chore(deps): update triliumnext/trilium docker tag to v0.102.2

[renovate]

This PR contains the following updates:

Package	Update	Change
triliumnext/trilium	patch	v0.102.1 → v0.102.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

TriliumNext/Trilium (triliumnext/trilium)

v0.102.2

Compare Source

v0.102.2

[!IMPORTANT]
This release contains important security fixes. All users are strongly encouraged to update immediately.

Several vulnerabilities affecting content handling and the desktop application have been addressed. We recommend upgrading before the next scheduled release to ensure your installation is protected.

[!NOTE]
If you enjoyed this release, consider showing a token of appreciation by:

• Pressing the “Star” button on GitHub (top-right).
• Considering a one-time or recurrent donation to the lead developer via GitHub Sponsors or PayPal.
• If you are interested in an official mobile application  (#​7447) or multi-user support (#​4956), consider offering financial support via IssueHunt (see links).

🔒️ Security improvements

• Content Handling

  • Improved request handling for SVG content in share routes
  • Improved request handling for SVG content in the main API
  • Enhanced content rendering in the Mermaid diagram editor
  • Fixed toast notifications to properly escape content
  • Added validation for the docName attribute in the document renderer
  • Marked docName as a sensitive attribute in the commons module

• Desktop Application (Electron)

  • Added Electron fuses to harden the desktop application against external abuse
  • Improved application integrity checks

• API & Import

  • Added MIME type validation for image uploads via ETAPI
  • Aligned attachment upload validation with note upload validation
  • Import no longer preserves named note IDs to prevent potential conflicts

• Authentication

  • OpenID Connect now uses a more secure random number generator

We've also updated our SECURITY.MD file to detail our security practices and how to report vulnerabilities.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[f2c-ci-robot]

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[f2c-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment