Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
213 commits
Select commit Hold shift + click to select a range
d44e8a2
Merge pull request #1046 from Wikid82/main
Wikid82 Jun 2, 2026
acfad4b
chore(deps): update github-actions-non-major
renovate[bot] Jun 2, 2026
a7bf24b
chore(deps): update go-non-major
renovate[bot] Jun 2, 2026
28c7db9
chore(deps): update npm-non-major
renovate[bot] Jun 2, 2026
191223a
Merge pull request #1048 from Wikid82/renovate/github-actions-non-major
Wikid82 Jun 2, 2026
ac8d130
Merge pull request #1049 from Wikid82/renovate/go-non-major
Wikid82 Jun 2, 2026
d9e61a1
fix: regenerate lockfile to restore missing eslint and vite package e…
actions-user Jun 2, 2026
2ade498
fix(security): restore stale Grype code scanning pipeline
actions-user Jun 2, 2026
9e10e07
Merge pull request #1050 from Wikid82/renovate/npm-non-major
Wikid82 Jun 2, 2026
b951bc7
fix(deps): update Renovate configuration to correctly map gopkg.in/ya…
actions-user Jun 2, 2026
c32c43a
chore(deps): update go-non-major
renovate[bot] Jun 3, 2026
a6ae9ed
fix(deps): update Caddy version to 2.11.4 in Dockerfile
actions-user Jun 3, 2026
e6cd75b
fix(deps): update prometheus/common to v0.68.1
actions-user Jun 3, 2026
b16a951
fix(deps): update @tanstack/react-query to v5.101.0 and axios to v1.17.0
actions-user Jun 3, 2026
4149a2e
fix(deps): update Go version to 1.26.4 in settings, Dockerfile, and m…
actions-user Jun 3, 2026
9659f1c
fix(deps): update Syft version to v1.45.0 in multiple workflows and s…
actions-user Jun 3, 2026
525906b
Merge branch 'development' into renovate/go-non-major
Wikid82 Jun 3, 2026
172b0a4
fix(theme): prevent flash of unstyled content on page load
actions-user Jun 3, 2026
dcfb8f3
fix(dep): update grype version to 0.113.0
actions-user Jun 3, 2026
d21ec9a
fix(go): align all workflow and VS Code go.goroot references to 1.26.4
actions-user Jun 3, 2026
70cc2c9
Merge pull request #1052 from Wikid82/renovate/go-non-major
Wikid82 Jun 4, 2026
3ed5f50
chore(deps): update go-non-major to v1.75.0
renovate[bot] Jun 4, 2026
4d184e7
fix(ci): resolve Go toolchain mismatch in CodeQL and all CI workflows
actions-user Jun 4, 2026
92d0973
fix(sec): patch CVE-2026-40898 in buger/jsonparser via crowdsec-builder
actions-user Jun 4, 2026
e318678
Merge pull request #1053 from Wikid82/renovate/go-non-major
Wikid82 Jun 4, 2026
6c6aade
chore(deps): update go-non-major
renovate[bot] Jun 4, 2026
4ca8993
chore(deps): update i18next version to 26.3.1
actions-user Jun 4, 2026
744b5d8
Merge pull request #1054 from Wikid82/renovate/go-non-major
Wikid82 Jun 4, 2026
9cd026e
chore(deps): update github-actions-non-major
renovate[bot] Jun 5, 2026
9bf6760
chore(deps): update go-non-major
renovate[bot] Jun 5, 2026
57491f5
fix(deps): update npm-non-major to ^7.17.0
renovate[bot] Jun 5, 2026
ec9ae35
fix(sec): patch CVE-2026-40898 in buger/jsonparser via caddy-builder
actions-user Jun 5, 2026
dc5af6a
Merge branch 'development' into renovate/github-actions-non-major
Wikid82 Jun 5, 2026
91fdee8
Merge branch 'development' into renovate/go-non-major
Wikid82 Jun 5, 2026
0142a83
Merge branch 'development' into renovate/npm-non-major
Wikid82 Jun 5, 2026
3cec1d3
fix(sec): patch CVE-2026-40898 (quic-go QPACK) in crowdsec-builder
actions-user Jun 5, 2026
870516b
Merge branch 'development' into renovate/github-actions-non-major
Wikid82 Jun 5, 2026
29b4c99
Merge branch 'development' into renovate/go-non-major
Wikid82 Jun 5, 2026
b634842
Merge branch 'development' into renovate/npm-non-major
Wikid82 Jun 5, 2026
602da23
fix(sec): suppress GO-2024-2565, GO-2024-2557, GO-2026-4518 in grype/…
actions-user Jun 5, 2026
f17e7a7
Merge branch 'development' into renovate/github-actions-non-major
Wikid82 Jun 5, 2026
a2bc5aa
Merge branch 'development' into renovate/go-non-major
Wikid82 Jun 5, 2026
5309a8f
Merge branch 'development' into renovate/npm-non-major
Wikid82 Jun 5, 2026
edd0c14
Merge pull request #1057 from Wikid82/renovate/npm-non-major
Wikid82 Jun 5, 2026
4c07533
Merge pull request #1055 from Wikid82/renovate/github-actions-non-major
Wikid82 Jun 5, 2026
e2b2134
Merge pull request #1056 from Wikid82/renovate/go-non-major
Wikid82 Jun 5, 2026
d7293e0
fix(dep) update syft to v 1.45.1 in multiple workflows
actions-user Jun 5, 2026
6ea2d1a
fix(dep): update knip to v 6.16.0
actions-user Jun 5, 2026
d98b727
fix(dep): update bytedance/sonic to v1.15.2 and mattn/go-sqlite3 to v…
actions-user Jun 5, 2026
19eb5e0
chore: add Claude Code configuration from .github copilot files
actions-user Jun 5, 2026
37bb30e
fix(frontend): remove deprecated Firefox CSS and add modern browsersl…
Wikid82 Jun 5, 2026
4c570bd
chore: update ignore files
actions-user Jun 5, 2026
d46aed8
fix(dep) update npm deps to lates versions
actions-user Jun 6, 2026
c524555
chore(deps): update dependency anchore/syft to v1.45.1 (#1061)
renovate[bot] Jun 6, 2026
401c797
chore(deps): update dependency anchore/grype to v0.114.0 (#1062)
renovate[bot] Jun 6, 2026
f63b7d3
fix(dep): update codecov action
actions-user Jun 7, 2026
88f2372
chore(docker): update GeoLite2-Country.mmdb checksum (#1064)
github-actions[bot] Jun 7, 2026
32300e4
fix(assets): serve banner.webp and use picture element for optimized …
Wikid82 Jun 7, 2026
77d62b4
chore(deps): bump quic-go, maxminddb, and sqlite dependencies
actions-user Jun 7, 2026
531a75f
chore(deps): bump knip from 6.16.0 to 6.16.1
actions-user Jun 7, 2026
8b41f81
docs: add no-worktrees instruction to CLAUDE.md
actions-user Jun 7, 2026
9b04d19
chore(deps): bump react-hook-form and eslint-plugin-unicorn
actions-user Jun 8, 2026
19b413c
chore: ignore gorilla/websocket in renovate updates
actions-user Jun 8, 2026
30de6e2
fix(deps): add Renovate sourceUrl overrides for gin packages (#1065)
Wikid82 Jun 8, 2026
b4697c2
chore: clean node_modules before npm install in update script
actions-user Jun 8, 2026
4a817e8
chore(frontend): bump typescript-eslint to 8.61.0 and update deps
actions-user Jun 8, 2026
49b3cb3
chore: bump dev dependencies (obug, semver, tinyexec)
actions-user Jun 8, 2026
8890f94
chore(deps): bump golang.org/x/sys from v0.45.0 to v0.46.0
actions-user Jun 8, 2026
62fcd2e
chore(deps): bump golang.org/x and modernc.org dependencies
actions-user Jun 8, 2026
3febf21
fix(ci): pass pr_number when dispatching security-pr.yml from weekly …
actions-user Jun 8, 2026
8895f5c
fix(ci): extend no-cache-filters to caddy-builder and crowdsec-builde…
actions-user Jun 8, 2026
06b90a6
chore: bump prettier from 3.8.3 to 3.8.4
actions-user Jun 9, 2026
2d56bfd
chore(deps): bump eslint-plugin-unicorn to 65.0.1
actions-user Jun 9, 2026
eb62b08
fix(dockerfile): gate Delve install on BUILD_DEBUG, pin x/sys for GO-…
actions-user Jun 9, 2026
ab462f7
fix(entrypoint): gracefully handle production dlv stub when CHARON_DE…
actions-user Jun 9, 2026
cd4e264
chore(deps): update go-non-major (#1058)
renovate[bot] Jun 9, 2026
93425a6
chore(deps): update github-actions-non-major to v46.1.15 (#1067)
renovate[bot] Jun 9, 2026
6e1fd42
fix(deps): update go-non-major to v0.7.2 (#1068)
renovate[bot] Jun 10, 2026
2cafaaf
chore(deps): update alpine docker tag to v3.24.0 (#1069)
renovate[bot] Jun 10, 2026
45803d0
chore(deps): bump go-pkcs12 from v0.7.1 to v0.7.2
actions-user Jun 10, 2026
60077a5
chore: bump semver from 7.8.3 to 7.8.4
actions-user Jun 10, 2026
fc71385
chore(deps): bump frontend dev dependencies to latest patch versions
actions-user Jun 10, 2026
30eee6a
chore: replace eslint-plugin-react-compiler with react-hooks built-in
actions-user Jun 10, 2026
0536e73
fix(frontend): unregister auth error handler on AuthProvider unmount …
Wikid82 Jun 10, 2026
48c702e
chore: bump golang.org/x/net from v0.55.0 to v0.56.0
actions-user Jun 10, 2026
62e0106
chore: bump @napi-rs/wasm-runtime from 1.1.4 to 1.1.5
actions-user Jun 10, 2026
2f50483
chore: bump frontend dev dependencies to latest versions
actions-user Jun 10, 2026
6acb226
chore: add Docker Scout CLI install script
actions-user Jun 10, 2026
2ee04c4
fix(docker): move frontend builder to node alpine3.24 base to clear c…
actions-user Jun 10, 2026
7b55b2e
chore: bump @types/node from 25.9.2 to 25.9.3
actions-user Jun 11, 2026
9b5bad9
chore: remove lint step from npm_update script
actions-user Jun 11, 2026
e880852
chore: enhance go_update.sh with vuln checks and test runs
actions-user Jun 11, 2026
90c18ff
fix(go_update): simplify PATH export and remove redundant list cmd
actions-user Jun 11, 2026
292d73c
chore(renovate): group Dockerfile ARG updates separately from Go/NPM
actions-user Jun 11, 2026
0175723
chore(deps): update go-non-major to v0.56.0 (#1071)
renovate[bot] Jun 11, 2026
8e7faaf
chore: update acorn from 8.16.0 to 8.17.0
actions-user Jun 11, 2026
e8a30b1
chore: bump frontend deps (acorn, caniuse-lite, enhanced-resolve)
actions-user Jun 11, 2026
ea42263
chore: bump felixge/httpsnoop from v1.0.4 to v1.1.0
actions-user Jun 11, 2026
93e1b48
chore: update frontend lock file dependencies
actions-user Jun 12, 2026
d48a80c
fix(security): prepare for npm v12 breaking changes (#1072)
Wikid82 Jun 12, 2026
46d4b43
chore: bump eslint-plugin-security to 4.0.1
actions-user Jun 12, 2026
1f9c778
chore: bump npm to 11.17.0
actions-user Jun 12, 2026
c174a4a
chore(frontend): bump lucide-react, tailwindcss, and eslint deps
actions-user Jun 13, 2026
8b5874f
chore: bump obug from 2.1.2 to 2.1.3
actions-user Jun 13, 2026
36bc728
chore(deps): bump modernc.org/libc from v1.73.0 to v1.73.1
actions-user Jun 13, 2026
4bb8845
chore: fix renovate datasource config for expr-lang/expr
actions-user Jun 13, 2026
93dcabc
chore(deps): bump react-hook-form from 7.78.0 to 7.79.0
actions-user Jun 13, 2026
d937145
chore(deps): update npm-non-major to ^10.5.0 (#1073)
renovate[bot] Jun 13, 2026
8410cc2
chore: bump regjsparser from 0.13.1 to 0.13.2
actions-user Jun 13, 2026
a9691be
chore: update go.work.sum with golang.org/x/term v0.44.0
actions-user Jun 14, 2026
e972633
chore(deps): bump modernc.org/libc from v1.73.1 to v1.73.3
actions-user Jun 14, 2026
470673b
chore: bump @csstools/css-color-parser to 4.1.4
actions-user Jun 14, 2026
8d52783
chore(deps): update eslint-plugin-unicorn to v66 and react-refresh to…
actions-user Jun 14, 2026
5a3dbec
chore(docker): update GeoLite2-Country.mmdb checksum (#1074)
github-actions[bot] Jun 14, 2026
6c758ff
chore: bump tldts, playwright, and vitest deps
actions-user Jun 16, 2026
a0ba91d
chore: bump mongo-driver to v2.6.1 and modernc/libc to v1.73.4
actions-user Jun 16, 2026
c3b1b7d
chore(deps): update node.js to 21f403a (#1077)
renovate[bot] Jun 16, 2026
b463c70
chore(deps): update alpine docker tag to v3.24.1 (#1078)
renovate[bot] Jun 16, 2026
95ca4de
chore(deps): update dockerfile-non-major (#1079)
renovate[bot] Jun 16, 2026
b8217fe
chore(deps): update github-actions-non-major (#1080)
renovate[bot] Jun 16, 2026
1fc98b6
chore(deps): update node.js to v24.16.0 (#1081)
renovate[bot] Jun 16, 2026
b52fdbd
fix(deps): update npm-non-major (#1082)
renovate[bot] Jun 16, 2026
42cd711
chore(deps): update dependency eslint-plugin-unicorn to v67 (#1083)
renovate[bot] Jun 16, 2026
70af480
fix(deps): update npm-non-major to ^7.18.0 (#1084)
renovate[bot] Jun 17, 2026
b71d2a8
feat: enhanced dashboard with statistics (#25) (#1075)
Wikid82 Jun 17, 2026
fdacd2f
fix(deps): resolve js-yaml and markdown-it DoS vulnerabilities via np…
actions-user Jun 17, 2026
8089a16
fix(ci): align trivyignores and upload-sarif SHA across scan workflows
actions-user Jun 17, 2026
793f0da
fix(ci): add post-upload SARIF verification to weekly security rebuild
actions-user Jun 17, 2026
a6171dc
chore: bump mongo-driver/v2 from v2.6.1 to v2.7.0
actions-user Jun 18, 2026
79f5251
chore(deps): bump frontend lockfile dependencies
actions-user Jun 18, 2026
09072ad
chore: add package package-lock.json
actions-user Jun 18, 2026
8545782
chore(deps): bump lucide-react from 1.20.0 to 1.21.0
actions-user Jun 18, 2026
6fc6662
chore: bump go-sqlite3 from v1.14.45 to v1.14.46
actions-user Jun 18, 2026
e9a087c
chore(deps): bump moby/moby client to v0.5.0 and api to v1.55.0
actions-user Jun 19, 2026
c5a7537
chore: bump nanoid to 3.3.13 and yargs to 16.2.2
actions-user Jun 19, 2026
b3f4e43
chore(deps): bump eslint-plugin-sonarjs to 4.1.0
actions-user Jun 19, 2026
f07555b
chore(frontend): remove autoprefixer from postcss config
actions-user Jun 19, 2026
a422056
fix(frontend): remove unused autoprefixer dependency
actions-user Jun 19, 2026
4164114
fix: wrap webkit scrollbar styles in @supports selector guard
actions-user Jun 19, 2026
9ca07c5
chore: bump @types/node from 25.9.3 to 26.0.0
actions-user Jun 20, 2026
7fc632b
chore(deps): bump @types/node to v26 and eslint-plugin-unicorn to v68
actions-user Jun 20, 2026
8ec4cc4
chore(renovate): add gomodTidy, fix golang-jwt/jwt v5 tracking
actions-user Jun 20, 2026
f75e684
chore(deps): bump react-hook-form from 7.79.0 to 7.80.0
actions-user Jun 20, 2026
dd07927
chore(deps): update github-actions-non-major (#1086)
renovate[bot] Jun 20, 2026
3d3f047
chore(deps): update node.js to v24.17.0 (#1088)
renovate[bot] Jun 20, 2026
d3b3d0a
fix(deps): correct react-hook-form 7.80.0 integrity hash in lockfile
actions-user Jun 20, 2026
ee3c2e6
chore(deps): update dockerfile-non-major to v1.77.0 (#1087)
renovate[bot] Jun 20, 2026
a180665
chore(deps): update go-non-major to v1.4.0 (#1090)
renovate[bot] Jun 20, 2026
e159d58
chore(deps): update actions/checkout action to v7 (#1089)
renovate[bot] Jun 20, 2026
a5f1c3e
chore: bump nanoid from 3.3.13 to 3.3.14
actions-user Jun 21, 2026
6e0d4a7
chore: bump nanoid from 3.3.13 to 3.3.14
actions-user Jun 21, 2026
5237717
chore(dep): update package rules for js-yaml
Wikid82 Jun 21, 2026
7505d1f
chore(docker): update GeoLite2-Country.mmdb checksum (#1091)
github-actions[bot] Jun 21, 2026
2b6978c
chore(frontend): bump dependencies to latest versions
actions-user Jun 22, 2026
483b3e6
chore: bump nanoid to 3.3.15 and smol-toml to 1.7.0
actions-user Jun 22, 2026
2aac046
chore: add Claude worktree isolation settings
actions-user Jun 22, 2026
8c3b391
chore(deps): bump go-sqlite3 to v1.14.47 and modernc/sqlite to v1.53.0
actions-user Jun 22, 2026
f27c05d
chore(dep): move js-yaml to ignoreDeps — packageRule didn't cover ove…
actions-user Jun 22, 2026
9437abe
chore(deps): bump go-toml/v2 from v2.4.0 to v2.4.1
actions-user Jun 23, 2026
73afedb
feat(theme): comprehensive theme system + FOUC fix (closes #34) (#1092)
Wikid82 Jun 23, 2026
955a426
chore: bump tldts, axe-core/playwright, and vite dependencies
actions-user Jun 23, 2026
9743775
chore(frontend): bump frontend dependencies to latest versions
actions-user Jun 23, 2026
73d8032
chore: bump playwright from 1.61.0 to 1.61.1
actions-user Jun 23, 2026
a77ba6b
chore(deps): update dockerfile-non-major (#1095)
renovate[bot] Jun 24, 2026
654565f
chore(deps): update actions/cache action to v6 (#1096)
renovate[bot] Jun 24, 2026
bd757c2
test: increase login redirect timeout to 15s for Firefox CI
actions-user Jun 24, 2026
c877177
chore(deps): update github-actions-non-major (#1094)
renovate[bot] Jun 24, 2026
a3541bf
chore(deps): update node.js to v24.18.0 (#1097)
renovate[bot] Jun 24, 2026
ac0c5df
chore: bump electron-to-chromium from 1.5.377 to 1.5.378
actions-user Jun 24, 2026
64f8353
fix: use axios for session validation to fix Firefox E2E auth test
actions-user Jun 24, 2026
2b79e3d
chore: bump rolldown to 1.1.3 and napi-rs/wasm-runtime to 1.1.6
actions-user Jun 24, 2026
9788272
chore(deps): bump i18next to 26.3.2 and rolldown to 1.1.3
actions-user Jun 24, 2026
0b075bc
chore(deps): bump go-toml/v2 from v2.4.1 to v2.4.2
actions-user Jun 24, 2026
3a08cb8
chore: update npm overrides deps in npm_update.sh
actions-user Jun 24, 2026
c0958a2
chore: ignore tempCodeRunnerFile.sh in scripts directory
actions-user Jun 24, 2026
c60a52f
chore: pin js-yaml to ^5 in npm update script
actions-user Jun 24, 2026
59a82ce
chore: bump knip to 6.19.0 and smol-toml to 1.7.0
actions-user Jun 24, 2026
bdd83a6
chore(deps): update npm-non-major (#1098)
renovate[bot] Jun 24, 2026
f8a2171
chore(deps): update npm-non-major (#1099)
renovate[bot] Jun 24, 2026
4d1cd38
chore(deps): update node.js to v24.18.0 (#1101)
renovate[bot] Jun 24, 2026
e587a1a
chore(deps): update github-actions-non-major (#1100)
renovate[bot] Jun 24, 2026
68ddb01
chore: bump @types/node from 26.0.0 to 26.0.1
actions-user Jun 24, 2026
6dec8a9
chore: bump go-pkcs12 from v0.7.2 to v0.7.3
actions-user Jun 24, 2026
ea5a388
chore(deps): update node.js to v24.18.0 (#1102)
renovate[bot] Jun 25, 2026
7572de6
chore(deps): bump eslint-plugin-unicorn from 68 to 69
actions-user Jun 25, 2026
bf059cc
chore(deps): update dockerfile-non-major (#1103)
renovate[bot] Jun 25, 2026
948e109
fix(deps): update module gorm.io/gorm to v1.31.2 (#1105)
renovate[bot] Jun 25, 2026
db30285
chore(deps): update release-drafter/release-drafter digest to 73b95fa…
renovate[bot] Jun 25, 2026
25035b3
chore(deps): bump frontend dev dependencies to latest versions
actions-user Jun 25, 2026
0bbe9be
chore: bump tar to 7.5.17 and expect-type to 1.4.0
actions-user Jun 25, 2026
e810413
chore: bump es-to-primitive from 1.3.1 to 1.3.3
actions-user Jun 26, 2026
cf55ecb
refactor(scripts): merge go_update.sh and npm_update.sh into dep_upda…
actions-user Jun 26, 2026
1a6e52e
chore: remove test step from dep_update.sh module loop
actions-user Jun 26, 2026
d6a13f7
docs(security): add CVE-2026-39824 analysis and CHANGELOG entry
actions-user Jun 26, 2026
5ad6c02
chore(deps): update module golang.org/x/vuln to v1.5.0 (#1107)
renovate[bot] Jun 26, 2026
5f7a7c9
chore(deps): update release-drafter/release-drafter digest to 4d75298…
renovate[bot] Jun 26, 2026
b86c68f
chore(deps): bump es-toolkit from 1.48.1 to 1.49.0
actions-user Jun 26, 2026
e010a91
chore(deps): update actions/cache digest to 55cc834 (#1108)
renovate[bot] Jun 27, 2026
f1f5a43
chore(deps): bump modernc and golang.org/x indirect deps
actions-user Jun 27, 2026
bd52310
chore: bump prettier and analyze-trace to latest patch versions
actions-user Jun 27, 2026
2507a93
chore(deps): bump i18next, eslint, and knip to latest versions
actions-user Jun 27, 2026
2007c14
chore(deps): update dependency anchore/grype to v0.115.0 (#1109)
renovate[bot] Jun 27, 2026
2ed761b
chore(deps): update dependency anchore/syft to v1.46.0 (#1110)
renovate[bot] Jun 27, 2026
8a730a8
chore: bump prometheus/procfs from v0.20.1 to v0.21.0
actions-user Jun 28, 2026
62e791c
chore: bump prettier to 3.9.1 and tar to 7.5.19
actions-user Jun 28, 2026
26c867f
chore(deps): bump react-query to 5.101.2 and knip to 6.22.0
actions-user Jun 28, 2026
fbdcf9b
fix(renovate): add sourceUrl for prometheus/client_golang lookup
actions-user Jun 28, 2026
264fb09
chore(renovate): disable js-yaml auto-updates, managed manually
actions-user Jun 28, 2026
6a710bb
chore(docker): update GeoLite2-Country.mmdb checksum (#1111)
github-actions[bot] Jun 28, 2026
8a08aec
chore(deps): bump eslint-plugin-import-x and knip dev dependencies
actions-user Jun 28, 2026
129004f
chore: resolve nightly→main merge conflicts
actions-user Jun 29, 2026
35ae54a
chore: resolve nightly→main merge conflicts (origin/main)
actions-user Jun 29, 2026
af7949c
fix(ci): squash merge warning and safe PR number env var
actions-user Jun 29, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions .claude/settings.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"enabledPlugins": {
"frontend-design@claude-plugins-official": true,
"superpowers@claude-plugins-official": true,
"github@claude-plugins-official": true,
"playwright@claude-plugins-official": true,
"typescript-lsp@claude-plugins-official": true,
"semgrep@claude-plugins-official": true,
"pr-review-toolkit@claude-plugins-official": true
},
"worktree": {
"bgIsolation": "none"
}
}
30 changes: 19 additions & 11 deletions .github/renovate.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@

"ignoreDeps": [
"github.com/gorilla/websocket",
"github.com/golang-jwt/jwt/v5"
"github.com/golang-jwt/jwt/v5",
"js-yaml"
],

"minimumReleaseAge": null,
Expand Down Expand Up @@ -413,16 +414,6 @@
]
},
"packageRules": [
{
"description": "Pin js-yaml to v4.x — transitive dependents (@eslint/eslintrc, markdownlint-cli2) use v4 API internally; v5 is a breaking rewrite incompatible with their pinned calls",
"matchDatasources": [
"npm"
],
"matchPackageNames": [
"js-yaml"
],
"allowedVersions": "<5.0.0"
},
{
"description": "Group GitHub Actions non-major updates into one PR",
"matchManagers": [
Expand Down Expand Up @@ -753,6 +744,23 @@
"github.com/gin-contrib/sse"
],
"sourceUrl": "https://github.com/gin-contrib/sse"
},
{
"description": "Fix Renovate lookup for prometheus/client_golang",
"matchDatasources": [
"go"
],
"matchPackageNames": [
"github.com/prometheus/client_golang"
],
"sourceUrl": "https://github.com/prometheus/client_golang"
},
{
"description": "Disable js-yaml updates — pinned in overrides for security; managed manually",
"matchPackageNames": [
"js-yaml"
],
"enabled": false
}
]
}
2 changes: 1 addition & 1 deletion .github/skills/examples/gorm-scanner-ci-workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7

- name: Setup Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version: "1.26.4"

Expand Down
6 changes: 3 additions & 3 deletions .github/skills/security-scan-docker-image-scripts/run.sh
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ fi
# Check Grype
if ! command -v grype >/dev/null 2>&1; then
log_error "Grype not found - install from: https://github.com/anchore/grype"
log_error "Installation: curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.114.0"
log_error "Installation: curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.115.0"
error_exit "Grype is required for vulnerability scanning" 2
fi

Expand All @@ -50,8 +50,8 @@ SYFT_INSTALLED_VERSION=$(syft version | grep -oP 'Version:\s*\Kv?[0-9]+\.[0-9]+\
GRYPE_INSTALLED_VERSION=$(grype version | grep -oP 'Version:\s*\Kv?[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown")

# Set defaults matching CI workflow
set_default_env "SYFT_VERSION" "v1.45.1"
set_default_env "GRYPE_VERSION" "v0.114.0"
set_default_env "SYFT_VERSION" "v1.46.0"
set_default_env "GRYPE_VERSION" "v0.115.0"
set_default_env "IMAGE_TAG" "charon:local"
set_default_env "FAIL_ON_SEVERITY" "Critical,High"

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/auto-changelog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,6 @@ jobs:
with:
ref: ${{ github.event.workflow_run.head_sha || github.sha }}
- name: Draft Release
uses: release-drafter/release-drafter@ed4bc48ec97379be2258e7b7ac2624a3e26ab809 # v7
uses: release-drafter/release-drafter@4d75298e00d9e34c483e5ff8c68d0ea1c1940c1e # v7
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
2 changes: 1 addition & 1 deletion .github/workflows/benchmark.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
ref: ${{ github.event.pull_request.head.sha || github.event.workflow_run.head_sha || github.sha }}

- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: backend/go.mod

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/codecov-upload.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ concurrency:

env:
GO_VERSION: '1.26.4'
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'
GOTOOLCHAIN: local

permissions:
Expand All @@ -45,7 +45,7 @@ jobs:
ref: ${{ github.sha }}

- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: backend/go.mod

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ jobs:

- name: Setup Go
if: matrix.language == 'go'
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: backend/go.mod
cache-dependency-path: backend/go.sum
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/docs-to-issues.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ concurrency:
cancel-in-progress: false

env:
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'

permissions:
contents: write
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/docs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ concurrency:
cancel-in-progress: false

env:
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'

jobs:
build:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/e2e-tests-split.yml
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ on:
pull_request:

env:
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'
GO_VERSION: '1.26.4'
GOTOOLCHAIN: local
DOCKERHUB_REGISTRY: docker.io
Expand Down Expand Up @@ -142,7 +142,7 @@ jobs:

- name: Set up Go
if: steps.resolve-image.outputs.image_source == 'build'
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: backend/go.mod

Expand All @@ -158,7 +158,7 @@ jobs:

- name: Cache npm dependencies
if: steps.resolve-image.outputs.image_source == 'build'
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6
with:
path: ~/.npm
key: npm-${{ hashFiles('package-lock.json') }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/nightly-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ on:

env:
GO_VERSION: '1.26.4'
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'
GOTOOLCHAIN: local
GHCR_REGISTRY: ghcr.io
DOCKERHUB_REGISTRY: docker.io
Expand Down Expand Up @@ -298,7 +298,7 @@ jobs:

echo "Primary SBOM generation failed or produced missing/invalid output; using deterministic Syft fallback"

SYFT_VERSION="v1.45.1"
SYFT_VERSION="v1.46.0"
OS="$(uname -s | tr '[:upper:]' '[:lower:]')"
ARCH="$(uname -m)"
case "$ARCH" in
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/propagate-changes.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ concurrency:
cancel-in-progress: false

env:
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'

permissions:
contents: write
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/quality-checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ permissions:

env:
GO_VERSION: '1.26.4'
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'
GOTOOLCHAIN: local

jobs:
Expand All @@ -31,7 +31,7 @@ jobs:
ref: ${{ github.sha }}

- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0
with:
go-version-file: backend/go.mod

Expand Down Expand Up @@ -138,7 +138,7 @@ jobs:
} >> "$GITHUB_ENV"

- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0
with:
go-version-file: backend/go.mod

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release-goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ concurrency:

env:
GO_VERSION: '1.26.4'
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'
GOTOOLCHAIN: local

permissions:
Expand Down Expand Up @@ -45,7 +45,7 @@ jobs:
fi

- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: backend/go.mod

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/renovate.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,12 @@ jobs:
fetch-depth: 1

- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
with:
go-version-file: backend/go.mod

- name: Run Renovate
uses: renovatebot/github-action@8217b3fc286df088d7c27f3255fe8414463bc0fd # v46.1.15
uses: renovatebot/github-action@6d859fc95779be83a0335ca704879b47e5d79641 # v46.1.16
with:
configurationFile: .github/renovate.json
token: ${{ secrets.RENOVATE_TOKEN || secrets.GITHUB_TOKEN }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/supply-chain-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,7 @@ jobs:
- name: Install Grype
if: steps.set-target.outputs.image_name != ''
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.114.0
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.115.0

- name: Scan for vulnerabilities
if: steps.set-target.outputs.image_name != ''
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/weekly-nightly-promotion.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ concurrency:
cancel-in-progress: false

env:
NODE_VERSION: '24.17.0'
NODE_VERSION: '24.18.0'
SOURCE_BRANCH: 'nightly'
TARGET_BRANCH: 'main'

Expand Down Expand Up @@ -339,7 +339,7 @@ jobs:

1. **Review** the commit summary above
2. **Approve** if changes look correct
3. **Merge** using "Merge commit" to preserve history
3. **Merge** using "Squash merge" or "Rebase merge" — do **NOT** use "Merge commit" (merge commits cause divergence that breaks the next weekly promotion)

---

Expand Down Expand Up @@ -430,6 +430,8 @@ jobs:
steps:
- name: Dispatch missing required workflows on nightly head
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9
env:
PR_NUMBER: ${{ needs.create-promotion-pr.outputs.pr_number }}
with:
script: |
const owner = context.repo.owner;
Expand All @@ -443,7 +445,7 @@ jobs:
const nightlyHeadSha = nightlyBranch.commit.sha;
core.info(`Current nightly HEAD for dispatch fallback: ${nightlyHeadSha}`);

const prNumber = '${{ needs.create-promotion-pr.outputs.pr_number }}';
const prNumber = process.env.PR_NUMBER;
const requiredWorkflows = [
{ id: 'e2e-tests-split.yml' },
{ id: 'codeql.yml' },
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -332,3 +332,4 @@ backend/***_cov.txt
charon-scan.tar
.claude/scheduled_tasks.lock
.claude/worktrees/
scripts/tempCodeRunnerFile.sh
Loading
Loading