mirror of
https://github.com/go-gitea/gitea.git
synced 2026-05-23 05:42:33 +09:00
e60ca35d52
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | Type | Update | Pending | |---|---|---|---|---|---|---| | code.gitea.io/sdk/gitea | `v0.25.0` → `v0.25.1` |  |  | require | patch | | | [gitea.com/gitea/runner](https://gitea.com/gitea/runner) | `v1.0.0` → `v1.0.3` |  |  | require | patch | `v1.0.4` | | [github.com/getkin/kin-openapi](https://redirect.github.com/getkin/kin-openapi) | `v0.137.0` → `v0.138.0` |  |  | require | minor | | | [github.com/go-co-op/gocron/v2](https://redirect.github.com/go-co-op/gocron) | `v2.21.1` → `v2.21.2` |  |  | require | patch | | | [github.com/go-webauthn/webauthn](https://redirect.github.com/go-webauthn/webauthn) | `v0.17.2` → `v0.17.3` |  |  | require | patch | | | [github.com/google/pprof](https://redirect.github.com/google/pprof) | `545e8a4` → `92041b7` |  |  | require | digest | | | [github.com/wneessen/go-mail](https://redirect.github.com/wneessen/go-mail) | `v0.7.2` → `v0.7.3` |  |  | require | patch | | | [gitlab.com/gitlab-org/api/client-go/v2](https://gitlab.com/gitlab-org/api/client-go) | `v2.24.1` → `v2.25.0` |  |  | require | minor | `v2.27.0` (+2) | | [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) | [`v0.50.0` → `v0.51.0`](https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.50.0...refs/tags/v0.51.0) |  |  | require | minor | | | [golang.org/x/image](https://pkg.go.dev/golang.org/x/image) | [`v0.39.0` → `v0.40.0`](https://cs.opensource.google/go/x/image/+/refs/tags/v0.39.0...refs/tags/v0.40.0) |  |  | require | minor | | | [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) | [`v0.53.0` → `v0.54.0`](https://cs.opensource.google/go/x/net/+/refs/tags/v0.53.0...refs/tags/v0.54.0) |  |  | require | minor | | | [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) | [`v0.36.0` → `v0.37.0`](https://cs.opensource.google/go/x/text/+/refs/tags/v0.36.0...refs/tags/v0.37.0) |  |  | require | minor | | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `v1.50.0` → `v1.50.1` |  |  | require | patch | | --- ### Release Notes <details> <summary>gitea/runner (gitea.com/gitea/runner)</summary> ### [`v1.0.3`](https://gitea.com/gitea/runner/releases/tag/v1.0.3) [Compare Source](https://gitea.com/gitea/runner/compare/v1.0.2...v1.0.3) #### Changelog - fix: isolate per-task runner envs ([#​959](https://redirect.github.com/gitea/runner/issues/959)) - fix(deps): update module github.com/opencontainers/selinux to v1.14.1 ([#​955](https://redirect.github.com/gitea/runner/issues/955)) - fix(deps): update mergo to v1.0.2 (now `dario.cat/mergo`) ([#​954](https://redirect.github.com/gitea/runner/issues/954)) - fix: ensure `dbfs_data` is cleaned up after task completion ([#​952](https://redirect.github.com/gitea/runner/issues/952)) - fix(artifactcache): preserve cache key case to stop redundant uploads ([#​947](https://redirect.github.com/gitea/runner/issues/947)) - fix(deps): update module golang.org/x/term to v0.43.0 ([#​948](https://redirect.github.com/gitea/runner/issues/948)) ### [`v1.0.2`](https://gitea.com/gitea/runner/releases/tag/v1.0.2) [Compare Source](https://gitea.com/gitea/runner/compare/v1.0.1...v1.0.2) #### Changelog - fix: overwrite read-only files when copying action directories ([#​942](https://redirect.github.com/gitea/runner/issues/942)) - docs: add apparmor=rootlesskit in security\_opt ([#​937](https://redirect.github.com/gitea/runner/issues/937)) - fix: serialize action-cache reads to prevent worktree race ([#​938](https://redirect.github.com/gitea/runner/issues/938)) - feat: remove emojis from runner logging, add `Starting job container` group ([#​940](https://redirect.github.com/gitea/runner/issues/940)) ### [`v1.0.1`](https://gitea.com/gitea/runner/releases/tag/v1.0.1) [Compare Source](https://gitea.com/gitea/runner/compare/v1.0.0...v1.0.1) #### Changelog - [`dff63b3`](dff63b3ecc) fix(deps): update module github.com/go-git/go-git/v5 to v5.19.0 ([#​934](https://redirect.github.com/gitea/runner/issues/934)) - [`a5d9fe9`](a5d9fe9651) fix(deps): update module github.com/opencontainers/selinux to v1.14.0 ([#​928](https://redirect.github.com/gitea/runner/issues/928)) - [`d607f3b`](d607f3b342) test: clean up dead/stale fixtures and bump test container images ([#​932](https://redirect.github.com/gitea/runner/issues/932)) - [`5e59402`](5e59402fb2) fix: re-fetch cached reusable workflow on every run ([#​930](https://redirect.github.com/gitea/runner/issues/930)) - [`dfeb463`](dfeb463904) chore(deps): update docker docker tag to v29 ([#​924](https://redirect.github.com/gitea/runner/issues/924)) </details> <details> <summary>getkin/kin-openapi (github.com/getkin/kin-openapi)</summary> ### [`v0.138.0`](https://redirect.github.com/getkin/kin-openapi/releases/tag/v0.138.0) [Compare Source](https://redirect.github.com/getkin/kin-openapi/compare/v0.137.0...v0.138.0) #### What's Changed - openapi3gen: clear nullable on exported component bodies by [@​0-don](https://redirect.github.com/0-don) in [#​1164](https://redirect.github.com/getkin/kin-openapi/pull/1164) - openapi3: add test for issue [#​927](https://redirect.github.com/getkin/kin-openapi/issues/927) (nullable not respected on $ref schemas) by [@​fenollp](https://redirect.github.com/fenollp) in [#​1165](https://redirect.github.com/getkin/kin-openapi/pull/1165) - test: move public-API tests to external \_test packages by [@​fenollp](https://redirect.github.com/fenollp) in [#​1168](https://redirect.github.com/getkin/kin-openapi/pull/1168) - feat(openapi3): add per-type validation errors with cluster wrappers by [@​reuvenharrison](https://redirect.github.com/reuvenharrison) in [#​1166](https://redirect.github.com/getkin/kin-openapi/pull/1166) - feat(openapi3conv): canonicalization pass for 3.0 -> 3.x by [@​reuvenharrison](https://redirect.github.com/reuvenharrison) in [#​1162](https://redirect.github.com/getkin/kin-openapi/pull/1162) - openapi3conv: test Upgrade on many documents by [@​fenollp](https://redirect.github.com/fenollp) in [#​1169](https://redirect.github.com/getkin/kin-openapi/pull/1169) **Full Changelog**: <https://github.com/getkin/kin-openapi/compare/v0.137.0...v0.138.0> </details> <details> <summary>go-co-op/gocron (github.com/go-co-op/gocron/v2)</summary> ### [`v2.21.2`](https://redirect.github.com/go-co-op/gocron/releases/tag/v2.21.2) [Compare Source](https://redirect.github.com/go-co-op/gocron/compare/v2.21.1...v2.21.2) #### What's Changed - fix: defer WithLimitedRuns job removal until task completes ([#​925](https://redirect.github.com/go-co-op/gocron/issues/925)) by [@​SAY-5](https://redirect.github.com/SAY-5) in [#​926](https://redirect.github.com/go-co-op/gocron/pull/926) #### New Contributors - [@​SAY-5](https://redirect.github.com/SAY-5) made their first contribution in [#​926](https://redirect.github.com/go-co-op/gocron/pull/926) **Full Changelog**: <https://github.com/go-co-op/gocron/compare/v2.21.1...v2.21.2> </details> <details> <summary>go-webauthn/webauthn (github.com/go-webauthn/webauthn)</summary> ### [`v0.17.3`](https://redirect.github.com/go-webauthn/webauthn/blob/HEAD/CHANGELOG.md#v0173-2026-05-09) [Compare Source](https://redirect.github.com/go-webauthn/webauthn/compare/v0.17.2...v0.17.3) ##### Dependency Updates This release just contains updates to dependencies. </details> <details> <summary>wneessen/go-mail (github.com/wneessen/go-mail)</summary> ### [`v0.7.3`](https://redirect.github.com/wneessen/go-mail/releases/tag/v0.7.3): : Skippable UTF-8 support, improved Base64LineBreaker, binary size reducing, fixes and more [Compare Source](https://redirect.github.com/wneessen/go-mail/compare/v0.7.2...v0.7.3) Welcome to go-mail v0.7.3! 🎉 This release brings some cool improvements, new features, and fixes to go-mail. We hope you enjoy it! #### Notable changes/improvements/features/fixes ##### Deadline fix for connections to a TLS port without TLS PR [#​521](https://redirect.github.com/wneessen/go-mail/issues/521) fixes a missing deadline in the `Client` that could cause a deadlock for connections to a TLS port without TLS enabled. Thanks to [@​james-d-elliott](https://redirect.github.com/james-d-elliott) for finding and fixing this issue! ##### Preseve EHLO and HELO errors PR [#​528](https://redirect.github.com/wneessen/go-mail/issues/528) fixes an error for cases in which both the HELO and EHLO fail during a client connect. In this case the first error would be overwritten by the 2nd action, potentially deleting valuable information. In go-mail v0.7.3 both errors are now combined. Thanks to [@​Yanhu007](https://redirect.github.com/Yanhu007) for their contribution! ##### Improved Base64LineBreaker In PR [#​512](https://redirect.github.com/wneessen/go-mail/issues/512) [@​srpvpn](https://redirect.github.com/srpvpn) refactored the `Base64LineBreaker` type to be more performant and easier to read by removing the recursion. Thanks for your contribution! ##### Reduce binary size by making text/template and html/template support optional In PR [#​518](https://redirect.github.com/wneessen/go-mail/issues/518) [@​sblinch](https://redirect.github.com/sblinch) introduced a new compile time flag `gomailnotpl` which will make the `text/template` and `html/template` optional. Background is, that using `reflect.Value.Method` or `reflect.Value.MethodByName` prevents Go from performing full dead-code elimination because any exported method of any struct in the codebase could potentially be referenced at runtime. Unfortunately `text/template` and `html/template` do exactly this to allow method invocation from within templates. So in case your code does not need template support, you can use the new compile flag to remove the support for both packages completely and same some bytes in the resulting binary. Thanks for your contribution! ##### Fix nil pointer panic in partWriter PR [#​543](https://redirect.github.com/wneessen/go-mail/issues/543) fixes a potential nil pointer panic in the partWriter in case the underlying `io.Writer` returns an error during a multipart message write. Thanks to [@​UgurTheG](https://redirect.github.com/UgurTheG) for reporting and fixing the issue! ##### Provide access to HELO responses in the SMTP client PR [#​530](https://redirect.github.com/wneessen/go-mail/issues/530) adds support to access the HELO/EHLO responses via the `smtp.Client`. This feature is useful when using an SMTP servers pool behind a load balancer, to know which instance took the job. Thanks to [@​maxatome](https://redirect.github.com/maxatome) for submitting this feature! ##### Multiple addresses support in ReplyTo header PR [#​517](https://redirect.github.com/wneessen/go-mail/issues/517) adds support for multiple `Reply-To` addresses within a `Msg`, as permitted in RFC5322. Thanks to [@​christian-heusel](https://redirect.github.com/christian-heusel) for pointing this out and for comitting the PR! ##### Support to disable SMTPUTF8 in the MAIL FROM even if the server announces it PR [#​548](https://redirect.github.com/wneessen/go-mail/issues/548) adds support for skipping the `SMTPUTF8` extension to `MAIL FROM` commands. By default, when a server announces `SMTPUTF8` support in the EHLO, go-mail will add `SMTPUTF8` to the `MAIL FROM` command. As pointed out in [#​545](https://redirect.github.com/wneessen/go-mail/issues/545), some SMTP servers (e. g. specific MS Exchange versions) announce the SMTPUTF8 extension in the EHLO response but when adding the SMTPUTF8 to the MAIL FROM, they will fail with an error. The PR introduces a new `WithoutSMTPUTF8()` option for the `Client` which will make sure to skip the SMTPUTF8 extension in the MAIL FROM, even if the server announced it previously. Thanks [@​mkalus](https://redirect.github.com/mkalus) for reporting this issue and for their detailed analysis in [#​545](https://redirect.github.com/wneessen/go-mail/issues/545). #### What's Changed - minor fix for func ResetWithSMTPClient and DialAndSendWithContext by [@​sarff](https://redirect.github.com/sarff) in [#​500](https://redirect.github.com/wneessen/go-mail/pull/500) - Refactored `SendWithSMTPClient` to improve error handling and added test cases by [@​wneessen](https://redirect.github.com/wneessen) in [#​502](https://redirect.github.com/wneessen/go-mail/pull/502) - Refactored test and validation logic for message content checks by [@​wneessen](https://redirect.github.com/wneessen) in [#​503](https://redirect.github.com/wneessen/go-mail/pull/503) - Fix a docstring typo by [@​mitar](https://redirect.github.com/mitar) in [#​505](https://redirect.github.com/wneessen/go-mail/pull/505) - Upstream sync: prevent test failures due to expired test certificate by [@​wneessen](https://redirect.github.com/wneessen) in [#​522](https://redirect.github.com/wneessen/go-mail/pull/522) - fix: deadline not set for initial connection read by [@​james-d-elliott](https://redirect.github.com/james-d-elliott) in [#​521](https://redirect.github.com/wneessen/go-mail/pull/521) - Add deadlock test for client connections by [@​wneessen](https://redirect.github.com/wneessen) in [#​525](https://redirect.github.com/wneessen/go-mail/pull/525) - fix: preserve EHLO error when both EHLO and HELO fail by [@​Yanhu007](https://redirect.github.com/Yanhu007) in [#​528](https://redirect.github.com/wneessen/go-mail/pull/528) - refactor: remove recursion from base64LineBreaker.Write by [@​srpvpn](https://redirect.github.com/srpvpn) in [#​512](https://redirect.github.com/wneessen/go-mail/pull/512) - Make text/template support optional to allow dead-code elimination by [@​sblinch](https://redirect.github.com/sblinch) in [#​518](https://redirect.github.com/wneessen/go-mail/pull/518) - fix: prevent nil pointer panic in writeBody when partWriter is nil by [@​UgurTheG](https://redirect.github.com/UgurTheG) in [#​543](https://redirect.github.com/wneessen/go-mail/pull/543) - feat: add (\*smtp.Client).HelloResponse method to get EHLO/HELO response by [@​maxatome](https://redirect.github.com/maxatome) in [#​530](https://redirect.github.com/wneessen/go-mail/pull/530) - feat: add option to skip SMTPUTF8 in "MAIL FROM" commands by [@​wneessen](https://redirect.github.com/wneessen) in [#​548](https://redirect.github.com/wneessen/go-mail/pull/548) - Allow multiple Addresses in ReplyTo Header and add GetReplyTo() by [@​christian-heusel](https://redirect.github.com/christian-heusel) in [#​517](https://redirect.github.com/wneessen/go-mail/pull/517) #### CI/CD maintenance changes - Bump golang.org/x/text from 0.29.0 to 0.30.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​501](https://redirect.github.com/wneessen/go-mail/pull/501) - Bump golang.org/x/text from 0.30.0 to 0.31.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​506](https://redirect.github.com/wneessen/go-mail/pull/506) - Bump golang.org/x/text from 0.31.0 to 0.32.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​509](https://redirect.github.com/wneessen/go-mail/pull/509) - Bump Go and `golang.org/x/text` module versions by [@​wneessen](https://redirect.github.com/wneessen) in [#​526](https://redirect.github.com/wneessen/go-mail/pull/526) - Bump golang.org/x/text from 0.35.0 to 0.36.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​527](https://redirect.github.com/wneessen/go-mail/pull/527) - Updated `.golangci.toml` for linter exclusions on specific use cases by [@​wneessen](https://redirect.github.com/wneessen) in [#​523](https://redirect.github.com/wneessen/go-mail/pull/523) - Updated CI configuration for Go and OS versions in workflows by [@​wneessen](https://redirect.github.com/wneessen) in [#​524](https://redirect.github.com/wneessen/go-mail/pull/524) - Bump golangci/golangci-lint-action from 7.0.0 to 9.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​535](https://redirect.github.com/wneessen/go-mail/pull/535) - Bump ossf/scorecard-action from 2.4.0 to 2.4.3 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​534](https://redirect.github.com/wneessen/go-mail/pull/534) - Bump fsfe/reuse-action from 5.0.0 to 6.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​533](https://redirect.github.com/wneessen/go-mail/pull/533) - Bump vmactions/freebsd-vm from 1.1.5 to 1.4.5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​532](https://redirect.github.com/wneessen/go-mail/pull/532) - Bump step-security/harden-runner from 2.10.2 to 2.19.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​531](https://redirect.github.com/wneessen/go-mail/pull/531) - Bump actions/dependency-review-action from 4.5.0 to 4.9.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​540](https://redirect.github.com/wneessen/go-mail/pull/540) - Bump actions/setup-go from 5.2.0 to 6.4.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​539](https://redirect.github.com/wneessen/go-mail/pull/539) - Bump codecov/codecov-action from 5.1.1 to 6.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​538](https://redirect.github.com/wneessen/go-mail/pull/538) - Bump actions/upload-artifact from 4.5.0 to 7.0.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​537](https://redirect.github.com/wneessen/go-mail/pull/537) - Bump github/codeql-action from 3.27.9 to 4.35.3 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​536](https://redirect.github.com/wneessen/go-mail/pull/536) - Bump step-security/harden-runner from 2.19.0 to 2.19.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​541](https://redirect.github.com/wneessen/go-mail/pull/541) - Bump golang.org/x/text from 0.36.0 to 0.37.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​547](https://redirect.github.com/wneessen/go-mail/pull/547) - Bump actions/dependency-review-action from 4.9.0 to 5.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​546](https://redirect.github.com/wneessen/go-mail/pull/546) - Bump github/codeql-action from 4.35.3 to 4.35.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​544](https://redirect.github.com/wneessen/go-mail/pull/544) #### New Contributors - [@​mitar](https://redirect.github.com/mitar) made their first contribution in [#​505](https://redirect.github.com/wneessen/go-mail/pull/505) - [@​Yanhu007](https://redirect.github.com/Yanhu007) made their first contribution in [#​528](https://redirect.github.com/wneessen/go-mail/pull/528) - [@​srpvpn](https://redirect.github.com/srpvpn) made their first contribution in [#​512](https://redirect.github.com/wneessen/go-mail/pull/512) - [@​sblinch](https://redirect.github.com/sblinch) made their first contribution in [#​518](https://redirect.github.com/wneessen/go-mail/pull/518) - [@​UgurTheG](https://redirect.github.com/UgurTheG) made their first contribution in [#​543](https://redirect.github.com/wneessen/go-mail/pull/543) - [@​maxatome](https://redirect.github.com/maxatome) made their first contribution in [#​530](https://redirect.github.com/wneessen/go-mail/pull/530) - [@​christian-heusel](https://redirect.github.com/christian-heusel) made their first contribution in [#​517](https://redirect.github.com/wneessen/go-mail/pull/517) **Full Changelog**: <https://github.com/wneessen/go-mail/compare/v0.7.2...v0.7.3> </details> <details> <summary>gitlab-org/api/client-go (gitlab.com/gitlab-org/api/client-go/v2)</summary> ### [`v2.25.0`](https://gitlab.com/gitlab-org/api/client-go/tags/v2.25.0) [Compare Source](https://gitlab.com/gitlab-org/api/client-go/compare/v2.24.1...v2.25.0) #### 2.25.0 ##### 🚀 Features - feat: Add GraphQL API support for security attributes and categories ([!2856](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2856)) by [Caleb Madara](https://gitlab.com/calebmadara58) ##### 🔄 Other Changes - chore(deps): update dependency golangci-lint to v2.12.1 ([!2880](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2880)) by [GitLab Dependency Bot](https://gitlab.com/gitlab-dependency-update-bot) - Resolve lint errors on `main` causing pipeline failures ([!2882](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2882)) by [Patrick Rice](https://gitlab.com/PatrickRice) - chore(deps): update dependency golangci-lint to v2.12.0 ([!2879](https://gitlab.com/gitlab-org/api/client-go/-/merge_requests/2879)) by [GitLab Dependency Bot](https://gitlab.com/gitlab-dependency-update-bot) ### [2.25.0](https://gitlab.com/gitlab-org/api/client-go/compare/v2.24.1...v2.25.0) (2026-05-11) ##### Features * Add GraphQL API support for security attributes and categories ([8496635](84966353d9)) </details> <details> <summary>cznic/sqlite (modernc.org/sqlite)</summary> ### [`v1.50.1`](https://gitlab.com/cznic/sqlite/compare/v1.50.0...v1.50.1) [Compare Source](https://gitlab.com/cznic/sqlite/compare/v1.50.0...v1.50.1) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Monday (`* * * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: silverwind <me@silverwind.io>
15 KiB
15 KiB