Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 #2447

Merged
merged 1 commit into from Sep 12, 2023
Merged

fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 #2447

merged 1 commit into from Sep 12, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 12, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
github.com/golang-jwt/jwt/v4 require major v4.5.0 -> v5.0.0

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

Release Notes

golang-jwt/jwt (github.com/golang-jwt/jwt/v4)

v5.0.0

Compare Source

🚀 New Major Version v5 🚀

It's finally here, the release you have been waiting for! We don't take breaking changes lightly, but the changes outlined below were necessary to address some of the challenges of the previous API. A big thanks for @​mfridman for all the reviews, all contributors for their commits and of course @​dgrijalva for the original code. I hope we kept some of the spirit of your original v4 branch alive in the approach we have taken here.
~@​oxisto, on behalf of @​golang-jwt/maintainers

Version v5 contains a major rework of core functionalities in the jwt-go library. This includes support for several validation options as well as a re-design of the Claims interface. Lastly, we reworked how errors work under the hood, which should provide a better overall developer experience.

Starting from v5.0.0, the import path will be:

"github.com/golang-jwt/jwt/v5"

For most users, changing the import path should suffice. However, since we intentionally changed and cleaned some of the public API, existing programs might need to be updated. The following sections describe significant changes and corresponding updates for existing programs.

Parsing and Validation Options

Under the hood, a new validator struct takes care of validating the claims. A long awaited feature has been the option to fine-tune the validation of tokens. This is now possible with several ParserOption functions that can be appended to most Parse functions, such as ParseWithClaims. The most important options and changes are:

  • Added WithLeeway to support specifying the leeway that is allowed when validating time-based claims, such as exp or nbf.
  • Changed default behavior to not check the iat claim. Usage of this claim is OPTIONAL according to the JWT RFC. The claim itself is also purely informational according to the RFC, so a strict validation failure is not recommended. If you want to check for sensible values in these claims, please use the WithIssuedAt parser option.
  • Added WithAudience, WithSubject and WithIssuer to support checking for expected aud, sub and iss.
  • Added WithStrictDecoding and WithPaddingAllowed options to allow previously global settings to enable base64 strict encoding and the parsing of base64 strings with padding. The latter is strictly speaking against the standard, but unfortunately some of the major identity providers issue some of these incorrect tokens. Both options are disabled by default.

Changes to the Claims interface

Complete Restructuring

Previously, the claims interface was satisfied with an implementation of a Valid() error function. This had several issues:

  • The different claim types (struct claims, map claims, etc.) then contained similar (but not 100 % identical) code of how this validation was done. This lead to a lot of (almost) duplicate code and was hard to maintain
  • It was not really semantically close to what a "claim" (or a set of claims) really is; which is a list of defined key/value pairs with a certain semantic meaning.

Since all the validation functionality is now extracted into the validator, all VerifyXXX and Valid functions have been removed from the Claims interface. Instead, the interface now represents a list of getters to retrieve values with a specific meaning. This allows us to completely decouple the validation logic with the underlying storage representation of the claim, which could be a struct, a map or even something stored in a database.

type Claims interface {
	GetExpirationTime() (*NumericDate, error)
	GetIssuedAt() (*NumericDate, error)
	GetNotBefore() (*NumericDate, error)
	GetIssuer() (string, error)
	GetSubject() (string, error)
	GetAudience() (ClaimStrings, error)
}
Supported Claim Types and Removal of StandardClaims

The two standard claim types supported by this library, MapClaims and RegisteredClaims both implement the necessary functions of this interface. The old StandardClaims struct, which has already been deprecated in v4 is now removed.

Users using custom claims, in most cases, will not experience any changes in the behavior as long as they embedded RegisteredClaims. If they created a new claim type from scratch, they now need to implemented the proper getter functions.

Migrating Application Specific Logic of the old Valid

Previously, users could override the Valid method in a custom claim, for example to extend the validation with application-specific claims. However, this was always very dangerous, since once could easily disable the standard validation and signature checking.

In order to avoid that, while still supporting the use-case, a new ClaimsValidator interface has been introduced. This interface consists of the Validate() error function. If the validator sees, that a Claims struct implements this interface, the errors returned to the Validate function will be appended to the regular standard validation. It is not possible to disable the standard validation anymore (even only by accident).

Usage examples can be found in example_test.go, to build claims structs like the following.

// MyCustomClaims includes all registered claims, plus Foo.
type MyCustomClaims struct {
	Foo string `json:"foo"`
	jwt.RegisteredClaims
}

// Validate can be used to execute additional application-specific claims
// validation.
func (m MyCustomClaims) Validate() error {
	if m.Foo != "bar" {
		return errors.New("must be foobar")
	}

	return nil
}

Changes to the Token and Parser struct

The previously global functions DecodeSegment and EncodeSegment were moved to the Parser and Token struct respectively. This will allow us in the future to configure the behavior of these two based on options supplied on the parser or the token (creation). This also removes two previously global variables and moves them to parser options WithStrictDecoding and WithPaddingAllowed.

In order to do that, we had to adjust the way signing methods work. Previously they were given a base64 encoded signature in Verify and were expected to return a base64 encoded version of the signature in Sign, both as a string. However, this made it necessary to have DecodeSegment and EncodeSegment global and was a less than perfect design because we were repeating encoding/decoding steps for all signing methods. Now, Sign and Verify operate on a decoded signature as a []byte, which feels more natural for a cryptographic operation anyway. Lastly, Parse and SignedString take care of the final encoding/decoding part.

In addition to that, we also changed the Signature field on Token from a string to []byte and this is also now populated with the decoded form. This is also more consistent, because the other parts of the JWT, mainly Header and Claims were already stored in decoded form in Token. Only the signature was stored in base64 encoded form, which was redundant with the information in the Raw field, which contains the complete token as base64.

type Token struct {
	Raw       string                 // Raw contains the raw token
	Method    SigningMethod          // Method is the signing method used or to be used
	Header    map[string]interface{} // Header is the first segment of the token in decoded form
	Claims    Claims                 // Claims is the second segment of the token in decoded form
	Signature []byte                 // Signature is the third segment of the token in decoded form
	Valid     bool                   // Valid specifies if the token is valid
}

Most (if not all) of these changes should not impact the normal usage of this library. Only users directly accessing the Signature field as well as developers of custom signing methods should be affected.

What's Changed

New Contributors

Full Changelog: golang-jwt/jwt@v4.5.0...v5.0.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/github.com-golang-jwt-jwt-v4-5.x branch from f4e2079 to e6b6cf2 Compare September 12, 2023 08:01
@pat-s pat-s enabled auto-merge (squash) September 12, 2023 11:33
@pat-s pat-s merged commit b27c956 into main Sep 12, 2023
5 checks passed
@pat-s pat-s deleted the renovate/github.com-golang-jwt-jwt-v4-5.x branch September 12, 2023 11:52
@anbraten anbraten mentioned this pull request Sep 13, 2023
Closed
@woodpecker-bot woodpecker-bot mentioned this pull request Oct 5, 2023
Closed
@woodpecker-bot woodpecker-bot mentioned this pull request Oct 15, 2023
Closed
This was referenced Nov 5, 2023
Closed
Closed
Closed
Closed
Merged
@woodpecker-bot woodpecker-bot mentioned this pull request Nov 23, 2023
Merged
1 task
6543 pushed a commit that referenced this pull request Nov 23, 2023
@woodpecker-bot
🎉 Release 2.0.0 (#2805)
0fc428a 
This PR was opened by the
[ready-release-go](https://github.com/woodpecker-ci/plugin-ready-release-go)
plugin. When you're ready to do a release, you can merge this
pull-request and a new release with version `2.0.0` will be created
automatically. If you're not ready to do a release yet, that's fine,
whenever you add more changes to `main` this pull-request will be
updated.

## Options

- [ ] Mark this version as a release candidate

##
[2.0.0](https://github.com/woodpecker-ci/woodpecker/releases/tag/2.0.0)
- 2023-11-23

### 💥 Breaking changes

- Rename `link` to `url`
[[#2812](#2812)]
- Revert to singular CLI args
[[#2820](#2820)]
- Use int64 for IDs in woodpecker client lib
[[#2703](#2703)]
- Woodpecker-go: Use Feed instead of Activity
[[#2690](#2690)]
- Do not sanitzie secrets with 3 or less chars
[[#2680](#2680)]
- fix(deps): update docker to v24
[[#2675](#2675)]
- Remove `WOODPECKER_DOCS` config
[[#2647](#2647)]
- Remove plugin-only option from secrets
[[#2213](#2213)]
- Remove deprecated API paths
[[#2639](#2639)]
- Remove SSH backend
[[#2635](#2635)]
- Remove deprecated `build` command
[[#2602](#2602)]
- Deprecate "platform" filter in favour of "labels"
[[#2181](#2181)]
- Remove useless "sync" option from RepoListOpts from the client lib
[[#2090](#2090)]
- Drop deprecated built-in environment variables
[[#2048](#2048)]

### 🔒 Security

- Never log tokens
[[#2466](#2466)]
- Check permissions on repo lookup
[[#2357](#2357)]
- Change token logging to trace level
[[#2247](#2247)]
- Validate webhook before changing any data
[[#2221](#2221)]

### ✨ Features

- Add version and update notes
[[#2722](#2722)]
- Add repos list for admins
[[#2347](#2347)]
- Add org list
[[#2338](#2338)]
- Add option to configure tolerations in kubernetes backend
[[#2249](#2249)]
- Support user secrets
[[#2126](#2126)]
- Add opt save global log output to file
[[#2115](#2115)]
- Support bitbucket Dir() and support multi-workflows
[[#2045](#2045)]
- Add ping command to server to allow container healthchecks
[[#2030](#2030)]

### 📚 Documentation

- Add 2.0.0 post
[[#2864](#2864)]
- Add extend env plugin
[[#2847](#2847)]
- mark v1.0.x as unmaintained
[[#2818](#2818)]
- Update docs npm deps non-major
[[#2799](#2799)]
- Add docs about Gitea on same host and update docker-compose example
[[#2752](#2752)]
- Update docusaurus plugin
[[#2804](#2804)]
- Mark kubernetes backend as fully supported
[[#2756](#2756)]
- Update docusaurus to v3
[[#2732](#2732)]
- Fix the wrong link to the cron job document
[[#2740](#2740)]
- Improve secrets documentation
[[#2707](#2707)]
- Add woodpecker-lint tool
[[#2648](#2648)]
- Add autoscaler docs
[[#2631](#2631)]
- Rework setup docs
[[#2630](#2630)]
- doc: improve prometheus docs
[[#2617](#2617)]
- docs add nixos install instructions
[[#2616](#2616)]
- Add prettier plugin
[[#2621](#2621)]
- [doc] improve documentation WOODPECKER_SESSION_EXPIRES
[[#2603](#2603)]
- Update documentation WRT to recent `$platform` changes
[[#2531](#2531)]
- Add plugin "GitHub release"
[[#2592](#2592)]
- Cleanup docs
[[#2478](#2478)]
- Add plugin "Release helper"
[[#2584](#2584)]
- Add plugin "Gitea Create Pull Request" to plugin index
[[#2581](#2581)]
- Adjust github scopes and clarify documentation.
[[#2578](#2578)]
- Remove redundant definition of webhook form docs
[[#2561](#2561)]
- Add notes about CRI-O specific config
[[#2546](#2546)]
- Fix incorrect yaml syntax for `ref` in docs
[[#2518](#2518)]
- Local image documentation
[[#2521](#2521)]
- Adds bitbucket tag support in docs
[[#2536](#2536)]
- Fix docs duplicate WOODPECKER_HOST assignment
[[#2501](#2501)]
- Update github auth install
[[#2499](#2499)]
- Update GH app installation instructions
[[#2472](#2472)]
- Add videos
[[#2465](#2465)]
- docs: missing info for runs_on
[[#2457](#2457)]
- Add hint about alternative pipeline skip syntax
[[#2443](#2443)]
- Fix typo in GitLab docs
[[#2376](#2376)]
- clarify setup with gitlab with RFC1918 nets and non standard TLDs
[[#2363](#2363)]
- Clarify env var `CI` in docs
[[#2349](#2349)]
- docs: yaml cheatsheet for advanced syntax
[[#2329](#2329)]
- Improve explanation for globs in when:path
[[#2252](#2252)]
- Fix usage description for backend-http-proxy flag
[[#2250](#2250)]
- Restructure k8s documentation
[[#2193](#2193)]
- Update list of "projects using Woodpecker"
[[#2196](#2196)]
- Update 92-awesome.md
[[#2195](#2195)]
- Better blog title/desc
[[#2182](#2182)]
- Fix version in FAQ
[[#2101](#2101)]
- Add blog posts/tutorials
[[#2095](#2095)]
- update version docs about versioning
[[#2086](#2086)]
- Fix client example
[[#2085](#2085)]
- Update docs deps to address cves
[[#2080](#2080)]
- fix: global registry docs
[[#2070](#2070)]
- Improve bitbucket docs
[[#2066](#2066)]
- update docs about versioning
[[#2043](#2043)]
- Set v1.0 documents as default and mark v0.15 as unmaintained
[[#2034](#2034)]

### 📈 Enhancement

- Cleanup plugins index
[[#2856](#2856)]
- Bump default clone image version to 2.4.0
[[#2852](#2852)]
- Signal to clients the hook and event routes where removed
[[#2826](#2826)]
- Replace `interface{}` with `any`
[[#2807](#2807)]
- Fix repo owner filter
[[#2808](#2808)]
- Sort agents list by ID
[[#2795](#2795)]
- Fix css loading order in head
[[#2785](#2785)]
- Fix error color contrast in dark theme
[[#2778](#2778)]
- Replace linter icons to match theme
[[#2765](#2765)]
- Switch to go vanity urls
[[#2706](#2706)]
- Add workflow version
[[#2476](#2476)]
- UI enhancements/fixes
[[#2754](#2754)]
- Fail on missing secrets
[[#2749](#2749)]
- Add deprecation warnings
[[#2725](#2725)]
- Enhance linter and errors
[[#1572](#1572)]
- Option to change temp dir for local backend
[[#2702](#2702)]
- Revert breaking pipeline changes
[[#2677](#2677)]
- Add ports into pipeline backend step model
[[#2656](#2656)]
- Unregister stateless agents from server on termination
[[#2606](#2606)]
- Let the backend engine report the current platform
[[#2688](#2688)]
- Showing the pending pipelines on top
[[#1488](#1488)]
- Print local backend command logs
[[#2678](#2678)]
- Report problems with listening to ports and exit
[[#2102](#2102)]
- Use path.Join for server side path generation
[[#2689](#2689)]
- Refactor UI dark/bright mode
[[#2590](#2590)]
- Stop steps after they are done
[[#2681](#2681)]
- Fix where syntax
[[#2676](#2676)]
- Add "Repair all" button
[[#2642](#2642)]
- Use pagination utils
[[#2633](#2633)]
- Dynamic forge request size
[[#2622](#2622)]
- Update to docker 23
[[#2577](#2577)]
- Refactor/simplify pubsub
[[#2554](#2554)]
- Refactor pipeline parsing and forge refreshing
[[#2527](#2527)]
- Fix gitlab hooks and simplify config extension
[[#2537](#2537)]
- Set home variable in local backend for windows
[[#2323](#2323)]
- Some cleanups about host config
[[#2490](#2490)]
- Fix usage of WOODPECKER_ROOT_PATH
[[#2485](#2485)]
- Some UI enhancement
[[#2468](#2468)]
- Harmonize pipeline status information and add a review link to the
approval
[[#2345](#2345)]
- Add Renovate
[[#2360](#2360)]
- Add option to render button as link
[[#2378](#2378)]
- Close sidebar on outside clicks
[[#2325](#2325)]
- Add release helper
[[#1976](#1976)]
- Use API error helpers and improve response codes
[[#2366](#2366)]
- Import packages only once
[[#2362](#2362)]
- Execute `make generate` with new versions
[[#2365](#2365)]
- Only show commit title
[[#2361](#2361)]
- Truncate commit message in pipeline log view header
[[#2356](#2356)]
- Increase header padding again
[[#2348](#2348)]
- Use full width header on pipeline view and show repo name
[[#2327](#2327)]
- Use html list for changed files list
[[#2346](#2346)]
- Show that repo is disabled
[[#2340](#2340)]
- Add spacing to pipeline feed spinner
[[#2326](#2326)]
- Autodetect host platform in Makefile
[[#2322](#2322)]
- Add "plugin" support to local backend
[[#2239](#2239)]
- Rename grpc pipeline to workflow
[[#2173](#2173)]
- Pass netrc data to external config service request
[[#2310](#2310)]
- Create settings-panel vue component and use InputFields
[[#2177](#2177)]
- Use browser-native tooltips
[[#2189](#2189)]
- Improve agent rpc retry logic with exponential backoff
[[#2205](#2205)]
- Skip settings proxy config with WithProxy if its empty
[[#2242](#2242)]
- Move hook and events-stream routes to use `/api` prefix
[[#2212](#2212)]
- Add SSH clone URL env var
[[#2198](#2198)]
- Small improvements to mobile interface
[[#2202](#2202)]
- Switch to upstream ttlcache
[[#2187](#2187)]
- Convert EqualStringSlice to generic EqualSliceValues
[[#2179](#2179)]
- Pass netrc to trusted clone images
[[#2163](#2163)]
- Use Vue setup directive
[[#2165](#2165)]
- Release file lock on USR1 signal
[[#2151](#2151)]
- Use min/max width for pipeline step list
[[#2141](#2141)]
- Add header to pipeline log and always show buttons
[[#2140](#2140)]
- Use fix width for pipeline step list
[[#2138](#2138)]
- Make sure we dont have hidden options for backend and pipeline
compiler
[[#2123](#2123)]
- Enhance local backend
[[#2017](#2017)]
- Don't show badge without information
[[#2130](#2130)]
- CLI repo sync: Show `forge-remote-id`
[[#2103](#2103)]
- Lazy-load TimeAgo locales
[[#2094](#2094)]
- Improve user settings
[[#2087](#2087)]
- Allow to disable swagger
[[#2093](#2093)]
- Use consistent woodpecker color scheme
[[#2003](#2003)]
- Change master to main
[[#2044](#2044)]
- Remove default branch fallbacks
[[#2065](#2065)]
- Remove fallback check for old sqlite file location
[[#2046](#2046)]
- Include the function name in generic datastore errors
[[#2041](#2041)]

### 🐛 Bug Fixes

- Fix plugin URLs
[[#2850](#2850)]
- Fix env vars and add UI url
[[#2811](#2811)]
- Fix paths for version check
[[#2816](#2816)]
- Add `privileged` schema definition
[[#2777](#2777)]
- Use unique label selector for pod label for kubernetes services
[[#2723](#2723)]
- Some UI fixes
[[#2698](#2698)]
- Fix active tab not updating on prop change
[[#2712](#2712)]
- Unique status for matrix
[[#2695](#2695)]
- Fix secret image filter regex
[[#2674](#2674)]
- local backend ignore errors in commands inbetween
[[#2636](#2636)]
- Do not print log level on CLI
[[#2638](#2638)]
- Fix error when closing logs
[[#2637](#2637)]
- Fix `CI_WORKSPACE` in local backend
[[#2627](#2627)]
- Some mobile UI fixes
[[#2624](#2624)]
- Fix secret priority
[[#2599](#2599)]
- UI cleanups and improvements
[[#2548](#2548)]
- Fix PR event trigger and list for bitbucket repos
[[#2539](#2539)]
- Fix ccmenu endpoint
[[#2543](#2543)]
- Trim last "/" from WOODPECKER_HOST config
[[#2538](#2538)]
- Use correct mime type when no content is sent
[[#2515](#2515)]
- Fix bitbucket branches pagination.
[[#2509](#2509)]
- fix: change config.config_data column type to longblob in mysql
[[#2434](#2434)]
- Fix: change tasks.task_data column type to longblob in mysql
[[#2418](#2418)]
- Do not list archived repos for all forges
[[#2374](#2374)]
- fix(server/api/repo): Fix repair webhook host
[[#2372](#2372)]
- Delete repos/secrets on org deletion
[[#2367](#2367)]
- Fix org fetching
[[#2343](#2343)]
- Show correct event in pipeline step list
[[#2334](#2334)]
- Add min height to mobile pipeline view and fix overflow
[[#2335](#2335)]
- Fix grid column size in pipeline log view
[[#2336](#2336)]
- Fix mobile login view
[[#2332](#2332)]
- Fix button loading spinner when activating repos
[[#2333](#2333)]
- make WOODPECKER_MIGRATIONS_ALLOW_LONG have an actuall effect
[[#2251](#2251)]
- Docker build dont ignore ci env vars
[[#2238](#2238)]
- Handle parsed hooks that should be ignored
[[#2243](#2243)]
- Set correct version for release branch releases
[[#2227](#2227)]
- Bump default git clone plugin
[[#2215](#2215)]
- Show all steps
[[#2190](#2190)]
- Fix pipeline config collapsing
[[#2166](#2166)]
- Fix 'add-orgs' migration
[[#2117](#2117)]
- docs: Environment Variable Seems to be `DOCKER_HOST`, not
`DOCKER_SOCK`
[[#2122](#2122)]
- Fix swagger response code
[[#2119](#2119)]
- Forge Github Org: Use `login` instead of `name`
[[#2104](#2104)]
- client.go: Fix RepoPost path
[[#2091](#2091)]
- Fix alt text contrast in code boxes
[[#2089](#2089)]
- Fix WOODPECKER_GRPC_VERIFY being ignored
[[#2077](#2077)]
- Handle case where there is no latest pipeline for GetBadge
[[#2042](#2042)]

### Misc

- Update release-helper
[[#2863](#2863)]
- Add repo owner test
[[#2857](#2857)]
- Update woodpeckerci/plugin-ready-release-go Docker tag to v1.0.2
[[#2853](#2853)]
- Update golang (packages)
[[#2839](#2839)]
- Update dependency vite to v5
[[#2836](#2836)]
- Lock file maintenance
[[#2840](#2840)]
- Update postgres Docker tag to v16.1
[[#2842](#2842)]
- Update docker.io/golang Docker tag to v1.21.4
[[#2828](#2828)]
- Update docker.io/techknowlogick/xgo Docker tag to go-1.21.4
[[#2829](#2829)]
- Update golang (packages)
[[#2815](#2815)]
- Update dependency marked to v10
[[#2810](#2810)]
- Update release-helper
[[#2801](#2801)]
- Remove go versions from .golangci.yml
[[#2775](#2775)]
- [pre-commit.ci] pre-commit autoupdate
[[#2767](#2767)]
- Lock file maintenance
[[#2755](#2755)]
- Update golang (packages)
[[#2742](#2742)]
- Update woodpeckerci/plugin-ready-release-go Docker tag to v0.7.0
[[#2728](#2728)]
- Add grafana dashobard to awesome
[[#2710](#2710)]
- Pin alpine versions in Dockerfile
[[#2649](#2649)]
- Use full qualifyer for images
[[#2692](#2692)]
- chore(deps): lock file maintenance
[[#2673](#2673)]
- fix(deps): update golang (packages)
[[#2671](#2671)]
- Use `pre-commit`
[[#2650](#2650)]
- fix(deps): update dependency fuse.js to v7
[[#2666](#2666)]
- chore(deps): update dependency @types/node to v20
[[#2664](#2664)]
- chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to
v2.2.0 [[#2663](#2663)]
- chore(deps): update mysql docker tag to v8.2.0
[[#2662](#2662)]
- Add some tests
[[#2652](#2652)]
- chore(deps): update docs npm deps non-major
[[#2660](#2660)]
- chore(deps): update web npm deps non-major
[[#2661](#2661)]
- Fix codecov plugin version
[[#2643](#2643)]
- Add prettier
[[#2600](#2600)]
- Do not run docker prepare steps
[[#2626](#2626)]
- Fix docker workflow and only run if needed
[[#2625](#2625)]
- fix(deps): update golang (packages)
[[#2614](#2614)]
- chore(deps): lock file maintenance
[[#2620](#2620)]
- chore(deps): update codeberg.org/woodpecker-plugins/trivy docker tag
to v1.0.1
[[#2618](#2618)]
- chore(deps): update node.js to v21
[[#2615](#2615)]
- Only publish PR images when label is set
[[#2608](#2608)]
- chore(deps): lock file maintenance
[[#2595](#2595)]
- chore(deps): update postgres docker tag to v16
[[#2588](#2588)]
- Update renovate schedule & use central config repo
[[#2597](#2597)]
- chore(deps): update woodpeckerci/plugin-surge-preview docker tag to
v1.2.2 [[#2593](#2593)]
- Update README badge link
[[#2596](#2596)]
- fix(deps): update golang (packages) to v23.0.7+incompatible
[[#2586](#2586)]
- Fix missing web dist
[[#2580](#2580)]
- Run tests on `main` branch
[[#2576](#2576)]
- fix(deps): update module github.com/google/go-github/v55 to v56
[[#2573](#2573)]
- Add plugin "NixOS Remote Builder" to plugin index
[[#2571](#2571)]
- Fix renovate
[[#2569](#2569)]
- renovate: add `golang` group
[[#2567](#2567)]
- chore(deps): update golang docker tag to v1.21.3
[[#2564](#2564)]
- chore(deps): update techknowlogick/xgo docker tag to go-1.21.3
[[#2565](#2565)]
- fix(deps): update golang deps non-major
[[#2566](#2566)]
- chore(deps): update mstruebing/editorconfig-checker docker tag to
v2.7.2 [[#2563](#2563)]
- Bump to mysql 8
[[#2559](#2559)]
- fix(deps): update module github.com/xanzy/go-gitlab to v0.93.1
[[#2560](#2560)]
- Require Go 1.21
[[#2553](#2553)]
- chore(deps): update techknowlogick/xgo docker tag to go-1.21.2
[[#2523](#2523)]
- Update issue config
[[#2353](#2353)]
- Add test for handling pipeline error
[[#2547](#2547)]
- chore(deps): update golang docker tag to v1.21.2
[[#2532](#2532)]
- fix(deps): update golang.org/x/exp digest to 7918f67
[[#2535](#2535)]
- fix(deps): update golang deps non-major
[[#2533](#2533)]
- fix(deps): update golang.org/x/exp digest to 3e424a5
[[#2530](#2530)]
- Use golangci-lint to lint zerolog
[[#2524](#2524)]
- Renovate config updates
[[#2519](#2519)]
- fix(deps): update module github.com/docker/distribution to
v2.8.3+incompatible
[[#2517](#2517)]
- fix(deps): update module github.com/melbahja/goph to v1.4.0
[[#2513](#2513)]
- fix(deps): update golang deps non-major
[[#2500](#2500)]
- chore(deps): lock file maintenance
[[#2497](#2497)]
- Fix broken link to 3rd party plugin library
[[#2494](#2494)]
- fix(deps): update golang deps non-major
[[#2486](#2486)]
- chore(deps): lock file maintenance
[[#2469](#2469)]
- Add devx lable to compose file PRs
[[#2467](#2467)]
- chore(deps): update postgres docker tag to v16
[[#2463](#2463)]
- Update gitea sdk
[[#2464](#2464)]
- fix(deps): update golang deps non-major
[[#2462](#2462)]
- fix(deps): update dependency ansi_up to v6
[[#2431](#2431)]
- chore(deps): update web npm deps non-major
[[#2461](#2461)]
- fix(deps): update module github.com/tevino/abool to v2
[[#2460](#2460)]
- fix(deps): update module github.com/google/go-github/v39 to v55
[[#2456](#2456)]
- fix(deps): update module github.com/golang-jwt/jwt/v4 to v5
[[#2449](#2449)]
- fix(deps): update module github.com/golang-jwt/jwt/v4 to v5
[[#2447](#2447)]
- chore(deps): update node.js to v20
[[#2422](#2422)]
- Add renovate package rule to apply build label
[[#2440](#2440)]
- fix(deps): update dependency prism-react-renderer to v2
[[#2436](#2436)]
- fix(deps): update dependency node-emoji to v2
[[#2435](#2435)]
- Add renovate package rule to apply dependencies label
[[#2438](#2438)]
- fix(deps): update golang deps non-major
[[#2437](#2437)]
- chore(deps): update postgres docker tag to v15
[[#2423](#2423)]
- fix(deps): update dependency esbuild-loader to v4
[[#2433](#2433)]
- fix(deps): update dependency clsx to v2
[[#2432](#2432)]
- fix(deps): update dependency @vueuse/core to v10
[[#2430](#2430)]
- fix(deps): update dependency @svgr/webpack to v8
[[#2429](#2429)]
- fix(deps): update dependency @kyvg/vue3-notification to v3
[[#2427](#2427)]
- fix(deps): update dependency @intlify/unplugin-vue-i18n to v1
[[#2426](#2426)]
- chore(deps): update typescript-eslint monorepo to v6 (major)
[[#2425](#2425)]
- chore(deps): update react monorepo to v18 (major)
[[#2424](#2424)]
- chore(deps): update dependency prettier to v3
[[#2420](#2420)]
- chore(deps): update dependency eslint-config-prettier to v9
[[#2415](#2415)]
- chore(deps): update dependency @tsconfig/docusaurus to v2
[[#2410](#2410)]
- chore(deps): update dependency typescript to v5
[[#2421](#2421)]
- chore(deps): update dependency concurrently to v8
[[#2414](#2414)]
- Add renovate deps groups
[[#2417](#2417)]
- fix(deps): update module xorm.io/xorm to v1.3.3
[[#2393](#2393)]
- chore(deps): update dependency marked to v9
[[#2419](#2419)]
- chore(deps): update dependency @types/marked to v5
[[#2411](#2411)]
- fix(deps): update module github.com/rs/zerolog to v1.30.0
[[#2404](#2404)]
- fix(deps): update module github.com/jellydator/ttlcache/v3 to v3.1.0
[[#2402](#2402)]
- fix(deps): update module github.com/xanzy/go-gitlab to v0.91.1
[[#2405](#2405)]
- fix(deps): update module github.com/antonmedv/expr to v1.15.1
[[#2400](#2400)]
- chore(deps): update dependency axios to v1
[[#2413](#2413)]
- fix(deps): update module github.com/prometheus/client_golang to
v1.16.0 [[#2403](#2403)]
- fix(deps): update module github.com/urfave/cli/v2 to v2.25.7
[[#2391](#2391)]
- fix(deps): update module google.golang.org/protobuf to v1.31.0
[[#2409](#2409)]
- fix(deps): update kubernetes packages to v0.28.1
[[#2399](#2399)]
- fix(deps): update module github.com/swaggo/swag to v1.16.2
[[#2390](#2390)]
- fix(deps): update dependency @easyops-cn/docusaurus-search-local to
^0.36.0 [[#2406](#2406)]
- fix(deps): update module github.com/stretchr/testify to v1.8.4
[[#2389](#2389)]
- fix(deps): update module github.com/caddyserver/certmagic to v0.19.2
[[#2401](#2401)]
- chore(deps): update postgres docker tag to v12.16
[[#2397](#2397)]
- fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.17
[[#2387](#2387)]
- fix(deps): update module github.com/google/uuid to v1.3.1
[[#2386](#2386)]
- chore(deps): update dependency unplugin-vue-components to ^0.25.0
[[#2395](#2395)]
- fix(deps): update dependency @intlify/unplugin-vue-i18n to ^0.13.0
[[#2398](#2398)]
- chore(deps): update dependency unplugin-icons to ^0.17.0
[[#2394](#2394)]
- chore(deps): update golang docker tag
[[#2396](#2396)]
- fix(deps): update module github.com/moby/moby to
v20.10.25+incompatible
[[#2388](#2388)]
- fix(deps): update module github.com/docker/docker to
v20.10.25+incompatible
[[#2385](#2385)]
- fix(deps): update module github.com/docker/cli to
v20.10.25+incompatible
[[#2384](#2384)]
- fix(deps): update module github.com/alessio/shellescape to v1.4.2
[[#2381](#2381)]
- fix(deps): update golang.org/x/exp digest to 9212866
[[#2380](#2380)]
- Check for correct license header
[[#2137](#2137)]
- Add TestCompilerCompile
[[#2183](#2183)]
- Fix `docs` workflow
[[#2128](#2128)]
- Add some tests for bitbucket forge
[[#2097](#2097)]
- Publish releases and branch tags to quay.io too
[[#2069](#2069)]
@BrewTestBot BrewTestBot mentioned this pull request Nov 23, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pat-s pat-s pat-s approved these changes

Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@pat-s