05:03:08 +00:00
main
20964
Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
   
|
9619d93e3b |
chore(deps): update action dependencies (#37964)
This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [aws-actions/configure-aws-credentials](https://redirect.github.com/aws-actions/configure-aws-credentials) | action | patch | `v6.1.1` → `v6.1.2` | `v6.1.3` | | [docker/build-push-action](https://redirect.github.com/docker/build-push-action) | action | minor | `v7.1.0` → `v7.2.0` | | | [docker/login-action](https://redirect.github.com/docker/login-action) | action | minor | `v4.1.0` → `v4.2.0` | | | [docker/metadata-action](https://redirect.github.com/docker/metadata-action) | action | minor | `v6.0.0` → `v6.1.0` | | | [docker/setup-buildx-action](https://redirect.github.com/docker/setup-buildx-action) | action | minor | `v4.0.0` → `v4.1.0` | | | [docker/setup-qemu-action](https://redirect.github.com/docker/setup-qemu-action) | action | minor | `v4.0.0` → `v4.1.0` | | | redis | service | digest | `48e78eb` → `e74c9b9` | | --- ### Release Notes <details> <summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary> ### [`v6.1.2`](https://redirect.github.com/aws-actions/configure-aws-credentials/releases/tag/v6.1.2) [Compare Source](https://redirect.github.com/aws-actions/configure-aws-credentials/compare/v6.1.1...v6.1.2) ##### Bug Fixes - additional filesystem checks ([#​1799](https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1799)) ([c39f282](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/c39f282697aca8a78c522ecf1f7da9899a31432c)) </details> <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v7.2.0`](https://redirect.github.com/docker/build-push-action/releases/tag/v7.2.0) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v7.1.0...v7.2.0) - Bump [@​actions/core](https://redirect.github.com/actions/core) from 3.0.0 to 3.0.1 in [#​1525](https://redirect.github.com/docker/build-push-action/pull/1525) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.87.0 to 0.90.0 in [#​1517](https://redirect.github.com/docker/build-push-action/pull/1517) - Bump brace-expansion from 2.0.2 to 5.0.6 in [#​1534](https://redirect.github.com/docker/build-push-action/pull/1534) - Bump fast-xml-builder from 1.1.4 to 1.2.0 in [#​1529](https://redirect.github.com/docker/build-push-action/pull/1529) - Bump fast-xml-parser from 5.5.7 to 5.8.0 in [#​1521](https://redirect.github.com/docker/build-push-action/pull/1521) - Bump postcss from 8.5.6 to 8.5.10 in [#​1526](https://redirect.github.com/docker/build-push-action/pull/1526) - Bump tar from 6.2.1 to 7.5.15 in [#​1533](https://redirect.github.com/docker/build-push-action/pull/1533) **Full Changelog**: <https://github.com/docker/build-push-action/compare/v7.1.0...v7.2.0> </details> <details> <summary>docker/login-action (docker/login-action)</summary> ### [`v4.2.0`](https://redirect.github.com/docker/login-action/releases/tag/v4.2.0) [Compare Source](https://redirect.github.com/docker/login-action/compare/v4.1.0...v4.2.0) - Bump [@​actions/core](https://redirect.github.com/actions/core) from 3.0.0 to 3.0.1 in [#​976](https://redirect.github.com/docker/login-action/pull/976) - Bump [@​aws-sdk/client-ecr](https://redirect.github.com/aws-sdk/client-ecr) and [@​aws-sdk/client-ecr-public](https://redirect.github.com/aws-sdk/client-ecr-public) to 3.1050.0 in [#​960](https://redirect.github.com/docker/login-action/pull/960) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.86.0 to 0.90.0 in [#​970](https://redirect.github.com/docker/login-action/pull/970) - Bump brace-expansion from 2.0.1 to 5.0.6 in [#​993](https://redirect.github.com/docker/login-action/pull/993) - Bump fast-xml-builder from 1.1.4 to 1.2.0 in [#​985](https://redirect.github.com/docker/login-action/pull/985) - Bump fast-xml-parser from 5.3.6 to 5.8.0 in [#​963](https://redirect.github.com/docker/login-action/pull/963) - Bump http-proxy-agent and https-proxy-agent to 9.0.0 in [#​961](https://redirect.github.com/docker/login-action/pull/961) - Bump postcss from 8.5.6 to 8.5.10 in [#​979](https://redirect.github.com/docker/login-action/pull/979) - Bump tar from 6.2.1 to 7.5.15 in [#​991](https://redirect.github.com/docker/login-action/pull/991) - Bump vite from 7.3.1 to 7.3.3 in [#​986](https://redirect.github.com/docker/login-action/pull/986) **Full Changelog**: <https://github.com/docker/login-action/compare/v4.1.0...v4.2.0> </details> <details> <summary>docker/metadata-action (docker/metadata-action)</summary> ### [`v6.1.0`](https://redirect.github.com/docker/metadata-action/releases/tag/v6.1.0) [Compare Source](https://redirect.github.com/docker/metadata-action/compare/v6...v6.1.0) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.79.0 to 0.90.0 in [#​613](https://redirect.github.com/docker/metadata-action/pull/613) - Bump brace-expansion from 1.1.12 to 5.0.6 in [#​658](https://redirect.github.com/docker/metadata-action/pull/658) [#​630](https://redirect.github.com/docker/metadata-action/pull/630) - Bump csv-parse from 6.1.0 to 6.2.1 in [#​617](https://redirect.github.com/docker/metadata-action/pull/617) - Bump fast-xml-parser from 5.4.2 to 5.8.0 in [#​620](https://redirect.github.com/docker/metadata-action/pull/620) - Bump flatted from 3.3.3 to 3.4.2 in [#​623](https://redirect.github.com/docker/metadata-action/pull/623) - Bump glob from 10.3.15 to 10.5.0 in [#​621](https://redirect.github.com/docker/metadata-action/pull/621) - Bump handlebars from 4.7.8 to 4.7.9 in [#​629](https://redirect.github.com/docker/metadata-action/pull/629) - Bump lodash from 4.17.23 to 4.18.1 in [#​639](https://redirect.github.com/docker/metadata-action/pull/639) - Bump moment-timezone from 0.6.0 to 0.6.1 in [#​619](https://redirect.github.com/docker/metadata-action/pull/619) - Bump picomatch from 4.0.3 to 4.0.4 in [#​626](https://redirect.github.com/docker/metadata-action/pull/626) - Bump postcss from 8.5.6 to 8.5.10 in [#​649](https://redirect.github.com/docker/metadata-action/pull/649) - Bump tar from 6.2.1 to 7.5.15 in [#​657](https://redirect.github.com/docker/metadata-action/pull/657) - Bump undici from 6.23.0 to 6.25.0 in [#​614](https://redirect.github.com/docker/metadata-action/pull/614) - Bump vite from 7.3.1 to 7.3.2 in [#​637](https://redirect.github.com/docker/metadata-action/pull/637) **Full Changelog**: <https://github.com/docker/metadata-action/compare/v6.0.0...v6.1.0> </details> <details> <summary>docker/setup-buildx-action (docker/setup-buildx-action)</summary> ### [`v4.1.0`](https://redirect.github.com/docker/setup-buildx-action/releases/tag/v4.1.0) [Compare Source](https://redirect.github.com/docker/setup-buildx-action/compare/v4...v4.1.0) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.79.0 to 0.90.0 in [#​489](https://redirect.github.com/docker/setup-buildx-action/pull/489) - Bump brace-expansion from 1.1.12 to 5.0.6 in [#​547](https://redirect.github.com/docker/setup-buildx-action/pull/547) [#​508](https://redirect.github.com/docker/setup-buildx-action/pull/508) - Bump fast-xml-builder from 1.0.0 to 1.2.0 in [#​540](https://redirect.github.com/docker/setup-buildx-action/pull/540) - Bump fast-xml-parser from 5.4.2 to 5.8.0 in [#​496](https://redirect.github.com/docker/setup-buildx-action/pull/496) - Bump flatted from 3.3.3 to 3.4.2 in [#​499](https://redirect.github.com/docker/setup-buildx-action/pull/499) - Bump glob from 10.3.12 to 13.0.6 in [#​495](https://redirect.github.com/docker/setup-buildx-action/pull/495) - Bump handlebars from 4.7.8 to 4.7.9 in [#​504](https://redirect.github.com/docker/setup-buildx-action/pull/504) - Bump lodash from 4.17.23 to 4.18.1 in [#​523](https://redirect.github.com/docker/setup-buildx-action/pull/523) - Bump picomatch from 4.0.3 to 4.0.4 in [#​503](https://redirect.github.com/docker/setup-buildx-action/pull/503) - Bump postcss from 8.5.6 to 8.5.10 in [#​537](https://redirect.github.com/docker/setup-buildx-action/pull/537) - Bump tar from 6.2.1 to 7.5.15 in [#​545](https://redirect.github.com/docker/setup-buildx-action/pull/545) - Bump undici from 6.23.0 to 6.25.0 in [#​492](https://redirect.github.com/docker/setup-buildx-action/pull/492) - Bump vite from 7.3.1 to 7.3.2 in [#​520](https://redirect.github.com/docker/setup-buildx-action/pull/520) **Full Changelog**: <https://github.com/docker/setup-buildx-action/compare/v4.0.0...v4.1.0> </details> <details> <summary>docker/setup-qemu-action (docker/setup-qemu-action)</summary> ### [`v4.1.0`](https://redirect.github.com/docker/setup-qemu-action/releases/tag/v4.1.0) [Compare Source](https://redirect.github.com/docker/setup-qemu-action/compare/v4...v4.1.0) - Add `reset` input to uninstall current emulators by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​21](https://redirect.github.com/docker/setup-qemu-action/pull/21) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.77.0 to 0.91.0 in [#​250](https://redirect.github.com/docker/setup-qemu-action/pull/250) [#​247](https://redirect.github.com/docker/setup-qemu-action/pull/247) - Bump brace-expansion from 1.1.12 to 1.1.15 in [#​265](https://redirect.github.com/docker/setup-qemu-action/pull/265) - Bump fast-xml-builder from 1.0.0 to 1.2.0 in [#​286](https://redirect.github.com/docker/setup-qemu-action/pull/286) - Bump fast-xml-parser from 5.4.2 to 5.8.0 in [#​255](https://redirect.github.com/docker/setup-qemu-action/pull/255) - Bump flatted from 3.3.3 to 3.4.2 in [#​257](https://redirect.github.com/docker/setup-qemu-action/pull/257) - Bump glob from 10.3.15 to 10.5.0 in [#​254](https://redirect.github.com/docker/setup-qemu-action/pull/254) - Bump handlebars from 4.7.8 to 4.7.9 in [#​262](https://redirect.github.com/docker/setup-qemu-action/pull/262) - Bump lodash from 4.17.23 to 4.18.1 in [#​273](https://redirect.github.com/docker/setup-qemu-action/pull/273) - Bump postcss from 8.5.6 to 8.5.10 in [#​285](https://redirect.github.com/docker/setup-qemu-action/pull/285) - Bump tar from 6.2.1 to 7.5.15 in [#​287](https://redirect.github.com/docker/setup-qemu-action/pull/287) - Bump tmp from 0.2.5 to 0.2.6 in [#​291](https://redirect.github.com/docker/setup-qemu-action/pull/291) - Bump undici from 6.23.0 to 6.26.0 in [#​251](https://redirect.github.com/docker/setup-qemu-action/pull/251) - Bump vite from 7.3.1 to 7.3.2 in [#​271](https://redirect.github.com/docker/setup-qemu-action/pull/271) **Full Changelog**: <https://github.com/docker/setup-qemu-action/compare/v4.0.0...v4.1.0> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: silverwind <me@silverwind.io> |
||
|
|
798578115b |
fix(deps): update npm dependencies, remove nolyfill (#37968)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[@eslint-community/eslint-plugin-eslint-comments](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments)
| [`4.7.1` →
`4.7.2`](https://renovatebot.com/diffs/npm/@eslint-community%2feslint-plugin-eslint-comments/4.7.1/4.7.2)
|
|
|
| [@primer/octicons](https://primer.style/octicons)
([source](https://redirect.github.com/primer/octicons)) | [`19.26.0` →
`19.27.0`](https://renovatebot.com/diffs/npm/@primer%2focticons/19.26.0/19.27.0)
|
|
|
|
[@typescript-eslint/parser](https://typescript-eslint.io/packages/parser)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser))
| [`8.59.4` →
`8.60.0`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.59.4/8.60.0)
|
|
|
|
[@vitest/eslint-plugin](https://redirect.github.com/vitest-dev/eslint-plugin-vitest)
| [`1.6.17` →
`1.6.18`](https://renovatebot.com/diffs/npm/@vitest%2feslint-plugin/1.6.17/1.6.18)
|
|
|
| [dayjs](https://day.js.org)
([source](https://redirect.github.com/iamkun/dayjs)) | [`1.11.20` →
`1.11.21`](https://renovatebot.com/diffs/npm/dayjs/1.11.20/1.11.21) |
|
|
| [katex](https://katex.org)
([source](https://redirect.github.com/KaTeX/KaTeX)) | [`0.16.47` →
`0.17.0`](https://renovatebot.com/diffs/npm/katex/0.16.47/0.17.0) |
|
|
|
[material-icon-theme](https://redirect.github.com/material-extensions/vscode-material-icon-theme/blob/main/README.md)
([source](https://redirect.github.com/material-extensions/vscode-material-icon-theme))
| [`5.34.0` →
`5.35.0`](https://renovatebot.com/diffs/npm/material-icon-theme/5.34.0/5.35.0)
|
|
|
| [pnpm](https://pnpm.io)
([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) |
[`11.2.1` →
`11.4.0`](https://renovatebot.com/diffs/npm/pnpm/11.2.1/11.4.0) |
|
|
|
[rolldown-license-plugin](https://redirect.github.com/silverwind/rolldown-license-plugin)
| [`3.0.7` →
`3.0.8`](https://renovatebot.com/diffs/npm/rolldown-license-plugin/3.0.7/3.0.8)
|
|
|
|
[typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint))
| [`8.59.4` →
`8.60.0`](https://renovatebot.com/diffs/npm/typescript-eslint/8.59.4/8.60.0)
|
|
|
| [updates](https://redirect.github.com/silverwind/updates) |
[`17.16.13` →
`17.17.2`](https://renovatebot.com/diffs/npm/updates/17.16.13/17.17.2) |
|
|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`8.0.13` →
`8.0.14`](https://renovatebot.com/diffs/npm/vite/8.0.13/8.0.14) |
|
|
| [vue](https://vuejs.org/)
([source](https://redirect.github.com/vuejs/core)) | [`3.5.34` →
`3.5.35`](https://renovatebot.com/diffs/npm/vue/3.5.34/3.5.35) |
|
|
| [vue-tsc](https://redirect.github.com/vuejs/language-tools)
([source](https://redirect.github.com/vuejs/language-tools/tree/HEAD/packages/tsc))
| [`3.3.1` →
`3.3.2`](https://renovatebot.com/diffs/npm/vue-tsc/3.3.1/3.3.2) |
|
|
---
### Release Notes
<details>
<summary>eslint-community/eslint-plugin-eslint-comments
(@​eslint-community/eslint-plugin-eslint-comments)</summary>
###
[`v4.7.2`](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/releases/tag/v4.7.2)
[Compare
Source](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/compare/v4.7.1...v4.7.2)
##### Bug Fixes
- **deps:** pin `modern-monaco` version to 0.4.0
([#​320](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/issues/320))
([62a2c3a](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/commit/62a2c3a4ee304a8383f170369c9999198d9bdac8))
- **docs:** use `modern-monaco` instead of `monaco-editor`
([#​311](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/issues/311))
([42919d0](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/commit/42919d06d8a221e061de3ec98e35bf508ea2b5d2))
</details>
<details>
<summary>primer/octicons (@​primer/octicons)</summary>
###
[`v19.27.0`](https://redirect.github.com/primer/octicons/blob/HEAD/CHANGELOG.md#19270)
[Compare
Source](https://redirect.github.com/primer/octicons/compare/v19.26.0...v19.27.0)
##### Minor Changes
- [#​1203](https://redirect.github.com/primer/octicons/pull/1203)
[`a69618e4`](https://redirect.github.com/primer/octicons/commit/a69618e4b64988784c9c0a06bbf809a3fa343642)
Thanks [@​ericwbailey](https://redirect.github.com/ericwbailey)! -
Add flag icon
##### Patch Changes
- [#​1212](https://redirect.github.com/primer/octicons/pull/1212)
[`02bd1ef8`](https://redirect.github.com/primer/octicons/commit/02bd1ef8d15abffaa45be8e00c5fbc896e276c54)
Thanks [@​ericwbailey](https://redirect.github.com/ericwbailey)! -
remove hardcoded fill from flag icon
</details>
<details>
<summary>typescript-eslint/typescript-eslint
(@​typescript-eslint/parser)</summary>
###
[`v8.60.0`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#8600-2026-05-25)
[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.4...v8.60.0)
This was a version bump only for parser to align it with other projects,
there were no code changes.
See [GitHub
Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0)
for more information.
You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.
</details>
<details>
<summary>vitest-dev/eslint-plugin-vitest
(@​vitest/eslint-plugin)</summary>
###
[`v1.6.18`](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/releases/tag/v1.6.18)
[Compare
Source](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.17...v1.6.18)
##### 🐞 Bug Fixes
- Correct `requiresTypeChecking` metadata for four rules - by
[@​inglec-arista](https://redirect.github.com/inglec-arista) in
[#​905](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/issues/905)
[<samp>(e06a3)</samp>](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/commit/e06a3dc)
##### [View changes on
GitHub](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.17...v1.6.18)
</details>
<details>
<summary>iamkun/dayjs (dayjs)</summary>
###
[`v1.11.21`](https://redirect.github.com/iamkun/dayjs/blob/HEAD/CHANGELOG.md#11121-2026-05-26)
[Compare
Source](https://redirect.github.com/iamkun/dayjs/compare/v1.11.20...v1.11.21)
##### Bug Fixes
- preserve unsupported year tokens in format
([#​3015](https://redirect.github.com/iamkun/dayjs/issues/3015))
([#​3016](https://redirect.github.com/iamkun/dayjs/issues/3016))
([8fda602](https://redirect.github.com/iamkun/dayjs/commit/8fda602beac5abbc64230ddc49085aa532320f26))
</details>
<details>
<summary>KaTeX/KaTeX (katex)</summary>
###
[`v0.17.0`](https://redirect.github.com/KaTeX/KaTeX/blob/HEAD/CHANGELOG.md#0170-2026-05-22)
[Compare
Source](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.47...v0.17.0)
##### Performance Improvements
- simplify `defineFunction` to avoid destructuring, improve typing
([#​4222](https://redirect.github.com/KaTeX/KaTeX/issues/4222))
([fb604e6](https://redirect.github.com/KaTeX/KaTeX/commit/fb604e6ba63e99809e242d37f9c8359209d55431))
##### BREAKING CHANGES
- The internal API for `__defineFunction` changed: you should no longer
wrap properties in `props`.
####
[0.16.47](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.46...v0.16.47)
(2026-05-16)
##### Bug Fixes
- correct size of `[` big delimiter
([#​4217](https://redirect.github.com/KaTeX/KaTeX/issues/4217))
([7ba0027](https://redirect.github.com/KaTeX/KaTeX/commit/7ba0027d2f04abddd3b215362f867ab8260b09d7)),
closes
[#​4215](https://redirect.github.com/KaTeX/KaTeX/issues/4215)
####
[0.16.46](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.45...v0.16.46)
(2026-05-13)
##### Bug Fixes
- preserve math font in some styling commands
([#​4214](https://redirect.github.com/KaTeX/KaTeX/issues/4214))
([e9ee046](https://redirect.github.com/KaTeX/KaTeX/commit/e9ee0464ddb31da9bf9649eeb70e52236e7a974a)),
closes
[#​4213](https://redirect.github.com/KaTeX/KaTeX/issues/4213)
####
[0.16.45](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.44...v0.16.45)
(2026-04-05)
##### Bug Fixes
- wrap vcenter mpadded in mrow for valid MathML
([#​4193](https://redirect.github.com/KaTeX/KaTeX/issues/4193))
([ee66b78](https://redirect.github.com/KaTeX/KaTeX/commit/ee66b78d24340edbbd05b08a4a429ce9ed158b25)),
closes
[#​4078](https://redirect.github.com/KaTeX/KaTeX/issues/4078)
####
[0.16.44](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44)
(2026-03-27)
##### Bug Fixes
- remove extra \jot space at bottom of align/gather/etc.
([#​4184](https://redirect.github.com/KaTeX/KaTeX/issues/4184))
([3870ee9](https://redirect.github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62))
####
[0.16.43](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43)
(2026-03-26)
##### Bug Fixes
- use makeEm() consistently to truncate long CSS decimals
([#​4181](https://redirect.github.com/KaTeX/KaTeX/issues/4181))
([0967dcc](https://redirect.github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd))
####
[0.16.42](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42)
(2026-03-24)
##### Features
- \underbracket and \overbracket
([#​4147](https://redirect.github.com/KaTeX/KaTeX/issues/4147))
([5be9abb](https://redirect.github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc))
####
[0.16.41](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41)
(2026-03-24)
##### Bug Fixes
- \sout in text mode
([#​4173](https://redirect.github.com/KaTeX/KaTeX/issues/4173))
([e748578](https://redirect.github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a))
####
[0.16.40](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40)
(2026-03-20)
##### Bug Fixes
- **css:** specify position: relative for .katex
([#​4170](https://redirect.github.com/KaTeX/KaTeX/issues/4170))
([020f0d8](https://redirect.github.com/KaTeX/KaTeX/commit/020f0d89567d59229bac5fc8d8f5832a9508a85f))
####
[0.16.39](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39)
(2026-03-19)
##### Bug Fixes
- middle dot in text mode
([#​4169](https://redirect.github.com/KaTeX/KaTeX/issues/4169))
([edb45b0](https://redirect.github.com/KaTeX/KaTeX/commit/edb45b0b17c7b33349ce5142fe39156da05cb4d8)),
closes
[#​3641](https://redirect.github.com/KaTeX/KaTeX/issues/3641)
####
[0.16.38](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38)
(2026-03-08)
##### Bug Fixes
- accent skew mixed with font specifiers
([#​4159](https://redirect.github.com/KaTeX/KaTeX/issues/4159))
([aea3375](https://redirect.github.com/KaTeX/KaTeX/commit/aea33758d6c98896017007d0244885301773856a)),
closes
[#​4121](https://redirect.github.com/KaTeX/KaTeX/issues/4121)
####
[0.16.37](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.36...v0.16.37)
(2026-03-06)
##### Bug Fixes
- negative-width `\hphantom` and symmetric `\smash`
([#​4153](https://redirect.github.com/KaTeX/KaTeX/issues/4153))
([d4799ca](https://redirect.github.com/KaTeX/KaTeX/commit/d4799cae585d909e2a4e3dedbebdc2f142998ca9))
####
[0.16.36](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.35...v0.16.36)
(2026-03-06)
##### Bug Fixes
- contrib esm bloat
([#​4157](https://redirect.github.com/KaTeX/KaTeX/issues/4157))
([2bde1ad](https://redirect.github.com/KaTeX/KaTeX/commit/2bde1adab2a23f61519145923329c915b04d4778))
####
[0.16.35](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.34...v0.16.35)
(2026-03-05)
##### Bug Fixes
- version number regression
([#​4155](https://redirect.github.com/KaTeX/KaTeX/issues/4155))
([db26b73](https://redirect.github.com/KaTeX/KaTeX/commit/db26b733805f2d0d71e82596475b313c8706557e))
####
[0.16.34](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.33...v0.16.34)
(2026-03-05)
##### Bug Fixes
- emoji with variation selector
([#​4151](https://redirect.github.com/KaTeX/KaTeX/issues/4151))
([c2606e5](https://redirect.github.com/KaTeX/KaTeX/commit/c2606e5db91ae199ee1ff0c8c2f7f9f70fcf589b))
####
[0.16.33](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.32...v0.16.33)
(2026-02-23)
##### Bug Fixes
- **scss:** forward variables to fonts module
([#​4146](https://redirect.github.com/KaTeX/KaTeX/issues/4146))
([9349a64](https://redirect.github.com/KaTeX/KaTeX/commit/9349a64a051ca408da713baf061e32ade80ed22a))
####
[0.16.32](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.31...v0.16.32)
(2026-02-22)
##### Bug Fixes
- italic separation in \mathnormal
([#​4143](https://redirect.github.com/KaTeX/KaTeX/issues/4143))
([71305a0](https://redirect.github.com/KaTeX/KaTeX/commit/71305a05140ca6203092bfdc14f689168b26ab8c))
####
[0.16.31](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.30...v0.16.31)
(2026-02-22)
##### Bug Fixes
- `\*frac` sizing
([#​4137](https://redirect.github.com/KaTeX/KaTeX/issues/4137))
([ef51f18](https://redirect.github.com/KaTeX/KaTeX/commit/ef51f18ded4ab9ba54ba750f2866241c4676c41c))
####
[0.16.30](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.29...v0.16.30)
(2026-02-22)
##### Bug Fixes
- no line breaks after `\not`
([#​4140](https://redirect.github.com/KaTeX/KaTeX/issues/4140))
([2d1ba86](https://redirect.github.com/KaTeX/KaTeX/commit/2d1ba86143bd45540d5a773cfa456081318f3f33))
####
[0.16.29](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.28...v0.16.29)
(2026-02-22)
##### Bug Fixes
- `\imath` and other `\html@mathml` macros in arguments
([#​4139](https://redirect.github.com/KaTeX/KaTeX/issues/4139))
([a850cce](https://redirect.github.com/KaTeX/KaTeX/commit/a850cce7ccbf95a0b187313d1e54d8d40dfc7273))
####
[0.16.28](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.27...v0.16.28)
(2026-01-25)
##### Bug Fixes
- **type:** add missing types definition path to package.json
([#​4125](https://redirect.github.com/KaTeX/KaTeX/issues/4125))
([0ef8921](https://redirect.github.com/KaTeX/KaTeX/commit/0ef8921d189346b0ff8f84a77f7f552349b76893))
####
[0.16.27](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.26...v0.16.27)
(2025-12-07)
##### Features
- support equals sign and surrounding whitespace in \htmlData attribute
values
([#​4112](https://redirect.github.com/KaTeX/KaTeX/issues/4112))
([c77aaec](https://redirect.github.com/KaTeX/KaTeX/commit/c77aaec00c766f5bb02e332a1dc416b82a65fe8f))
####
[0.16.26](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.25...v0.16.26)
(2025-12-07)
##### Bug Fixes
- \mathop followed by integral symbol
([6fbad18](https://redirect.github.com/KaTeX/KaTeX/commit/6fbad18857351e4d2a88ed3e3348bd76caad9be3))
####
[0.16.25](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.24...v0.16.25)
(2025-10-13)
##### Features
- **css:** provide `katex-swap.css` that uses `font-display: swap`
([#​3940](https://redirect.github.com/KaTeX/KaTeX/issues/3940))
([b3f9ce6](https://redirect.github.com/KaTeX/KaTeX/commit/b3f9ce691e89a52dea7ec8f10cc6ed4ddc8fc161)),
closes
[#​2242](https://redirect.github.com/KaTeX/KaTeX/issues/2242)
####
[0.16.24](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.23...v0.16.24)
(2025-10-12)
##### Features
- support hex colors with alpha
([#​4090](https://redirect.github.com/KaTeX/KaTeX/issues/4090))
([8c9b306](https://redirect.github.com/KaTeX/KaTeX/commit/8c9b3063965acc0d6e6a0b6df4d051169de9e1a9)),
closes
[#​4067](https://redirect.github.com/KaTeX/KaTeX/issues/4067)
[#fA6](https://redirect.github.com/KaTeX/KaTeX/issues/fA6)
[#fA6f1](https://redirect.github.com/KaTeX/KaTeX/issues/fA6f1)
####
[0.16.23](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.22...v0.16.23)
(2025-10-03)
##### Bug Fixes
- Support `\def` with arguments via `macros` option
([#​4087](https://redirect.github.com/KaTeX/KaTeX/issues/4087))
([80a8158](https://redirect.github.com/KaTeX/KaTeX/commit/80a815856a8c26d78b3669e9c05fff00efe82247))
####
[0.16.22](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.21...v0.16.22)
(2025-04-09)
##### Bug Fixes
- \relax in base or exponent of super/subscript
([#​4045](https://redirect.github.com/KaTeX/KaTeX/issues/4045))
([1f43c84](https://redirect.github.com/KaTeX/KaTeX/commit/1f43c84a175fb689f8c8d1d72b1e8b896a8b43d1))
####
[0.16.21](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.20...v0.16.21)
(2025-01-17)
##### Bug Fixes
- escape \htmlData attribute name
([57914ad](https://redirect.github.com/KaTeX/KaTeX/commit/57914ad91eff401357f44bf364b136d37eba04f8))
####
[0.16.20](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.19...v0.16.20)
(2025-01-12)
##### Bug Fixes
- \providecommand does not overwrite existing macro
([#​4000](https://redirect.github.com/KaTeX/KaTeX/issues/4000))
([6d30fe4](https://redirect.github.com/KaTeX/KaTeX/commit/6d30fe47b06f9da9b836fe518d5cbbecf6a6a3a1)),
closes
[#​3928](https://redirect.github.com/KaTeX/KaTeX/issues/3928)
####
[0.16.19](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.18...v0.16.19)
(2024-12-29)
##### Bug Fixes
- **types:** improve `strict` function type
([#​4009](https://redirect.github.com/KaTeX/KaTeX/issues/4009))
([4228b4e](https://redirect.github.com/KaTeX/KaTeX/commit/4228b4eb529b8e35def66cc6e4fa467383b98c86))
####
[0.16.18](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.17...v0.16.18)
(2024-12-18)
##### Bug Fixes
- Actually publish TypeScript type definitions
([#​4008](https://redirect.github.com/KaTeX/KaTeX/issues/4008))
([629b873](https://redirect.github.com/KaTeX/KaTeX/commit/629b87354fdfc04a3769f09b69f6bbadebcb9ae8))
####
[0.16.17](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.16...v0.16.17)
(2024-12-17)
##### Bug Fixes
- MathML combines multidigit numbers with sup/subscript, comma
separators, and multicharacter text when outputting to DOM
([#​3999](https://redirect.github.com/KaTeX/KaTeX/issues/3999))
([7d79e22](https://redirect.github.com/KaTeX/KaTeX/commit/7d79e220f465c42d4334dc95f1c41e333667e168)),
closes
[#​3995](https://redirect.github.com/KaTeX/KaTeX/issues/3995)
####
[0.16.16](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.15...v0.16.16)
(2024-12-17)
##### Features
- ESM exports, TypeScript types
([#​3992](https://redirect.github.com/KaTeX/KaTeX/issues/3992))
([ea9c173](https://redirect.github.com/KaTeX/KaTeX/commit/ea9c173a0de953b49b2ce5d131e88b785f5dffa1))
####
[0.16.15](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.14...v0.16.15)
(2024-12-09)
##### Features
- italic sans-serif in math mode via `\mathsfit` command
([#​3998](https://redirect.github.com/KaTeX/KaTeX/issues/3998))
([2218901](https://redirect.github.com/KaTeX/KaTeX/commit/22189018b63c9312ec4ad126804514a7390d60b5))
####
[0.16.14](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.13...v0.16.14)
(2024-12-08)
##### Features
- \dddot and \ddddot support
([#​3834](https://redirect.github.com/KaTeX/KaTeX/issues/3834))
([bda35cd](https://redirect.github.com/KaTeX/KaTeX/commit/bda35cdb0a6bbbc52dd27c79e4d984688be3b745)),
closes
[#​2744](https://redirect.github.com/KaTeX/KaTeX/issues/2744)
####
[0.16.13](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.12...v0.16.13)
(2024-12-08)
##### Bug Fixes
- `\vdots` and `\rule` support in text mode
([#​3997](https://redirect.github.com/KaTeX/KaTeX/issues/3997))
([0e08352](https://redirect.github.com/KaTeX/KaTeX/commit/0e0835262345d991df61a435800a16b069a4d5c7)),
closes
[#​3990](https://redirect.github.com/KaTeX/KaTeX/issues/3990)
####
[0.16.12](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.11...v0.16.12)
(2024-12-08)
##### Features
- **css:** configurable margin for display math
([#​3638](https://redirect.github.com/KaTeX/KaTeX/issues/3638))
([3405001](https://redirect.github.com/KaTeX/KaTeX/commit/3405001225b8ee0cf8b35b2e3a6c1fa2191e5fef))
####
[0.16.11](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.10...v0.16.11)
(2024-07-02)
##### Features
- add \emph
([#​3963](https://redirect.github.com/KaTeX/KaTeX/issues/3963))
([9f34da4](https://redirect.github.com/KaTeX/KaTeX/commit/9f34da4b3cf228a7af8134c394394d780a089f2b)),
closes
[#​3566](https://redirect.github.com/KaTeX/KaTeX/issues/3566)
####
[0.16.10](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.9...v0.16.10)
(2024-03-24)
##### Bug Fixes
- \edef bypassing maxExpand via exponential blowup
([e88b4c3](https://redirect.github.com/KaTeX/KaTeX/commit/e88b4c357f978b1bca8edfe3297f0aa309bcbe34))
- escape \includegraphics src and alt
([c5897fc](https://redirect.github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770))
- force protocol to be lowercase for better protocol filtering
([fc5af64](https://redirect.github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de)),
closes
[/datatracker.ietf.org/doc/html/rfc3986#section-3](https://redirect.github.com//datatracker.ietf.org/doc/html/rfc3986/issues/section-3)
- maxExpand limit with Unicode sub/superscripts
([085e21b](https://redirect.github.com/KaTeX/KaTeX/commit/085e21b5da05414efefa932570e7201a7c70e5b2))
####
[0.16.9](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.8...v0.16.9)
(2023-10-02)
##### Features
- Support bold Fraktur
([#​3777](https://redirect.github.com/KaTeX/KaTeX/issues/3777))
([
|
||
|
GiteabotandGitHub
|
ab2a72fe04 |
fix(deps): update module github.com/google/go-github/v87 to v88 (#37971)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/google/go-github/v87](https://redirect.github.com/google/go-github) | `v87.0.0` → `v88.0.0` |  |  | --- ### Release Notes <details> <summary>google/go-github (github.com/google/go-github/v87)</summary> ### [`v88.0.0`](https://redirect.github.com/google/go-github/releases/tag/v88.0.0) [Compare Source](https://redirect.github.com/google/go-github/compare/v87.0.0...v88.0.0) This release contains the following breaking API changes: - refactor!: Change app installation `Find*` methods to `Get*` ([#​4243](https://redirect.github.com/google/go-github/issues/4243)) BREAKING CHANGE: App installation methods are renamed from `Find*` to `Get*`. ...and the following additional changes: - chore: Bump version of go-github to v88.0.0 ([#​4245](https://redirect.github.com/google/go-github/issues/4245)) - chore: Update `openapi_operations.yaml` ([#​4242](https://redirect.github.com/google/go-github/issues/4242)) - feat: Add support for setting client URLs ([#​4240](https://redirect.github.com/google/go-github/issues/4240)) - refactor: Add constants for API versions ([#​4236](https://redirect.github.com/google/go-github/issues/4236)) - docs: Formatting and punctuation changes ([#​4235](https://redirect.github.com/google/go-github/issues/4235)) - feat: Add `GetParentIssue` for sub-issues ([#​4232](https://redirect.github.com/google/go-github/issues/4232)) - chore: Bump go-github from v86 to v87 in /scrape ([#​4234](https://redirect.github.com/google/go-github/issues/4234)) </details> --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
|
9aa4e897e7 |
chore(deps): update tool dependencies (#37965)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/air-verse/air](https://redirect.github.com/air-verse/air) | `v1.65.2` → `v1.65.3` |  |  | | [github.com/editorconfig-checker/editorconfig-checker/v3](https://redirect.github.com/editorconfig-checker/editorconfig-checker) | `v3.6.1` → `v3.7.0` |  |  | --- ### Release Notes <details> <summary>air-verse/air (github.com/air-verse/air)</summary> ### [`v1.65.3`](https://redirect.github.com/air-verse/air/releases/tag/v1.65.3) [Compare Source](https://redirect.github.com/air-verse/air/compare/v1.65.2...v1.65.3) ##### What's Changed - Extend stale workflow timeout by [@​xiantang](https://redirect.github.com/xiantang) in [#​903](https://redirect.github.com/air-verse/air/pull/903) - Increase stale workflow operation limit by [@​xiantang](https://redirect.github.com/xiantang) in [#​904](https://redirect.github.com/air-verse/air/pull/904) - Add review guidelines for coding agents by [@​xiantang](https://redirect.github.com/xiantang) in [#​905](https://redirect.github.com/air-verse/air/pull/905) - Add configurable color output mode by [@​xiantang](https://redirect.github.com/xiantang) in [#​907](https://redirect.github.com/air-verse/air/pull/907) - fix: rewatch files after atomic saves by [@​xiantang](https://redirect.github.com/xiantang) in [#​908](https://redirect.github.com/air-verse/air/pull/908) - follow-up: fix watcher recovery after atomic saves by [@​xiantang](https://redirect.github.com/xiantang) in [#​909](https://redirect.github.com/air-verse/air/pull/909) - Accept .config/air.toml by [@​bersace](https://redirect.github.com/bersace) in [#​716](https://redirect.github.com/air-verse/air/pull/716) - fix: keep built binary after app shutdown by [@​mariusvniekerk](https://redirect.github.com/mariusvniekerk) in [#​911](https://redirect.github.com/air-verse/air/pull/911) ##### New Contributors - [@​bersace](https://redirect.github.com/bersace) made their first contribution in [#​716](https://redirect.github.com/air-verse/air/pull/716) **Full Changelog**: <https://github.com/air-verse/air/compare/v1.65.2...v1.65.3> </details> <details> <summary>editorconfig-checker/editorconfig-checker (github.com/editorconfig-checker/editorconfig-checker/v3)</summary> ### [`v3.7.0`](https://redirect.github.com/editorconfig-checker/editorconfig-checker/releases/tag/v3.7.0) [Compare Source](https://redirect.github.com/editorconfig-checker/editorconfig-checker/compare/v3.6.1...v3.7.0) ##### Features - **files:** expand glob patterns in passed-file args ([#​190](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/190)) ([#​558](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/558)) ([4c0f326](https://redirect.github.com/editorconfig-checker/editorconfig-checker/commit/4c0f326cfa71fb0dd80c0c71b1844b2550ed799e)) ##### Bug Fixes - **cli:** auto-enable no-color when output format is github-actions ([#​557](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/557)) ([9f4014c](https://redirect.github.com/editorconfig-checker/editorconfig-checker/commit/9f4014ce0944f601472e5cbfaec31f711890c780)) - detect binary files before decoding to prevent false text ([#​550](https://redirect.github.com/editorconfig-checker/editorconfig-checker/issues/550)) ([f47b30c](https://redirect.github.com/editorconfig-checker/editorconfig-checker/commit/f47b30c96713107bc4fe0b7a05e79a293c4874dd)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
 wxiaoguangandGitHub
|
85f563da6c | chore: various frontend changes (#37973) | ||
 
|
689ace1ce2 |
feat(orgs): Add search bar for organization members tab page (#37347)
Resolve #37072 <img width="1312" height="186" alt="image" src="https://github.com/user-attachments/assets/3ca9eddb-9230-4b0d-992f-5b19e475e267" /> --------- Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: bircni <bircni@icloud.com> |
||
|
9155a81b9d |
docs: mark openapi3 as autogenerated in attributes (#37963)
Change from Co-Authored by trailer to Assisted-By and explicitly forbid LLMs from signing off on commits. --------- Signed-off-by: bircni <bircni@icloud.com> Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: bircni <bircni@icloud.com> Co-authored-by: silverwind <me@silverwind.io> |
||
|
GiteaBot
|
5c084c883c | [skip ci] Updated translations via Crowdin | ||
|
a39b2775ed |
test: speed up two tests (#37905)
Two test-only changes that cut the `-race` backend unit job's critical path, with no behavior change. - **`modules/auth/password/hash`** — `TestHashing`/`TestVectors` exercised the CPU-bound KDFs (scrypt `N=65536`, pbkdf2, bcrypt, argon2) serially on one core. Marking the subtests `t.Parallel()` fans them across cores. The hasher registry they read is only mutated by the non-parallel `Test_registerHasher`, so this is race-free. - **`services/release`** — `TestRelease_Update`/`TestRelease_createTag` slept `6x time.Sleep(2s)` only to cross the 1-second `CreatedUnix` boundary. Replaced with an advancing mocked clock (`timeutil.MockSet`), making the timestamp assertions deterministic and removing the real waits. --- This PR was written with the help of Claude Opus 4.8 Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
|
d0eba5e961 |
chore(deps): update urfave/cli/v3 to v3.9.0 (#37863)
Updates `github.com/urfave/cli/v3` to [v3.9.0](https://github.com/urfave/cli/releases/tag/v3.9.0) and removes the renovate pin now that [urfave/cli#2319](https://github.com/urfave/cli/pull/2319) (the `-c` help flag parsing fix) is merged. v3.9.0 prepends the default command name to the root command's args, which broke the old `Root().Args()` check in `isValidDefaultSubCommand`. It now uses the command's own `Args()`. Behavior change: `./gitea web <extra-positional-arg>` now errors with `unknown command` instead of starting the web server and ignoring the trailing arg. `web` takes no positional args, so this is stricter (and arguably more correct) input handling. The intended `./gitea bad-cmd` rejection is unchanged. --- This PR was written with the help of Claude Opus 4.7 --------- Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
|
4e5f43896e |
fix(auth): ignore stale OIDC external login links to organizations (#37875)
## Summary This fixes an OIDC sign-in edge case where a stale `external_login_user` record can still point to an organization or a deleted user. In that situation, Gitea may keep resolving the external login to the wrong account during sign-in. For affected instances, this matches the behavior reported in #36439 and #37812, where a user signing in with OIDC/Entra ID could appear as an organization, or hit a 404 after that organization was removed. ## What changed - validate the user resolved from `external_login_user` during OAuth2/OIDC login - ignore stale links when the linked user no longer exists - ignore stale links when the linked user is not an individual user - remove the stale external login row so the sign-in flow can relink the external account to the correct user ## Related - Fixes #37812 - Related to #36439 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
|
28096162fa |
chore(css): remove unneeded CSS vendor prefixes (#37903)
Removes redundant/obsolete WebKit prefixes: - `-webkit-mask-*` — duplicate the unprefixed `mask-*` siblings already present; every supported browser handles unprefixed CSS Masking longhands. - `-webkit-overflow-scrolling: touch` — a no-op outside iOS Safari <13. Browser floor (all support unprefixed `mask`): Chrome 120+, Safari 15.4+, Firefox 53+, and PaleMoon/Goanna (verified: unprefixed `mask` longhands implemented unconditionally in UXP). --- This PR was written with the help of Claude Opus 4.8 Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
silverwindandGitHub
|
82cf75b68a | enhance(markup): improve issue title rendering (#37908) | ||
|
0359746abe |
feat(actions)!: improve support for reusable workflows (#37478)
## Summary This PR improves reusable workflow support for Gitea Actions. The parsing of the called workflow now happens on Gitea side, not on the runner. When the caller becomes ready, Gitea fetches the called workflow source, parses it, and inserts each child job into the database as a `ActionRunJob` linked to the caller via `ParentCallJobID`. As a result, every callee job is dispatched as its own task and its logs surface as an independent job entry in the UI, rather than being inlined into the caller's "Set up job" step. This PR supports two kinds of `uses` : - same-repo call: `uses: ./.gitea/workflows/foo.yaml` - cross-repo call: `uses: OWNER/REPO/.gitea/workflows/foo.yaml@REF` ## **⚠️ BREAKING ⚠️** External reusable workflows (`uses: https://other-gitea-instance/OWNER/REPO/.gitea/workflows/test.yaml@REF`) are no longer supported. To keep using them, clone the repositories to the local instance. ## Main changes ### Execution model - Each caller job carries `IsReusableCaller=true` and won't be fetched by runners. - `ParentCallJobID` can link a called job to its caller. - Caller status is derived from its direct children. ### Workflow syntax - `jobparser` now supports parsing `on: workflow_call` trigger with `inputs:`, `outputs:`, and `secrets:` declarations. - **Max nesting depth**: capped at `MaxReusableCallLevels = 9`, which means a top-level caller may have at most 9 nested callers below it. - **Cycle prevention**: at expansion time, `checkCallerChain` walks the caller's ancestor chain via `ParentCallJobID` and rejects if the same `uses:` string appears anywhere upstream (`reusable workflow call cycle detected`). This catches both direct (`A -> A`) and indirect (`A -> B -> A`) cycles. ### Cross-repo access - To share reusable workflows from private repos, use `Collaborative Owners` introduced by #32562 ### Rerun semantics - `expandRerunJobIDs` partitions the latest attempt's jobs into: - a **rerun set**: jobs being rerun + downstream siblings within the same scope. - an **ancestor set**: reusable callers whose only *some* descendants are being rerun (the caller itself is not). - Cloning behavior for callers in `execRerunPlan`: - **Caller is fully rerun** (caller's `AttemptJobID` in `rerunSet`): none of its descendants are cloned. The caller is cloned with `IsCallerExpanded=false`, and re-expansion (which reinserts the children fresh) happens later when the resolver brings the caller to `Waiting` again. - **Caller is in ancestor set** (only some descendants rerun): the caller is pass-through (`Status` will be updated by its fresh children). Its non-rerun descendants are also pass-through clones (point `SourceTaskID` at the original task). Their `ParentCallJobID` is remapped to the new attempt's caller row. ### UI - Job list in `RepoActionView.vue` is now tree-shaped: callers indent their children. Callers default to collapsed. - New caller detail page using `WorkflowGraph` to show direct children only; the run summary's `WorkflowGraph` shows top-level callers and their immediate descendants. ### Known trade-offs - **Caller expansion runs inside the enclosing write transaction.** `expandReusableWorkflowCaller` performs a git read of the called workflow while holding the row locks that update the caller and insert its children. This is intentional: the caller-row update and child-row inserts must commit atomically. None of the call sites is hot (each caller is expanded once per attempt), so the trade-off is acceptable. - **A malformed `if:` expression on a job leaves it `Blocked` silently.** `evaluateJobIf` now runs server-side as part of resolver passes; deterministic expression errors (typos, undefined context fields) are logged but do not surface in the UI. This is the same behavior the resolver already had for concurrency-expression errors. Distinguishing transient DB errors from user-authored expression errors and writing the latter back as `StatusFailure` is a follow-up. #### Screenshots <img width="1600" alt="image" src="https://github.com/user-attachments/assets/bfaa9b7a-07e9-4127-8de9-a81f86e82828" /> <img width="1600" alt="image" src="https://github.com/user-attachments/assets/8af109b3-ef28-4b53-aaad-d4632b923224" /> ## References - https://docs.github.com/en/actions/how-tos/reuse-automations/reuse-workflows - https://docs.github.com/en/actions/reference/workflows-and-actions/reusing-workflow-configurations --- Replace #36388 --------- Signed-off-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
|
2960d6889c |
ci: stabilize Elasticsearch tests (#37906)
At a 512m heap the CI Elasticsearch GC-thrashes under the jobs' memory pressure and goes unresponsive, flaking `test-unit` (ES indexer tests time out) and `test-mysql` (the ES-backed issue indexer blocks the per-test queue flush). Raise the heap to 1g and disable ML + the startup GeoIP download. Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
|
a342206a21 |
fix(locales): Replace hardcoded strings (#37788)
The Workflow Dependencies graph in the Actions run details view had hard-coded English strings. Also in projects view and contributors view I found some hard-coded strings. The other items in the issue #37787 (Summary / All jobs / Run Details / Workflow file / Triggered via / Total duration) were already wired through ctx.Locale.Tr; their translations just need to land in the non-English locale_*.json files via the translation pipeline. Fixes #37787 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
GiteabotandGitHub
|
d07a42e777 |
fix(deps): update module golang.org/x/image to v0.41.0 [security] (#37904)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [golang.org/x/image](https://pkg.go.dev/golang.org/x/image) | [`v0.40.0` → `v0.41.0`](https://cs.opensource.google/go/x/image/+/refs/tags/v0.40.0...refs/tags/v0.41.0) |  |  | --- ### Panic when reading out of bound palette index in golang.org/x/image/bmp [CVE-2026-42500](https://nvd.nist.gov/vuln/detail/CVE-2026-42500) / [GO-2026-5031](https://pkg.go.dev/vuln/GO-2026-5031) <details> <summary>More information</summary> #### Details Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image. #### Severity Unknown #### References - [https://go.dev/issue/79576](https://go.dev/issue/79576) - [https://groups.google.com/g/golang-announce/c/uhYX90BlBvI](https://groups.google.com/g/golang-announce/c/uhYX90BlBvI) - [https://go.dev/cl/781500](https://go.dev/cl/781500) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5031) and the [Go Vulnerability Database](https://redirect.github.com/golang/vulndb) ([CC-BY 4.0](https://redirect.github.com/golang/vulndb#license)). </details> --- ### Excessive resource consumption in PackBits decompression in golang.org/x/image/tiff [CVE-2026-46599](https://nvd.nist.gov/vuln/detail/CVE-2026-46599) / [GO-2026-5032](https://pkg.go.dev/vuln/GO-2026-5032) <details> <summary>More information</summary> #### Details The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded size) to make the decoder decode large amounts of compressed data. #### Severity Unknown #### References - [https://go.dev/issue/79577](https://go.dev/issue/79577) - [https://go.dev/cl/759960](https://go.dev/cl/759960) - [https://groups.google.com/g/golang-announce/c/uhYX90BlBvI](https://groups.google.com/g/golang-announce/c/uhYX90BlBvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5032) and the [Go Vulnerability Database](https://redirect.github.com/golang/vulndb) ([CC-BY 4.0](https://redirect.github.com/golang/vulndb#license)). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
|
dd59c68486 |
feat(actions): bulk delete, disable and enable runners in admin UI (#37869)
Adds bulk actions on the site-admin runner list (`/-/admin/actions/runners`). Site admins can now select multiple runners and **Delete**, **Disable**, or **Enable** them in one go instead of clicking through each runner's edit page. Scope is intentionally limited to the admin page. The user, org, and repo runner pages keep their existing per-row UX — the shared list template gates the bulk UI behind an `AllowBulkActions` flag set only by the admin handler. ## Screenshots <img width="1582" height="353" src="https://github.com/user-attachments/assets/2125661f-aac0-4168-990a-97995a26abd2" /> --------- Signed-off-by: Nicolas <bircni@icloud.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|
|
dafc9e127a |
chore: update giteabot to v1.0.3 (#37896)
Bump the pinned `giteabot` action to the [`v1.0.3`](https://github.com/go-gitea/giteabot/releases/tag/v1.0.3) release in both `giteabot.yml` and `giteabot-backport.yml`. v1.0.3 moves label/state queries off the search API on top of the existing retry logic. --- This PR was written with the help of Claude Opus 4.8 Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
|
949119c1dd |
fix(actions): exclude workflow_call from workflow trigger detection (#37894)
Gitea now only allows `workflow_dispatch.inputs`. If a workflow contains `workflow_call.inputs`, the workflow cannot be triggered, even though the `on:` section contains other trigger events. https://github.com/go-gitea/gitea/blob/428ee9fcce7928bf5405900345d43e9ba1b01564/modules/actions/jobparser/model.go#L402-L405 For example, this workflow cannot be triggered due to `workflow_call.inputs`: ```yaml on: push: pull_request: workflow_call: inputs: name: type: string ``` --- This PR is extracted from #37478 for backport --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
|
da3e192eaf |
fix(actions): keep action run title clickable when commit subject is a URL (#37867)
- When a commit subject is a bare URL, `linkProcessor` wrapped it in its own `<a>` to that URL. Because HTML cannot nest anchors, the wrapping default link (the action run / commit link) was lost and the action title became unclickable — clicking it sent the user to the URL from the commit message instead of the action log. - Drop `linkProcessor` from `PostProcessCommitMessageSubject` so the whole subject stays wrapped in the default link. URLs in subjects now render as text inside that link; URLs in commit bodies are unaffected. Fixes #37865 --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
ea723fe482 |
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
### Description Replaces all remaining direct `gopkg.in/yaml.v3` imports with `go.yaml.in/yaml/v4` across models, modules, routers, services, and integration tests. `gopkg.in/yaml.v3` moves from a direct to an indirect dependency in `go.mod`. #### API compatibility The yaml.Node type, node.Kind/node.Content traversal style (modules/markup/markdown/convertyaml.go), and the UnmarshalYAML(*yaml.Node) interface signature (modules/optional/serialization.go) are all preserved in v4 — no call-site changes were required beyond the import path. **Related:** - https://github.com/go-gitea/gitea/pull/36564#issuecomment-4526536805 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com> |
||
|
90d443b46c |
fix(actions): reject workflow_dispatch for workflows without that trigger (#37660)
## Summary Fixes #37528 This PR makes the workflow dispatch API reject workflows that do not declare `workflow_dispatch`. Previously, `POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches` could create an `ActionRun` for a workflow that only declared another event such as `push`. The service now validates that the target workflow has a `workflow_dispatch` trigger before inserting the run. The API maps that validation failure to `422 Unprocessable Entity`, matching existing validation failures in this handler. The regression test creates a push-only workflow, dispatches it through the public API, asserts the `workflow_dispatch` validation message, and verifies that no run was inserted. ## Disclosure Developed with assistance from OpenAI Codex. --------- Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
|
428ee9fcce |
fix(testing): Fix random failure test (#37887)
Fix the flaky npm package web view test that compared rendered HTML as a raw string. Fix https://github.com/go-gitea/gitea/actions/runs/26524574688/job/78124662707?pr=36564 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
|
49f88a4b9e |
feat(repo): split repository creation limit into user and org scopes (#37872)
## Background `MAX_CREATION_LIMIT` applies to whoever owns a new repository, with no distinction between individual users and organizations. Admins who want different limits for the two - most commonly "block personal repos but let orgs create freely" - currently have to set per-user / per-org overrides on every entity. ## Changes Adds two new `[repository]` settings: - `USER_MAX_CREATION_LIMIT`: global limit for individual users - `ORG_MAX_CREATION_LIMIT`: global limit for organizations `MAX_CREATION_LIMIT` is kept as a shortcut: when set, it becomes the default value for both new keys. When the new keys are explicitly configured, they take precedence. Deployments that only set `MAX_CREATION_LIMIT` see behavior identical to now. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
52fef74291 |
fix(frontend): resolve Vite assets by manifest source path (#37836)
In dev mode `/api/swagger` returned HTTP 500 (`Failed to locate local path for managed asset URI: css/swagger.css`): the backend synthesised asset keys from the Vite entry name instead of reading the manifest, which only worked by coincidence and broke once a source file name diverged from its entry name. This keys the manifest by its source path (e.g. `web_src/js/index.ts`) and resolves entries directly — hashed `file` in prod, dev-server source in dev. A new `AssetCSSLinks` helper renders a JS entry's stylesheet `<link>` tags from the manifest (the entry's CSS plus the CSS of its statically-imported chunks). Fixes: https://github.com/go-gitea/gitea/issues/37830 Fixes: https://github.com/go-gitea/gitea/pull/37832 Fixes: https://github.com/go-gitea/gitea/pull/37876 Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: prakhar0x01 <prakharporwal2004@gmail.com> Co-authored-by: Nicolas <bircni@icloud.com> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
NicolasandGitHub
|
db04bcb31a | enhance(actions): set descriptive browser tab title on run view (#37870) | ||
|
9e0e9e45ac |
fix: support ##[command] log prefix in action run UI (#37882)
The Actions log parser only recognized `[command]`, so runner command output emitted as `##[command] ...` was not shown in expanded step logs. Add `##[command]` support to `LogLinePrefixCommandMap` in `web_src/js/components/ActionRunView.ts` and cover it with a regression test in `web_src/js/components/ActionRunView.test.ts`. Changes - Fixes Actions UI log rendering for runner command output - Adds support for ##[command] in the Actions log parser - Ensures runner echo ... lines are rendered when expanding step logs - Includes a regression test covering ##[command] foo parsing Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
|
3c73da51b9 |
test: fix flaky issue-comment close test (#37880)
After posting a comment the page reloads via fetch-action. Clicking
"Close Issue" before the form re-initializes triggers a native form
submit, which navigates to the raw JSON redirect response
(`{"redirect":...}`) instead of the issue, so "Reopen Issue" never
appears and the test times out (observed on Firefox in CI).
Wait for the comment button to become disabled — which only happens once
the form re-initializes — before clicking "Close Issue".
---
This PR was written with the help of Claude Opus 4.7
Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
Co-authored-by: Nicolas <bircni@icloud.com>
|
||
|
|
b4407e36aa |
fix(actions): ack re-sent UpdateLog finalize idempotently (#37885)
Fixes https://github.com/go-gitea/gitea/issues/37871, full backwards and forwards compatible with runners. Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|
GiteaBot
|
e5ce5bfae5 | [skip ci] Updated translations via Crowdin | ||
|
Lunny XiaoandGitHub
|
0a3e7483a4 |
chore: Move gitea sdk from code.gitea.io/sdk/gitea -> gitea.dev/sdk (#37855)
- Use gitea.dev/sdk instead of code.gitea.io/sdk/gitea - Use gitea.dev/actions-proto-def instead of code.gitea.io/actions-proto-def |
||
|
|
f810e882a4 |
chore(deps): update chroma, regexp2 v2, replace dimiro1/reply (#37858)
- Update `github.com/alecthomas/chroma/v2` to `v2.25.0`. - Migrate `github.com/dlclark/regexp2` to `/v2` (incorporates https://github.com/go-gitea/gitea/pull/37664); drop the renovate pin. - Replace the unmaintained `github.com/dimiro1/reply` (the last consumer of `regexp2` v1 in our own code) with a small built-in reply parser for incoming mail. Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: Nicolas <bircni@icloud.com> |
||
|
wxiaoguangandGitHub
|
729c4b8813 |
chore: clarify SSH clone URL related config options (#37877)
move "SSH_PORT" alongside "SSH_DOMAIN" and explain more |
||
|
b7a3c7a3be |
chore: remove mssql x509negativeserial workaround (#37853)
The following TLS handshake error is fixed by newer versions of mssql (refer to https://github.com/microsoft/mssql-docker/issues/895#issuecomment-2737646391) ``` TLS Handshake failed: tls: failed to parse certificate from server: x509: negative serial number ``` Based on https://github.com/microsoft/go-sqlcmd/issues/755#issuecomment-4491676993, newer versions of mssql don't have this problem. And there're changes going to mssql driver side to make this error more explicit https://github.com/microsoft/go-mssqldb/pull/356. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
GiteaBot
|
9e7fadb089 | [skip ci] Updated translations via Crowdin | ||
|
Lunny XiaoandGitHub
|
61b1a39efe | chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873) | ||
|
a03e0364eb |
feat(actions): add branch filters to run list (#37826)
## Summary - Add a Branch filter dropdown to the repo Actions run list web UI - Wire `?branch=` query param through the web handler, matching the existing REST API filter behavior - Source the Branch dropdown from the indexed `branch` table (filtering out deleted branches) instead of scanning `action_run.ref`, addressing review feedback about unindexed columns The Event filter was dropped after review: a static list of supported events was noisy as UX, and querying distinct values from `action_run.trigger_event` is slow because the column is not indexed. `FindRunOptions.TriggerEvent` is kept for the REST API. Closes #25042 --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> |
||
|
|
4a6db5a7c2 |
fix: http content file render (#37850)
Fix #37849 --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: TheFox0x7 <thefox0x7@gmail.com> |
||
|
|
3223d919b0 |
test: fix flaky TestResourceIndex and reduce its runtime (#37847)
The modernc SQLite driver (default since https://github.com/go-gitea/gitea/pull/37562) returns `SQLITE_BUSY` once the busy timeout is reached, unlike mattn which waited indefinitely. `TestResourceIndex` fires many concurrent `NewIssue` writers, but SQLite serializes all writers, so they queue on a single `BEGIN IMMEDIATE` write lock. Under `-race` (modernc is much slower) the goroutines at the back of the queue exceeded the hardcoded 5s test timeout, producing `database is locked (5) (SQLITE_BUSY)`. Changes: - Reduce the concurrent inserts from 25 to 10. Since SQLite serializes writers, the extra goroutines only deepen the busy-lock queue without adding coverage. 10 still exercises concurrent index allocation while cutting the test's `-race` runtime ~3x (2.76s to 0.86s locally). - Share the busy-timeout constant: export `DefaultSQLiteBusyTimeout` (20s, the production default) and reference it from the test engine instead of the hardcoded `5000`. Observed flake: https://github.com/go-gitea/gitea/actions/runs/26394082930/job/77690496092 --- This PR was written with the help of Claude Opus 4.7 --------- Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> |
||
|
GiteabotandGitHub
|
5badd1bdee |
fix(deps): update go dependencies (#37851)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [connectrpc.com/connect](https://redirect.github.com/connectrpc/connect-go) | `v1.19.2` → `v1.20.0` |  |  | | [gitea.com/gitea/runner](https://gitea.com/gitea/runner) | `v1.0.4` → `v1.0.5` |  |  | | [gitlab.com/gitlab-org/api/client-go/v2](https://gitlab.com/gitlab-org/api/client-go) | `v2.29.0` → `v2.30.0` |  |  | --- ### Release Notes <details> <summary>connectrpc/connect-go (connectrpc.com/connect)</summary> ### [`v1.20.0`](https://redirect.github.com/connectrpc/connect-go/releases/tag/v1.20.0) [Compare Source](https://redirect.github.com/connectrpc/connect-go/compare/v1.19.2...v1.20.0) #### What's Changed ##### Other changes - Bump minimum supported Go version to 1.25 by [@​jonbodner-buf](https://redirect.github.com/jonbodner-buf) in [#​922](https://redirect.github.com/connectrpc/connect-go/issues/922) - Update Unary-Get query parameter order to match spec recommendation by [@​oliversun9](https://redirect.github.com/oliversun9) in [#​926](https://redirect.github.com/connectrpc/connect-go/issues/926) #### New Contributors - [@​jonbodner-buf](https://redirect.github.com/jonbodner-buf) made their first contribution in [#​922](https://redirect.github.com/connectrpc/connect-go/issues/922) **Full Changelog**: <https://github.com/connectrpc/connect-go/compare/v1.19.2...v1.20.0> </details> <details> <summary>gitea/runner (gitea.com/gitea/runner)</summary> ### [`v1.0.5`](https://gitea.com/gitea/runner/releases/tag/v1.0.5) [Compare Source](https://gitea.com/gitea/runner/compare/v1.0.4...v1.0.5) #### Changelog - fix(deps): update module connectrpc.com/connect to v1.20.0 ([#​985](https://redirect.github.com/gitea/runner/issues/985)) - update docker cli to v29.5.2 ([#​984](https://redirect.github.com/gitea/runner/issues/984)) - feat: add cache.offline\_mode to reuse cached actions ([#​966](https://redirect.github.com/gitea/runner/issues/966)) - Remove stale Gitea 1.20 compatibility shims ([#​978](https://redirect.github.com/gitea/runner/issues/978)) - fix(deps): update module github.com/docker/cli to v29.5.1+incompatible ([#​979](https://redirect.github.com/gitea/runner/issues/979)) - fix(deps): update module github.com/go-git/go-git/v5 to v5.19.1 ([#​980](https://redirect.github.com/gitea/runner/issues/980)) </details> <details> <summary>gitlab-org/api/client-go (gitlab.com/gitlab-org/api/client-go/v2)</summary> ### [`v2.30.0`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.30.0) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.29.0...v2.30.0) #### 2.30.0 ##### 🚀 Features - feat(orbit): add GetDsl for /api/v4/orbit/schema/dsl ([!2901](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2901)) by [Michael Angelo Rivera](https://gitlab.com/michaelangeloio) ### [2.30.0](https://gitlab.com/gitlab-org/api/client-go/compare/v2.29.0...v2.30.0) (2026-05-20) ##### Features * **orbit:** add GetDsl for /api/v4/orbit/schema/dsl ([530031c](https://gitlab.com/gitlab-org/api/client-go/commit/530031c2854b05d05f69815ea3a7ca8fb65341a5)) </details> --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
GiteabotandGitHub
|
326db5c932 |
chore(deps): update dependency @stylistic/stylelint-plugin to v5.2.0 (#37852)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@stylistic/stylelint-plugin](https://redirect.github.com/stylelint-stylistic/stylelint-stylistic) | [`5.1.0` → `5.2.0`](https://renovatebot.com/diffs/npm/@stylistic%2fstylelint-plugin/5.1.0/5.2.0) |  |  | --- ### Release Notes <details> <summary>stylelint-stylistic/stylelint-stylistic (@​stylistic/stylelint-plugin)</summary> ### [`v5.2.0`](https://redirect.github.com/stylelint-stylistic/stylelint-stylistic/blob/HEAD/CHANGELOG.md#520--20260520) [Compare Source](https://redirect.github.com/stylelint-stylistic/stylelint-stylistic/compare/v5.1.0...v5.2.0) ##### Added - The `declaration-block-semicolon-newline-before` rule is now autofixable. ##### Fixed - An exception for an empty custom property value has been added to the `declaration-block-semicolon-newline-before` and `declaration-colon-space-after` rules: the `--custom-prop: ;` and `--custom-prop:;` variants are now considered valid (see [#​50](https://redirect.github.com/stylelint-stylistic/stylelint-stylistic/issues/50)). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
GiteabotandGitHub
|
1c130d2eb6 |
chore(deps): update npm dependencies (#37848)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [pnpm](https://pnpm.io) ([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) | [`11.1.3` → `11.2.1`](https://renovatebot.com/diffs/npm/pnpm/11.1.3/11.2.1) |  |  | | [stylelint](https://stylelint.io) ([source](https://redirect.github.com/stylelint/stylelint)) | [`17.11.1` → `17.12.0`](https://renovatebot.com/diffs/npm/stylelint/17.11.1/17.12.0) |  |  | --- ### Release Notes <details> <summary>pnpm/pnpm (pnpm)</summary> ### [`v11.2.1`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1121) [Compare Source](https://redirect.github.com/pnpm/pnpm/compare/v11.2.0...v11.2.1) ##### Patch Changes - Mark optional subdependency snapshots of config dependencies with `optional: true` in the env lockfile, matching how optional dependencies are recorded elsewhere in `pnpm-lock.yaml`. Previously, snapshots for the platform-specific subdeps pulled in via a config dep's `optionalDependencies` were written as empty objects, which was inconsistent with the rest of the lockfile and made it look like those non-host platform variants were required. - Fix `pickRegistryForPackage` returning the wrong registry for an unscoped `npm:` alias under a scoped local name. A manifest entry like `"@​private/foo": "npm:lodash@^1"` was routing the `lodash` fetch through `registries["@​private"]`, even though `lodash` is unscoped and doesn't live on that registry. The npm-alias branch now returns the alias target's own scope (or `null` for an unscoped target, falling through to `registries.default`) instead of leaking into the local key's scope. - Don't print "Installing config dependencies..." when config dependencies are already installed and nothing needs to be fetched, re-linked, or removed. ### [`v11.2.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1120) [Compare Source](https://redirect.github.com/pnpm/pnpm/compare/v11.1.3...v11.2.0) ##### Minor Changes - **Experimental:** Adding [`@pnpm/pacquet`](https://npmx.dev/package/@​pnpm/pacquet) (the Rust port of pnpm) to `configDependencies` in `pnpm-workspace.yaml` now delegates the materialization phase of `pnpm install` to the pacquet binary. pnpm still owns dependency resolution; pacquet only fetches and imports from the freshly-written lockfile. This is an opt-in preview of the Rust install engine [#​11723](https://redirect.github.com/pnpm/pnpm/issues/11723). To configure pacquet in a project, run: ``` pnpm add @​pnpm/pacquet --config ``` You'll see changes in `pnpm-workspace.yaml` and `pnpm-lock.yaml` that should be committed. If you experience any issues with pacquet, please let us know by mentioning this in the GitHub issue you create. - `configDependencies` now resolve and install one level of `optionalDependencies` declared by the config dependency, with `os`/`cpu`/`libc` platform filtering applied at install time. This unlocks the esbuild/swc-style pattern where a package ships platform-specific binaries via `optionalDependencies` — a config dependency can now do the same and have the matching binary symlinked next to it in the global virtual store, so `require('pkg-platform-arch')` from inside the config dependency resolves correctly. The env lockfile records all platform variants regardless of host platform, so it remains portable across machines. Each entry in a config dependency's `optionalDependencies` must declare an exact version — ranges and tags are rejected to keep installs reproducible. - Implement the documented `pnpm login --scope <scope>` flag. The scope is normalized (a leading `@` is added if missing; blank values are ignored) and an `@<scope>:registry=<registry>` mapping is written to the pnpm auth file alongside the auth token. Subsequent installs of `@<scope>/*` packages then route to the chosen registry. Previously `pnpm login --scope foo` errored with `Unknown option: 'scope'` despite the flag being listed in the online documentation [#​11716](https://redirect.github.com/pnpm/pnpm/issues/11716). - `pnpm outdated` and `pnpm update --interactive` now report Node.js, Deno, and Bun runtimes installed as project dependencies (`runtime:` specifiers). Previously these were silently skipped. ##### Patch Changes - Fix `cafile=<relative-path>` in `.npmrc` being read from the wrong directory when pnpm is invoked from a different cwd (e.g. `pnpm --dir <project> install` from a CI wrapper or monorepo script). The path is now resolved against the directory of the `.npmrc` that declared it, not `process.cwd()`. Before this fix the CA file silently failed to load — the install proceeded without the configured CA and the user only saw TLS errors against a private registry, with no log line tying back to the wrongly resolved path [#​11624](https://redirect.github.com/pnpm/pnpm/issues/11624). - Fix `config.registry` getting a trailing slash appended when `registry` is set in `.npmrc` and no `registries.default` is provided by `pnpm-workspace.yaml`. The sync from `registries.default` to `config.registry` introduced in [#​11744](https://redirect.github.com/pnpm/pnpm/issues/11744) now only fires when the workspace manifest actually contributes a different default. - Fix global add/update to handle minimumReleaseAge policy violations instead of surfacing an internal resolver guardrail error. - Fix two crashes with `injectWorkspacePackages: true` when the lockfile has been pruned (e.g. by `turbo prune --docker`): - `Cannot use 'in' operator to search for 'directory' in undefined`: a peer-dependency-variant injected snapshot inherits its `resolution` from the base `packages:` entry; when a pruner drops that base entry the readers crash. `convertToLockfileObject` now reconstructs the directory resolution from the `file:` depPath at load time — a single normalization point, so every reader sees a fully-formed snapshot. - `ERR_PNPM_ENOENT` on `node_modules/.bin/<tool>`: after `prepare`/`postinstall`, `runLifecycleHooksConcurrently` re-imported each injected workspace package; the `scanDir`-into-`filesMap` workaround fed target-internal paths to the importer, which the `makeEmptyDir` fast path ([#​11088](https://redirect.github.com/pnpm/pnpm/issues/11088)) then wiped. Drop the workaround and pass `keepModulesDir: true` so the importer preserves the target's existing `node_modules` (bin links + transitive deps) and source files keep their hardlinks. - Fixed `pnpm login` and `pnpm logout` ignoring `registries.default` from `pnpm-workspace.yaml` [#​10099](https://redirect.github.com/pnpm/pnpm/issues/10099). - Fix the `minimumReleaseAge` (publishedBy) maturity shortcut to be inclusive at the cutoff. Previously, abbreviated metadata whose `modified` field equalled the cutoff fell off the fast path and triggered a full-metadata re-fetch (or a `MISSING_TIME` error when full metadata wasn't permitted). Since `modified` is an upper bound on every version's publish time, `modified == publishedBy` already implies every version passes the per-version `<=` filter in `filterPkgMetadataByPublishDate`, so the shortcut now accepts the boundary case directly. Strictly `>` (was `>=`) at the rejection branch. - Honor `publishConfig.access` when publishing packages. </details> <details> <summary>stylelint/stylelint (stylelint)</summary> ### [`v17.12.0`](https://redirect.github.com/stylelint/stylelint/blob/HEAD/CHANGELOG.md#17120---2026-05-20) [Compare Source](https://redirect.github.com/stylelint/stylelint/compare/17.11.1...17.12.0) It fixes 3 bugs, including a false negative one. - Fixed: `block-no-empty` reported range when using comments ([#​9294](https://redirect.github.com/stylelint/stylelint/pull/9294)) ([@​romainmenke](https://redirect.github.com/romainmenke)). - Fixed: `declaration-property-value-no-unknown` false negatives for custom properties defined in reference files ([#​9292](https://redirect.github.com/stylelint/stylelint/pull/9292)) ([@​romainmenke](https://redirect.github.com/romainmenke)). - Fixed: `value-keyword-layout-mappings` false positives for `caption-side` ([#​9293](https://redirect.github.com/stylelint/stylelint/pull/9293)) ([@​romainmenke](https://redirect.github.com/romainmenke)). </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
GiteabotandGitHub
|
821d3c4672 | fix(deps): update module github.com/google/go-github/v86 to v87 (#37845) | ||
|
NicolasandGitHub
|
d93bbcc0a6 | feat(actions): List workflows that were executed once but got removed from the default branch (#37835) | ||
|
GiteabotandGitHub
|
2775158024 |
chore(deps): update module github.com/air-verse/air to v1.65.2 (#37840)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/air-verse/air](https://redirect.github.com/air-verse/air) | `v1.65.1` → `v1.65.2` |  |  | --- ### Release Notes <details> <summary>air-verse/air (github.com/air-verse/air)</summary> ### [`v1.65.2`](https://redirect.github.com/air-verse/air/releases/tag/v1.65.2) [Compare Source](https://redirect.github.com/air-verse/air/compare/v1.65.1...v1.65.2) ##### What's Changed - docs: clarify Go install binary path by [@​xiantang](https://redirect.github.com/xiantang) in [#​900](https://redirect.github.com/air-verse/air/pull/900) - fix: keep app running until rebuild succeeds by [@​mariusvniekerk](https://redirect.github.com/mariusvniekerk) in [#​897](https://redirect.github.com/air-verse/air/pull/897) - docs: add Scoop install instructions by [@​xiantang](https://redirect.github.com/xiantang) in [#​901](https://redirect.github.com/air-verse/air/pull/901) - Resolve root directory if symlinked by [@​caleb-fringer](https://redirect.github.com/caleb-fringer) in [#​742](https://redirect.github.com/air-verse/air/pull/742) - Add stale issue workflow by [@​xiantang](https://redirect.github.com/xiantang) in [#​902](https://redirect.github.com/air-verse/air/pull/902) ##### New Contributors - [@​mariusvniekerk](https://redirect.github.com/mariusvniekerk) made their first contribution in [#​897](https://redirect.github.com/air-verse/air/pull/897) - [@​caleb-fringer](https://redirect.github.com/caleb-fringer) made their first contribution in [#​742](https://redirect.github.com/air-verse/air/pull/742) **Full Changelog**: <https://github.com/air-verse/air/compare/v1.65.1...v1.65.2> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
|
0b3d7e2ba3 |
chore(deps): use maintained html2text package directly (#37842)
Currently unmaintained package `github.com/jaytaylor/html2text` is replaced using `replace` directive. Instead, the correct package `github.com/Necoro/html2text` should be referenced directly in code. --------- Co-authored-by: Giteabot <teabot@gitea.io> |
||
|
GiteabotandGitHub
|
7daab82344 |
chore(deps): update redis:latest docker digest to 48e78eb (#37838)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | redis | service | digest | `94ea4f5` → `48e78eb` | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
GiteabotandGitHub
|
1b1113b509 |
fix(deps): update go dependencies (#37841)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [gitea.com/gitea/runner](https://gitea.com/gitea/runner) | `v1.0.3` → `v1.0.4` |  |  | | [github.com/SaveTheRbtz/zstd-seekable-format-go/pkg](https://redirect.github.com/SaveTheRbtz/zstd-seekable-format-go) | `v0.8.0` → `v0.8.3` |  |  | | [github.com/jhillyerd/enmime/v2](https://redirect.github.com/jhillyerd/enmime) | `v2.3.0` → `v2.4.0` |  |  | | [gitlab.com/gitlab-org/api/client-go/v2](https://gitlab.com/gitlab-org/api/client-go) | `v2.26.0` → `v2.29.0` |  |  | --- ### Release Notes <details> <summary>gitea/runner (gitea.com/gitea/runner)</summary> ### [`v1.0.4`](https://gitea.com/gitea/runner/releases/tag/v1.0.4) [Compare Source](https://gitea.com/gitea/runner/compare/v1.0.3...v1.0.4) #### Changelog - Fix token use with schemaless Gitea instance ([#​977](https://redirect.github.com/gitea/runner/issues/977)) - Add OCI `source` and `version` labels to images ([#​975](https://redirect.github.com/gitea/runner/issues/975)) - fix(parse\_env\_file): support env-file lines larger than 64 KiB ([#​974](https://redirect.github.com/gitea/runner/issues/974)) - Fix host cleanup, volume allowlist, cache upload, and action host edge cases ([#​970](https://redirect.github.com/gitea/runner/issues/970)) - Remove dead code from `act/` ([#​971](https://redirect.github.com/gitea/runner/issues/971)) - fix: Return if executors length is zero in ParallelExecutor ([#​960](https://redirect.github.com/gitea/runner/issues/960)) - feat: make pseudo-TTY allocation opt-in ([#​961](https://redirect.github.com/gitea/runner/issues/961)) - fix(deps): update module github.com/docker/cli to v29.5.0+incompatible ([#​969](https://redirect.github.com/gitea/runner/issues/969)) - Simplify kubernetes dind example allowing for default docker config in workflows ([#​709](https://redirect.github.com/gitea/runner/issues/709)) - chore(deps): bump `retry-go`, `golangci-lint`, `govulncheck` ([#​965](https://redirect.github.com/gitea/runner/issues/965)) - fix(deps): bump `docker` deps, switch to `moby/moby` ([#​943](https://redirect.github.com/gitea/runner/issues/943)) - fix: respect proxy env vars in runner client ([#​962](https://redirect.github.com/gitea/runner/issues/962)) </details> <details> <summary>jhillyerd/enmime (github.com/jhillyerd/enmime/v2)</summary> ### [`v2.4.0`](https://redirect.github.com/jhillyerd/enmime/releases/tag/v2.4.0) [Compare Source](https://redirect.github.com/jhillyerd/enmime/compare/v2.3.0...v2.4.0) #### What's Changed - feat!: Refactor EnvelopeFromPart()'s scope by [@​bgedney](https://redirect.github.com/bgedney) in [#​392](https://redirect.github.com/jhillyerd/enmime/pull/392) - chore: rm unused func by [@​aleksandr4842](https://redirect.github.com/aleksandr4842) in [#​393](https://redirect.github.com/jhillyerd/enmime/pull/393) - chore: bump Go (1.25.x) & deps by [@​jhillyerd](https://redirect.github.com/jhillyerd) in [#​394](https://redirect.github.com/jhillyerd/enmime/pull/394) #### New Contributors - [@​bgedney](https://redirect.github.com/bgedney) made their first contribution in [#​392](https://redirect.github.com/jhillyerd/enmime/pull/392) - [@​aleksandr4842](https://redirect.github.com/aleksandr4842) made their first contribution in [#​393](https://redirect.github.com/jhillyerd/enmime/pull/393) **Full Changelog**: <https://github.com/jhillyerd/enmime/compare/v2.3.0...v2.4.0> </details> <details> <summary>gitlab-org/api/client-go (gitlab.com/gitlab-org/api/client-go/v2)</summary> ### [`v2.29.0`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.29.0) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.28.0...v2.29.0) #### 2.29.0 ##### 🚀 Features - Add support for project setting `protect_merge_request_pipelines` ([!2896](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2896)) by [Gatla Vishweshwar Reddy](https://gitlab.com/gatlavishweshwarreddy26) ##### 🐛 Bug Fixes - fix(orbit): add QueryRaw for streaming llm/GOON response body verbatim ([!2897](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2897)) by [Dmitry Gruzd](https://gitlab.com/dgruzd) ### [2.29.0](https://gitlab.com/gitlab-org/api/client-go/compare/v2.28.0...v2.29.0) (2026-05-19) ##### Bug Fixes * **orbit:** add QueryRaw for streaming llm/GOON response body verbatim ([a849302](https://gitlab.com/gitlab-org/api/client-go/commit/a8493022225b928aaa340df86fc4d09c2d22c1f4)) ### [`v2.28.0`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.28.0) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.27.1...v2.28.0) #### 2.28.0 ##### 🚀 Features - Add signing_token and related fields to group_hook and project_hook ([!2891](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2891)) by [Jimmy Spagnola](https://gitlab.com/jspagnola) ##### 🔄 Other Changes - WithPath already escapes, escaping again causes bad requests ([!2898](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2898)) by [Jimmy Spagnola](https://gitlab.com/jspagnola) ### [2.28.0](https://gitlab.com/gitlab-org/api/client-go/compare/v2.27.1...v2.28.0) (2026-05-18) ### [`v2.27.1`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.27.1) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.27.0...v2.27.1) #### 2.27.1 ##### 🐛 Bug Fixes - fix: handle string-encoded and null durations in webhooks that happen when Sidekiq runs in compress mode with large payloads ([!2862](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2862)) by [Emmanuel 326](https://gitlab.com/Emmanuel326) ##### 🔄 Other Changes - chore(deps): update module buf.build/go/protoyaml to v0.7.0 ([!2894](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2894)) by [GitLab Dependency Bot](https://gitlab.com/gitlab-dependency-update-bot) #### [2.27.1](https://gitlab.com/gitlab-org/api/client-go/compare/v2.27.0...v2.27.1) (2026-05-18) ##### Bug Fixes * handle string-encoded and null durations in webhooks that happen when Sidekiq runs in compress mode with large payloads ([8bfe7d3](https://gitlab.com/gitlab-org/api/client-go/commit/8bfe7d3effc77dc370ceee9939b13d81c6d383d0)) ### [`v2.27.0`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.27.0) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.26.1...v2.27.0) #### 2.27.0 ##### 🚀 Features - feat(users): add SCIMIdentities field to User type ([!2888](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2888)) by [dragonrider.](https://gitlab.com/junevm) ##### 🔄 Other Changes - chore(deps): update node docker tag to v26 ([!2890](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2890)) by [GitLab Dependency Bot](https://gitlab.com/gitlab-dependency-update-bot) - chore(deps): update docker docker tag to v29.4.3 ([!2892](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2892)) by [GitLab Dependency Bot](https://gitlab.com/gitlab-dependency-update-bot) ### [2.27.0](https://gitlab.com/gitlab-org/api/client-go/compare/v2.26.1...v2.27.0) (2026-05-18) ##### Features * **users:** add SCIMIdentities field to User type ([ccb318d](https://gitlab.com/gitlab-org/api/client-go/commit/ccb318dc531df3a2d3bf641bb273eb1a777555a4)) ### [`v2.26.1`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.26.1) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.26.0...v2.26.1) #### 2.26.1 ##### 🐛 Bug Fixes - Use a sentinel ErrorResponse for 404 errors, so both `Is()` and `HasStatusCode` work properly ([!2884](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2884)) by [Jimmy Spagnola](https://gitlab.com/jspagnola) #### [2.26.1](https://gitlab.com/gitlab-org/api/client-go/compare/v2.26.0...v2.26.1) (2026-05-15) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |
||
|
GiteabotandGitHub
|
953090fda4 |
fix(deps): update npm dependencies (#37844)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | @​codemirror/legacy-modes | [`6.5.2` → `6.5.3`](https://renovatebot.com/diffs/npm/@codemirror%2flegacy-modes/6.5.2/6.5.3) |  |  | | @​codemirror/view | [`6.42.1` → `6.43.0`](https://renovatebot.com/diffs/npm/@codemirror%2fview/6.42.1/6.43.0) |  |  | | [@primer/octicons](https://primer.style/octicons) ([source](https://redirect.github.com/primer/octicons)) | [`19.25.0` → `19.26.0`](https://renovatebot.com/diffs/npm/@primer%2focticons/19.25.0/19.26.0) |  |  | | [@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)) | [`25.7.0` → `25.9.1`](https://renovatebot.com/diffs/npm/@types%2fnode/25.7.0/25.9.1) |  |  | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | [`8.59.3` → `8.59.4`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.59.3/8.59.4) |  |  | | [@vitejs/plugin-vue](https://redirect.github.com/vitejs/vite-plugin-vue/tree/main/packages/plugin-vue#readme) ([source](https://redirect.github.com/vitejs/vite-plugin-vue/tree/HEAD/packages/plugin-vue)) | [`6.0.6` → `6.0.7`](https://renovatebot.com/diffs/npm/@vitejs%2fplugin-vue/6.0.6/6.0.7) |  |  | | [clippie](https://redirect.github.com/silverwind/clippie) | [`4.1.15` → `4.2.0`](https://renovatebot.com/diffs/npm/clippie/4.1.15/4.2.0) |  |  | | [eslint](https://eslint.org) ([source](https://redirect.github.com/eslint/eslint)) | [`10.3.0` → `10.4.0`](https://renovatebot.com/diffs/npm/eslint/10.3.0/10.4.0) |  |  | | [eslint-plugin-playwright](https://redirect.github.com/mskelton/eslint-plugin-playwright) | [`2.10.2` → `2.10.4`](https://renovatebot.com/diffs/npm/eslint-plugin-playwright/2.10.2/2.10.4) |  |  | | [katex](https://katex.org) ([source](https://redirect.github.com/KaTeX/KaTeX)) | [`0.16.46` → `0.16.47`](https://renovatebot.com/diffs/npm/katex/0.16.46/0.16.47) |  |  | | [pnpm](https://pnpm.io) ([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) | [`11.1.1` → `11.1.3`](https://renovatebot.com/diffs/npm/pnpm/11.1.1/11.1.3) |  |  | | [postcss](https://postcss.org/) ([source](https://redirect.github.com/postcss/postcss)) | [`8.5.14` → `8.5.15`](https://renovatebot.com/diffs/npm/postcss/8.5.14/8.5.15) |  |  | | [rolldown-license-plugin](https://redirect.github.com/silverwind/rolldown-license-plugin) | [`3.0.5` → `3.0.7`](https://renovatebot.com/diffs/npm/rolldown-license-plugin/3.0.5/3.0.7) |  |  | | [stylelint](https://stylelint.io) ([source](https://redirect.github.com/stylelint/stylelint)) | [`17.11.0` → `17.11.1`](https://renovatebot.com/diffs/npm/stylelint/17.11.0/17.11.1) |  |  | | [typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)) | [`8.59.3` → `8.59.4`](https://renovatebot.com/diffs/npm/typescript-eslint/8.59.3/8.59.4) |  |  | | [updates](https://redirect.github.com/silverwind/updates) | [`17.16.11` → `17.16.13`](https://renovatebot.com/diffs/npm/updates/17.16.11/17.16.13) |  |  | | [vite](https://vite.dev) ([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite)) | [`8.0.12` → `8.0.13`](https://renovatebot.com/diffs/npm/vite/8.0.12/8.0.13) |  |  | | [vitest](https://vitest.dev) ([source](https://redirect.github.com/vitest-dev/vitest/tree/HEAD/packages/vitest)) | [`4.1.6` → `4.1.7`](https://renovatebot.com/diffs/npm/vitest/4.1.6/4.1.7) |  |  | | [vue-tsc](https://redirect.github.com/vuejs/language-tools) ([source](https://redirect.github.com/vuejs/language-tools/tree/HEAD/packages/tsc)) | [`3.2.9` → `3.3.1`](https://renovatebot.com/diffs/npm/vue-tsc/3.2.9/3.3.1) |  |  | --- ### Release Notes <details> <summary>primer/octicons (@​primer/octicons)</summary> ### [`v19.26.0`](https://redirect.github.com/primer/octicons/blob/HEAD/CHANGELOG.md#19260) [Compare Source](https://redirect.github.com/primer/octicons/compare/v19.25.0...v19.26.0) ##### Minor Changes - [#​1197](https://redirect.github.com/primer/octicons/pull/1197) [`b45f1d35`](https://redirect.github.com/primer/octicons/commit/b45f1d35477402da4df64ae3a38dae8e95477dc4) Thanks [@​lukasoppermann](https://redirect.github.com/lukasoppermann)! - Add repo-forked-locked icon ##### Patch Changes - [#​1209](https://redirect.github.com/primer/octicons/pull/1209) [`9a7e2146`](https://redirect.github.com/primer/octicons/commit/9a7e2146907d2b0bf06d2dd65d2d17d4c3959108) Thanks [@​siddharthkp](https://redirect.github.com/siddharthkp)! - fix: remove hardcoded fill from sandbox icon </details> <details> <summary>typescript-eslint/typescript-eslint (@​typescript-eslint/parser)</summary> ### [`v8.59.4`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#8594-2026-05-18) [Compare Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.3...v8.59.4) This was a version bump only for parser to align it with other projects, there were no code changes. See [GitHub Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4) for more information. You can read about our [versioning strategy](https://typescript-eslint.io/users/versioning) and [releases](https://typescript-eslint.io/users/releases) on our website. </details> <details> <summary>vitejs/vite-plugin-vue (@​vitejs/plugin-vue)</summary> ### [`v6.0.7`](https://redirect.github.com/vitejs/vite-plugin-vue/blob/HEAD/packages/plugin-vue/CHANGELOG.md#small-607-2026-05-15-small) ##### Features - use carets for `@rolldown/pluginutils` version ([#​776](https://redirect.github.com/vitejs/vite-plugin-vue/issues/776)) ([941b651](https://redirect.github.com/vitejs/vite-plugin-vue/commit/941b651d8329559fce9231aad4e178f54cccb013)) ##### Bug Fixes - **deps:** update all non-major dependencies ([#​762](https://redirect.github.com/vitejs/vite-plugin-vue/issues/762)) ([9e825b8](https://redirect.github.com/vitejs/vite-plugin-vue/commit/9e825b85ebe9b6006dc5927aaa8aabc0bcc7eceb)) - **deps:** update all non-major dependencies ([#​774](https://redirect.github.com/vitejs/vite-plugin-vue/issues/774)) ([77dc8bc](https://redirect.github.com/vitejs/vite-plugin-vue/commit/77dc8bc935216bb7ed13f1c2653a80ffdc99fd45)) </details> <details> <summary>silverwind/clippie (clippie)</summary> ### [`v4.2.0`](https://redirect.github.com/silverwind/clippie/releases/tag/4.2.0) [Compare Source](https://redirect.github.com/silverwind/clippie/compare/4.1.15...4.2.0) - tests: make fallback block concurrent-safe (silverwind) - add ClippieCopyable type (silverwind) - fallback: use el.value.length for setSelectionRange end (silverwind) - update deps, replace describe.sequential with concurrent: false (silverwind) - Update vitest-config-silverwind to 11.3.3, add Node 26 to CI (silverwind) - update deps (silverwind) - simplify and fix minor issues (silverwind) </details> <details> <summary>eslint/eslint (eslint)</summary> ### [`v10.4.0`](https://redirect.github.com/eslint/eslint/releases/tag/v10.4.0) [Compare Source](https://redirect.github.com/eslint/eslint/compare/v10.3.0...v10.4.0) #### Features - [`1a45ec5`](https://redirect.github.com/eslint/eslint/commit/1a45ec596af1dd5f880e6874cb8f24dafb6a7ecf) feat: check sequence expressions in `for-direction` ([#​20701](https://redirect.github.com/eslint/eslint/issues/20701)) (kuldeep kumar) - [`450040b`](https://redirect.github.com/eslint/eslint/commit/450040bd89b989b3531824c6be45feb5fe3d936b) feat: add `includeIgnoreFile()` to `eslint/config` ([#​20735](https://redirect.github.com/eslint/eslint/issues/20735)) (Kirk Waiblinger) #### Bug Fixes - [`544c0c3`](https://redirect.github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be) fix: escape code path DOT labels in debug output ([#​20866](https://redirect.github.com/eslint/eslint/issues/20866)) (Pixel998) - [`6799431`](https://redirect.github.com/eslint/eslint/commit/6799431203f2579632d0870f98ba132067f4040c) fix: update dependency [@​eslint/config-helpers](https://redirect.github.com/eslint/config-helpers) to ^0.6.0 ([#​20850](https://redirect.github.com/eslint/eslint/issues/20850)) (renovate\[bot]) - [`f078fef`](https://redirect.github.com/eslint/eslint/commit/f078fef5005dceb14fc162aab7c7200e027688dd) fix: handle non-array deprecated rule replacements ([#​20825](https://redirect.github.com/eslint/eslint/issues/20825)) (xbinaryx) #### Documentation - [`7e52a71`](https://redirect.github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f) docs: add mention of `@eslint-react/eslint-plugin` ([#​20869](https://redirect.github.com/eslint/eslint/issues/20869)) (Pavel) - [`db3468b`](https://redirect.github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08) docs: tweak wording around ambiguous CJS-vs-ESM config ([#​20865](https://redirect.github.com/eslint/eslint/issues/20865)) (Kirk Waiblinger) - [`9084664`](https://redirect.github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a) docs: Update README (GitHub Actions Bot) - [`9cc7387`](https://redirect.github.com/eslint/eslint/commit/9cc73875046e3c4b8313644cbb1e99e26b36bd3f) docs: Update README (GitHub Actions Bot) - [`3d7b548`](https://redirect.github.com/eslint/eslint/commit/3d7b5484407403817aa9071a394d336d8ea96eb5) docs: Update README (GitHub Actions Bot) - [`191ec3c`](https://redirect.github.com/eslint/eslint/commit/191ec3c0a3f94ce0f110df761f0b2b8949011ccb) docs: Update README (GitHub Actions Bot) #### Chores - [`6616856`](https://redirect.github.com/eslint/eslint/commit/6616856f28fa514a30f87b5539fc100d739a94bf) chore: upgrade knip to v6 ([#​20875](https://redirect.github.com/eslint/eslint/issues/20875)) (Pixel998) - [`d13b084`](https://redirect.github.com/eslint/eslint/commit/d13b084a3ad02f926e9addaa35fc383759ea5554) ci: ensure auto-created PRs run CI ([#​20860](https://redirect.github.com/eslint/eslint/issues/20860)) (lumir) - [`e71c7af`](https://redirect.github.com/eslint/eslint/commit/e71c7af86dce9acc1d18cb12d2184309f6841594) ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 ([#​20862](https://redirect.github.com/eslint/eslint/issues/20862)) (dependabot\[bot]) - [`d84393d`](https://redirect.github.com/eslint/eslint/commit/d84393dea170f54191fd20c8268b52c81c0ccd99) test: add unit tests for SuppressionsService.applySuppressions() ([#​20863](https://redirect.github.com/eslint/eslint/issues/20863)) (kuldeep kumar) - [`24db8cb`](https://redirect.github.com/eslint/eslint/commit/24db8cb8e6f07fba667121777a15b1785486be94) test: add tests for SuppressionsService.save() ([#​20802](https://redirect.github.com/eslint/eslint/issues/20802)) (kuldeep kumar) - [`2ef0549`](https://redirect.github.com/eslint/eslint/commit/2ef0549cac4a9537e4c3a26b9f3edd4c99476bf6) chore: update ecosystem plugins ([#​20857](https://redirect.github.com/eslint/eslint/issues/20857)) (github-actions\[bot]) - [`a429791`](https://redirect.github.com/eslint/eslint/commit/a4297918d264d229a06cd96051ef9b91c7b86732) ci: remove `eslint-webpack-plugin` types integration test ([#​20668](https://redirect.github.com/eslint/eslint/issues/20668)) (Milos Djermanovic) - [`9e37386`](https://redirect.github.com/eslint/eslint/commit/9e37386aa7f2ce220b2ef74a6afbac5f6b3527c5) chore: replace `recast` with range approach in code-sample-minimizer ([#​20682](https://redirect.github.com/eslint/eslint/issues/20682)) (Copilot) - [`0dd1f9f`](https://redirect.github.com/eslint/eslint/commit/0dd1f9ffc9a07704d46e2a4c8d4ccc0d0908b0c0) test: disable warning for `vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER` ([#​20845](https://redirect.github.com/eslint/eslint/issues/20845)) (Francesco Trotta) - [`9da3c7b`](https://redirect.github.com/eslint/eslint/commit/9da3c7bc92d9579f8db19ecb56e718538d09db2b) refactor: remove deprecated `meta.language` and migrate `meta.dialects` ([#​20716](https://redirect.github.com/eslint/eslint/issues/20716)) (Pixel998) - [`2099ed1`](https://redirect.github.com/eslint/eslint/commit/2099ed12a0a74c3d7f0808514362af2499b4fe2b) refactor: add `meta.defaultOptions` to more rules, enable linting ([#​20800](https://redirect.github.com/eslint/eslint/issues/20800)) (xbinaryx) - [`f1dfbc9`](https://redirect.github.com/eslint/eslint/commit/f1dfbc9ca57196de7092e1888cc99427bd6fe06e) chore: update ecosystem plugins ([#​20836](https://redirect.github.com/eslint/eslint/issues/20836)) (github-actions\[bot]) - [`c759413`](https://redirect.github.com/eslint/eslint/commit/c75941390c14728806cd4baef4f6072f6de78318) ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 ([#​20843](https://redirect.github.com/eslint/eslint/issues/20843)) (dependabot\[bot]) - [`5b817d6`](https://redirect.github.com/eslint/eslint/commit/5b817d6fdc9ae2c35b528dc662b2eca8f40f64aa) test: add unit tests for lib/shared/ast-utils ([#​20838](https://redirect.github.com/eslint/eslint/issues/20838)) (kuldeep kumar) - [`1c13ae3`](https://redirect.github.com/eslint/eslint/commit/1c13ae3934c198c494e5958fa3a68b33244ff06a) test: add unit tests for lib/shared/severity ([#​20835](https://redirect.github.com/eslint/eslint/issues/20835)) (kuldeep kumar) </details> <details> <summary>mskelton/eslint-plugin-playwright (eslint-plugin-playwright)</summary> ### [`v2.10.4`](https://redirect.github.com/mskelton/eslint-plugin-playwright/releases/tag/v2.10.4) [Compare Source](https://redirect.github.com/mskelton/eslint-plugin-playwright/compare/v2.10.3...v2.10.4) ##### Bug Fixes - **valid-title:** Skip title checks for anonymous describe blocks ([894c0ec](https://redirect.github.com/mskelton/eslint-plugin-playwright/commit/894c0ec261763bb1e073b276c70bbf88b4ebad39)) ### [`v2.10.3`](https://redirect.github.com/mskelton/eslint-plugin-playwright/releases/tag/v2.10.3) [Compare Source](https://redirect.github.com/mskelton/eslint-plugin-playwright/compare/v2.10.2...v2.10.3) ##### Bug Fixes - **missing-playwright-await:** Fix false positive when not assigning awaited variable ([#​464](https://redirect.github.com/mskelton/eslint-plugin-playwright/issues/464)) ([801f01a](https://redirect.github.com/mskelton/eslint-plugin-playwright/commit/801f01aa8a5e279b65939e06d63f7e0d2b638f93)) </details> <details> <summary>KaTeX/KaTeX (katex)</summary> ### [`v0.16.47`](https://redirect.github.com/KaTeX/KaTeX/blob/HEAD/CHANGELOG.md#01647-2026-05-16) [Compare Source](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.46...v0.16.47) ##### Bug Fixes - correct size of `[` big delimiter ([#​4217](https://redirect.github.com/KaTeX/KaTeX/issues/4217)) ([7ba0027](https://redirect.github.com/KaTeX/KaTeX/commit/7ba0027d2f04abddd3b215362f867ab8260b09d7)), closes [#​4215](https://redirect.github.com/KaTeX/KaTeX/issues/4215) </details> <details> <summary>pnpm/pnpm (pnpm)</summary> ### [`v11.1.3`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1113) [Compare Source](https://redirect.github.com/pnpm/pnpm/compare/v11.1.2...v11.1.3) ##### Patch Changes - `pnpm install` now re-validates `pnpm-lock.yaml` entries against the active `minimumReleaseAge` and `trustPolicy: 'no-downgrade'` policies before any tarball is fetched. Lockfiles resolved elsewhere (committed to the repo, restored from a CI cache, produced by an older pnpm) under a weaker or absent policy can no longer install a freshly-published or trust-downgraded version silently. Violating entries abort the install with `ERR_PNPM_MINIMUM_RELEASE_AGE_VIOLATION`, `ERR_PNPM_TRUST_DOWNGRADE`, or the generic `ERR_PNPM_LOCKFILE_RESOLUTION_VERIFICATION` when both policies trip in the same batch; `minimumReleaseAgeExclude` and `trustPolicyExclude` are honored. Verification results are cached so repeat installs against an unchanged lockfile take a fast path, and pnpm shows a transient progress line while the registry round-trip runs. When fresh resolution picks an immature version, the behavior depends on `minimumReleaseAgeStrict`: - **Loose mode** — the default, in effect whenever `minimumReleaseAge` keeps its built-in 24-hour value — auto-adds the immature picks to `minimumReleaseAgeExclude` in `pnpm-workspace.yaml` and lets the install proceed. A single info message lists what was persisted. - **Strict mode** in an interactive terminal collects every immature direct AND transitive pick in one pass and prompts once with the full list. Approving adds them to `minimumReleaseAgeExclude` and the install continues; declining aborts before the lockfile, `package.json`, or `node_modules` is touched. - **Strict mode** in CI (or any non-TTY context) aborts with `ERR_PNPM_NO_MATURE_MATCHING_VERSION` listing every offending entry, instead of failing on the first one the resolver hit. `minimumReleaseAgeStrict` auto-enables whenever the user explicitly sets `minimumReleaseAge` (CLI flag, env var, global `config.yaml`, or `pnpm-workspace.yaml`); set `minimumReleaseAgeStrict: false` to keep loose-mode auto-collect even with an explicit `minimumReleaseAge` value. Closes [#​10438](https://redirect.github.com/pnpm/pnpm/issues/10438), [#​10488](https://redirect.github.com/pnpm/pnpm/issues/10488), [#​11687](https://redirect.github.com/pnpm/pnpm/issues/11687). - Allow redundant trailing base64 padding in `.npmrc` auth values and report invalid auth base64 with a pnpm error. - Make `pnpm self-update` respect `minimumReleaseAge` (and `minimumReleaseAgeExclude`) when resolving which pnpm version to install. When the `latest` dist-tag points to a version newer than the configured age threshold, `self-update` now selects the newest mature version instead unless excluded by `minimumReleaseAgeExclude`. Also makes `dlx` and `outdated` surface invalid `minimumReleaseAgeExclude` patterns under the same `ERR_PNPM_INVALID_MINIMUM_RELEASE_AGE_EXCLUDE` error code already used by `install`, instead of leaking the internal `ERR_PNPM_INVALID_VERSION_UNION` / `ERR_PNPM_NAME_PATTERN_IN_VERSION_UNION` codes. - Global installs respect global config build policy (e.g., `dangerouslyAllowAllBuilds` from config.yaml) when GVS is enabled [#​9249](https://redirect.github.com/pnpm/pnpm/issues/9249). The global virtual-store (GVS) default `allowBuilds = {}` was applied before workspace manifest settings were read and before global config values (stripped by `extractAndRemoveDependencyBuildOptions`) were re-applied via `globalDepsBuildConfig`. This caused `hasDependencyBuildOptions` to return `true` (because `{}` is not null), blocking restoration of global config values like `dangerouslyAllowAllBuilds`. As a result, global installs skipped all build scripts even when the config explicitly allowed them. This fix moves the GVS default to **after** workspace manifest reading and `globalDepsBuildConfig` re-application, so that: 1. Workspace manifest `allowBuilds` takes precedence (if present) 2. Global config `dangerouslyAllowAllBuilds` is properly restored (if set and no workspace policy exists) 3. Empty `{}` is only applied as a last resort when no policy is configured anywhere - Honor `--silent` when `verifyDepsBeforeRun: install` auto-installs dependencies before `pnpm run` or `pnpm exec`, preventing install output from being written to stdout [#​11636](https://redirect.github.com/pnpm/pnpm/issues/11636). - Fix lockfile parsing failures when `pnpm-lock.yaml` contains CRLF line endings and multiple YAML documents [#​11612](https://redirect.github.com/pnpm/pnpm/issues/11612). - Anchor the side-effects-cache key and global-virtual-store hash to the project's script-runner Node — `engines.runtime` pin when present, shell `node` otherwise — instead of pnpm's own runtime. `ENGINE_NAME` (the `<platform>;<arch>;node<major>` prefix used as the side-effects-cache key and the engine portion of the GVS hash) was computed from `process.version` — the Node that runs pnpm itself. That was wrong in two situations: 1. **`@pnpm/exe` SEA bundle.** The bundle has its own embedded Node, not the `node` on the user's `PATH` that actually spawns lifecycle scripts. Two pnpm installations on the same machine (one SEA, one npm-package) therefore disagreed on the cache key, partitioning the side-effects cache and the global virtual store across two Node majors even though both installs would run scripts on the same shell `node`. 2. **`engines.runtime` / `devEngines.runtime` pin.** When a project pins a Node version via `devEngines.runtime` (pnpm v11+), pnpm downloads that Node into `node_modules/node/` and uses it to run lifecycle scripts. But the hash still anchored to whichever Node ran pnpm itself, not to the pinned Node — so two installs of the same project with two different runner Nodes would still disagree on the GVS slot path even though scripts run on the same pinned Node. Three changes: - `@pnpm/engine.runtime.system-node-version` now exports `engineName(nodeVersion?)`. Resolves the version in this order: explicit override → `getSystemNodeVersion()` (which already prefers `node --version` over `process.version` in SEA contexts) → `process.version`. - `@pnpm/deps.graph-hasher` now exports `findRuntimeNodeVersion(snapshotKeys)` — scans an iterable of lockfile snapshot keys for a `node@runtime:<version>` entry and returns its bare version string. `calcDepState` and `calcGraphNodeHash`/`iterateHashedGraphNodes` accept a `nodeVersion?` (in the options bag for the first, as a trailing parameter / ctx field for the others), forwarded to `engineName()`. The default (no override) preserves the pre-change behaviour. The legacy `ENGINE_NAME` constant in `@pnpm/constants` is unchanged so external consumers and existing tests keep working; in non-SEA, non-pinned contexts every value lines up. - Every install-side caller of the graph-hasher (`@pnpm/installing.deps-resolver`, `@pnpm/installing.deps-restorer`, `@pnpm/installing.deps-installer`, `@pnpm/building.during-install`, `@pnpm/building.after-install`, `@pnpm/deps.graph-builder`) now derives the project's pinned runtime via `findRuntimeNodeVersion(Object.keys(graph))` once per invocation and threads it through. On upgrade, two one-time GVS slot churns are possible: - **SEA-pnpm users** without a runtime pin: slots that previously hashed under the embedded-Node major (e.g. `node26`) now hash under the shell-Node major (e.g. `node24`), matching what pacquet, the npm-published `pnpm` package, and any other pnpm-compatible tool already produce. - **Projects with a `devEngines.runtime` pin**: slots that previously hashed under the runner's Node major now hash under the pinned Node major, matching what the lifecycle scripts will actually run on. In both cases the old slots become prune-eligible. - Resolve the GVS hash's engine portion per-snapshot when a dependency declares its own `engines.runtime`, instead of using an install-wide value. Pnpm's resolver desugars a dep's `engines.runtime` into `dependencies.node: 'runtime:<version>'`, and the bin linker spawns that dep's lifecycle scripts through the pinned Node downloaded into `<pkgDir>/node_modules/node/`. The GVS hash and the side-effects-cache key prefix were still anchored to the install-wide runtime — so a pinning snapshot's slot encoded the wrong Node major, and a reinstall on the same host could read the cached side-effects under a key whose `<platform>;<arch>;node<major>` triple disagreed with the Node the build actually ran on. Per-snapshot resolution now matches what `bins/linker` already does on a per-package basis: - `@pnpm/deps.graph-hasher` adds `readSnapshotRuntimePin(children)` — reads the `node` entry from one snapshot's graph children and extracts the version from a `node@runtime:` value. Pairs with the existing `findRuntimeNodeVersion(snapshotKeys)` install-wide fallback (also now exported from `@pnpm/deps.graph-hasher` rather than `@pnpm/engine.runtime.system-node-version`, where it was a poor fit — `system-node-version` is about probing the host Node, not parsing lockfile-derived strings). - `calcDepState` and `calcGraphNodeHash` consult `readSnapshotRuntimePin(graph[depPath].children)` first and only fall back to the install-wide `nodeVersion` parameter when the snapshot doesn't pin its own Node. Pacquet mirrors the same precedence at the `calc_graph_node_hash` call site in `package-manager/src/virtual_store_layout.rs` — a new `find_own_runtime_node_major(snapshot)` helper reads each snapshot's `dependencies` for a `node` entry with `Prefix::Runtime` and overrides the install-wide engine when present. On upgrade, snapshots of dependencies that declare their own `engines.runtime` re-hash under that dep's pinned Node instead of the install-wide value. The old slots become prune-eligible. Closes [#​11690](https://redirect.github.com/pnpm/pnpm/issues/11690). - Fixed `pnpm publish` failing with a 404 when authentication relied on OIDC trusted publishing alongside an `.npmrc` written by `actions/setup-node` (`_authToken=${NODE_AUTH_TOKEN}`) without `NODE_AUTH_TOKEN` being set. Unresolved `${VAR}` placeholders in auth values are now treated as empty rather than passed through verbatim, so the literal placeholder no longer surfaces as a bearer token when OIDC fallback is the intended auth source [#​11513](https://redirect.github.com/pnpm/pnpm/issues/11513). - Fix `devEngines.packageManager` (singular form, without `onFail`) defaulting to `onFail: "error"` instead of the documented `pmOnFail: "download"`. As a result, a project that pinned a different pnpm version via `devEngines.packageManager` and ran `pnpm install` from a mismatched pnpm version failed with a hard error, even though the migration table from `managePackageManagerVersions: true` to `pmOnFail: download (default)` promises the install would auto-download the wanted version [#​11676](https://redirect.github.com/pnpm/pnpm/issues/11676). The array form of `devEngines.packageManager` keeps its existing per-element defaults (`error` for the last entry, `ignore` for the rest), since those reflect explicit prioritization by the user. Explicit `onFail` values continue to win. - Fix `devEngines.packageManager` not writing `packageManagerDependencies` to `pnpm-lock.yaml` when the lockfile lacks an env-doc entry. Previously the lockfile sync skipped resolution unless an existing `packageManagerDependencies.pnpm` entry needed refreshing, so a fresh install without `onFail: "download"` left the resolved pnpm version unrecorded — contradicting the documented behavior that the resolved version is stored in `pnpm-lock.yaml` [#​11674](https://redirect.github.com/pnpm/pnpm/issues/11674). - Warn when `package.json` contains a legacy `pnpm` field with settings pnpm no longer reads from `package.json` (e.g. `pnpm.overrides`, `pnpm.patchedDependencies`). Previously these were silently ignored after the upgrade from v10, leaving users unaware that their overrides/patched dependencies had stopped taking effect [#​11677](https://redirect.github.com/pnpm/pnpm/issues/11677). ### [`v11.1.2`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1112) [Compare Source](https://redirect.github.com/pnpm/pnpm/compare/v11.1.1...v11.1.2) ##### Patch Changes - `convertEnginesRuntimeToDependencies`: switch the runtime-dependency write to `Object.defineProperty` so the CodeQL `js/prototype-polluting-assignment` rule treats the assignment as safe regardless of the property name (follow-up to [#​11609](https://redirect.github.com/pnpm/pnpm/pull/11609)). - Address CodeQL static-analysis findings: guard manifest dependency writes against prototype-polluting keys (`__proto__`, `constructor`, `prototype`), and replace a potentially super-linear semver-detection regex in registry 404 hints with an O(n) parser. - Strip `sec-fetch-*` headers from outgoing HTTP requests. These headers are automatically added by undici's `fetch()` implementation per the Fetch spec but cause Azure DevOps Artifacts to return HTTP 400 for uncached upstream packages, as ADO interprets them as browser requests [#​11572](https://redirect.github.com/pnpm/pnpm/issues/11572). - Fix `minimumReleaseAge` handling for cached abbreviated metadata. The version-spec cache fast path no longer rethrows `ERR_PNPM_MISSING_TIME` under `strictPublishedByCheck`; it now falls through to the registry-fetch path, consistent with the adjacent mtime-gated cache block. When the registry returns 304 Not Modified for a package whose cached metadata is abbreviated (no per-version `time`), pnpm now re-fetches with `fullMetadata: true` if `minimumReleaseAge` is active and the package was modified after the cutoff. The upgraded metadata is persisted to disk so subsequent installs don't repeat the fetch. Previously the abbreviated meta was used as-is and the maturity check fell back to its warn-and-skip path, silently bypassing the quarantine and emitting a misleading "metadata is missing the time field" warning. Closes [#​11619](https://redirect.github.com/pnpm/pnpm/issues/11619). - Fix `pnpm upgrade --interactive --latest -r` not respecting named catalog groups. Previously, upgrading a dependency using a named catalog (e.g. `"catalog:foo"`) would incorrectly rewrite `package.json` to `"catalog:"` and place the updated version in the default catalog instead of the named one [#​10115](https://redirect.github.com/pnpm/pnpm/issues/10115). - Fixed `optimisticRepeatInstall` skipping `pnpm-lock.yaml` merge conflict resolution when the existing `node_modules` state appears up to date. - Fix `minimumReleaseAge` / `resolutionMode: time-based` installs failing on lockfiles whose `time:` block is missing entries. The npm-resolver's peek-from-store fast path now surfaces `publishedAt` from the lockfile rather than discarding it, and falls through to a registry metadata fetch when the time-based cutoff can't be computed from the data on hand. </details> <details> <summary>postcss/postcss (postcss)</summary> ### [`v8.5.15`](https://redirect.github.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8515) [Compare Source](https://redirect.github.com/postcss/postcss/compare/8.5.14...8.5.15) - Fixed declaration parsing performance (by [@​homanp](https://redirect.github.com/homanp)). </details> <details> <summary>silverwind/rolldown-license-plugin (rolldown-license-plugin)</summary> ### [`v3.0.7`](https://redirect.github.com/silverwind/rolldown-license-plugin/releases/tag/3.0.7) [Compare Source](https://redirect.github.com/silverwind/rolldown-license-plugin/compare/3.0.6...3.0.7) - update deps (silverwind) - skip readdir when package has a "LICENSE" file (silverwind) - clarify dedup comment: package.json reads are not deduped, only readdir/readFile (silverwind) - skip readdir/readFile for duplicate package paths (silverwind) ### [`v3.0.6`](https://redirect.github.com/silverwind/rolldown-license-plugin/releases/tag/3.0.6) [Compare Source](https://redirect.github.com/silverwind/rolldown-license-plugin/compare/3.0.5...3.0.6) - update deps (silverwind) - skip duplicate license reads, preserve wrap indentation (silverwind) - batch generateBundle IO into two phases for \~11% speedup (silverwind) </details> <details> <summary>stylelint/stylelint (stylelint)</summary> ### [`v17.11.1`](https://redirect.github.com/stylelint/stylelint/blob/HEAD/CHANGELOG.md#17111---2026-05-14) [Compare Source](https://redirect.github.com/stylelint/stylelint/compare/17.11.0...17.11.1) It fixes 2 bugs. - Fixed: `node_modules` ignore for `codeFilename` paths containing a dot-prefixed directory ([#​9282](https://redirect.github.com/stylelint/stylelint/pull/9282)) ([@​tuhtah](https://redirect.github.com/tuhtah)). - Fixed: `declaration-block-no-redundant-longhand-properties` range for contiguous redundant longhand properties ([#​9273](https://redirect.github.com/stylelint/stylelint/pull/9273)) ([@​pamelalozano16](https://redirect.github.com/pamelalozano16)). </details> <details> <summary>typescript-eslint/typescript-eslint (typescript-eslint)</summary> ### [`v8.59.4`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/typescript-eslint/CHANGELOG.md#8594-2026-05-18) [Compare Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.3...v8.59.4) ##### 🩹 Fixes - **typescript-eslint:** export Compatible\* types from typescript-eslint to resolve pnpm TS error ([#​12340](https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340)) ##### ❤️ Thank You - Kirk Waiblinger [@​kirkwaiblinger](https://redirect.github.com/kirkwaiblinger) See [GitHub Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4) for more information. You can read about our [versioning strategy](https://typescript-eslint.io/users/versioning) and [releases](https://typescript-eslint.io/users/releases) on our website. </details> <details> <summary>silverwind/updates (updates)</summary> ### [`v17.16.13`](https://redirect.github.com/silverwind/updates/releases/tag/17.16.13) [Compare Source](https://redirect.github.com/silverwind/updates/compare/17.16.12...17.16.13) - Speed up findVersion hot loop (silverwind) - Minor simplifications (silverwind) - Fix Go pseudo-version write corruption and selectTag tag ordering (silverwind) - Fix parser/replace edge cases across modes (silverwind) ### [`v17.16.12`](https://redirect.github.com/silverwind/updates/releases/tag/17.16.12) [Compare Source](https://redirect.github.com/silverwind/updates/compare/17.16.11...17.16.12) - Fix several parser/URL edge cases across modes (silverwind) - bump vitest-config-silverwind to 11.3.5 (silverwind) - speed up tests (silverwind) - perf: reduce redundant work in hot paths (silverwind) </details> <details> <summary>vitejs/vite (vite)</summary> ### [`v8.0.13`](https://redirect.github.com/vitejs/vite/blob/HEAD/packages/vite/CHANGELOG.md#small-8013-2026-05-14-small) [Compare Source](https://redirect.github.com/vitejs/vite/compare/v8.0.12...v8.0.13) ##### Features - **bundled-dev:** add lazy bundling support ([#​21406](https://redirect.github.com/vitejs/vite/issues/21406)) ([4f0949f](https://redirect.github.com/vitejs/vite/commit/4f0949f3f13e4b2b34d32bf7b2b4de5f26bea192)) - **optimizer:** improve the esbuild plugin converter to pass some properties of build result to `onEnd` ([#​22357](https://redirect.github.com/vitejs/vite/issues/22357)) ([47071ce](https://redirect.github.com/vitejs/vite/commit/47071ce53f21726cf39e999c4407c4828ecbe957)) - update rolldown to 1.0.1 ([#​22444](https://redirect.github.com/vitejs/vite/issues/22444)) ([8c766a6](https://redirect.github.com/vitejs/vite/commit/8c766a6c5ee014969c4e32f29cc265e8e2c96e18)) ##### Bug Fixes - **build:** copy public directory after building same environment with `write=false` ([#​22328](https://redirect.github.com/vitejs/vite/issues/22328)) ([158e8ae](https://redirect.github.com/vitejs/vite/commit/158e8ae8efdf7075ab295727e36b5ff68da3243e)) - **css:** await sass/less/styl worker disposal on teardown (fix [#​22274](https://redirect.github.com/vitejs/vite/issues/22274)) ([#​22275](https://redirect.github.com/vitejs/vite/issues/22275)) ([b7edcb7](https://redirect.github.com/vitejs/vite/commit/b7edcb7d0dd17ddfeef4ace78d610c099216dade)) - **css:** keep deprecated `name`/`originalFileName` in synthetic `assetFileNames` call ([#​22439](https://redirect.github.com/vitejs/vite/issues/22439)) ([8e59c97](https://redirect.github.com/vitejs/vite/commit/8e59c97a44d923c4c06f67287a793c9aa5a4ebaa)) - make `isBundled` per environment ([#​22257](https://redirect.github.com/vitejs/vite/issues/22257)) ([a576326](https://redirect.github.com/vitejs/vite/commit/a5763266170f8606836da5c6f987b4b2fd6ddc55)) - **ssr:** avoid rewriting labels that collide with imports ([#​22451](https://redirect.github.com/vitejs/vite/issues/22451)) ([d9b18e0](https://redirect.github.com/vitejs/vite/commit/d9b18e0387a253628d3d834288e79c5f7e85d566)) ##### Miscellaneous Chores - remove irrelevant commits from changelog ([#​22430](https://redirect.github.com/vitejs/vite/issues/22430)) ([6ea3838](https://redirect.github.com/vitejs/vite/commit/6ea383859aaf0ef8e673b458f164e84aeb6ff51d)) - update changelog ([#​22413](https://redirect.github.com/vitejs/vite/issues/22413)) ([fcdc87c](https://redirect.github.com/vitejs/vite/commit/fcdc87cc6799857e2bab0f44f333a681694fff74)) </details> <details> <summary>vitest-dev/vitest (vitest)</summary> ### [`v4.1.7`](https://redirect.github.com/vitest-dev/vitest/releases/tag/v4.1.7) [Compare Source](https://redirect.github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7) ##### 🐞 Bug Fixes - **runner**: Limit concurrency per task branch in addition to per leaf callbacks (backport) - by [@​hi-ogawa](https://redirect.github.com/hi-ogawa) in [#​10384](https://redirect.github.com/vitest-dev/vitest/issues/10384) [<samp>(4f0f2)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/4f0f2a1ee) ##### [View changes on GitHub](https://redirect.github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7) </details> <details> <summary>vuejs/language-tools (vue-tsc)</summary> ### [`v3.3.1`](https://redirect.github.com/vuejs/language-tools/blob/HEAD/CHANGELOG.md#331-2026-05-19) [Compare Source](https://redirect.github.com/vuejs/language-tools/compare/v3.3.0...v3.3.1) ##### language-core - **fix:** avoid extraneous children error for conditional slots ([#​6056](https://redirect.github.com/vuejs/language-tools/issues/6056)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### language-service - **refactor:** replace scanner-based missing props hints detection with AST traversal - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### typescript-plugin - **fix:** get component prop details from symbols - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** skip unchecked JS identifiers in component props ([#​6055](https://redirect.github.com/vuejs/language-tools/issues/6055)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### vscode - **fix:** resolve typescript plugin path from resolved server path ([#​6058](https://redirect.github.com/vuejs/language-tools/issues/6058)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ### [`v3.3.0`](https://redirect.github.com/vuejs/language-tools/blob/HEAD/CHANGELOG.md#330-2026-05-18) [Compare Source](https://redirect.github.com/vuejs/language-tools/compare/v3.2.9...v3.3.0) ##### language-core - **feat:** check required fallthrough attributes ([#​6049](https://redirect.github.com/vuejs/language-tools/issues/6049)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** penetrate `v-if` branch fragments when collecting single root nodes - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **refactor:** rename `Sfc` APIs to `IR` - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### language-service - **fix:** reuse ASTs for define assignment suggestions - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** re-support `html.customData` ([#​5910](https://redirect.github.com/vuejs/language-tools/issues/5910)) - Thanks to [@​Bomberus](https://redirect.github.com/Bomberus)! - **fix:** strip `=""` only for plain boolean props completion edits - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** reset to default data provider after running with vue data provider - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### typescript-plugin - **feat:** refine props completion logic to follow TS behavior ([#​5709](https://redirect.github.com/vuejs/language-tools/issues/5709)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! ##### vscode - **fix:** include `extraFileExtensions` in tsserver `configure` request payload ([#​6048](https://redirect.github.com/vuejs/language-tools/issues/6048)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** write typescript plugins at build time ([#​6050](https://redirect.github.com/vuejs/language-tools/issues/6050)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! - **fix:** avoid infinite diagnostics on Vue files when project diagnostics is enabled ([#​6051](https://redirect.github.com/vuejs/language-tools/issues/6051)) - Thanks to [@​KazariEX](https://redirect.github.com/KazariEX)! </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> |