67fc5c70b9
build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 ( #6343 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action )
from 4.35.2 to 4.35.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases ">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.35.3</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837 ">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850 ">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853 ">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852 ">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3 ">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865 ">#3865</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases ">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.35.4 - 07 May 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4 ">2.25.4</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3881 ">#3881</a></li>
</ul>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837 ">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850 ">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853 ">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852 ">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3 ">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865 ">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795 ">#3795</a></li>
<li>The Git version 2.36.0 requirement for improved incremental analysis
now only applies to repositories that contain submodules. <a
href="https://redirect.github.com/github/codeql-action/pull/3789 ">#3789</a></li>
<li>Python analysis on GHES no longer extracts the standard library,
relying instead on models of the standard library. This should result in
significantly faster extraction and analysis times, while the effect on
alerts should be minimal. <a
href="https://redirect.github.com/github/codeql-action/pull/3794 ">#3794</a></li>
<li>Fixed a bug in the validation of OIDC configurations for private
registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3807 ">#3807</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2 ">2.25.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3823 ">#3823</a></li>
</ul>
<h2>4.35.1 - 27 Mar 2026</h2>
<ul>
<li>Fix incorrect minimum required Git version for <a
href="https://redirect.github.com/github/roadmap/issues/1158 ">improved
incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3781 ">#3781</a></li>
</ul>
<h2>4.35.0 - 27 Mar 2026</h2>
<ul>
<li>Reduced the minimum Git version required for <a
href="https://redirect.github.com/github/roadmap/issues/1158 ">improved
incremental analysis</a> from 2.38.0 to 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3767 ">#3767</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1 ">2.25.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3773 ">#3773</a></li>
</ul>
<h2>4.34.1 - 20 Mar 2026</h2>
<ul>
<li>Downgrade default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3 ">2.24.3</a>
due to issues with a small percentage of Actions and JavaScript
analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3762 ">#3762</a></li>
</ul>
<h2>4.34.0 - 20 Mar 2026</h2>
<ul>
<li>Added an experimental change which disables TRAP caching when <a
href="https://redirect.github.com/github/roadmap/issues/1158 ">improved
incremental analysis</a> is enabled, since improved incremental analysis
supersedes TRAP caching. This will improve performance and reduce
Actions cache usage. We expect to roll this change out to everyone in
March. <a
href="https://redirect.github.com/github/codeql-action/pull/3569 ">#3569</a></li>
<li>We are rolling out improved incremental analysis to C/C++ analyses
that use build mode <code>none</code>. We expect this rollout to be
complete by the end of April 2026. <a
href="https://redirect.github.com/github/codeql-action/pull/3584 ">#3584</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0 ">2.25.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3585 ">#3585</a></li>
</ul>
<h2>4.33.0 - 16 Mar 2026</h2>
<ul>
<li>Upcoming change: Starting April 2026, the CodeQL Action will skip
collecting file coverage information on pull requests to improve
analysis performance. File coverage information will still be computed
on non-PR analyses. Pull request analyses will log a warning about this
upcoming change. <a
href="https://redirect.github.com/github/codeql-action/pull/3562 ">#3562</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/e46ed2cbd01164d986452f91f178727624ae40d7 "><code>e46ed2c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3867 ">#3867</a>
from github/update-v4.35.3-8c6e48dbe</li>
<li><a
href="https://github.com/github/codeql-action/commit/b73d1d163446ca5e62b96698027210ab41df6a4a "><code>b73d1d1</code></a>
Add changelog entry for <a
href="https://redirect.github.com/github/codeql-action/issues/3853 ">#3853</a></li>
<li><a
href="https://github.com/github/codeql-action/commit/24e0bb00a931e2a5edb703ce3b22a70f3a3e800b "><code>24e0bb0</code></a>
Reorder changelog entries</li>
<li><a
href="https://github.com/github/codeql-action/commit/ec298daba71cf7592feacbd1c0887cddc0659f62 "><code>ec298da</code></a>
Update changelog for v4.35.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/8c6e48dbe051ceb3015c19554831af1b43275f46 "><code>8c6e48d</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3865 ">#3865</a>
from github/update-bundle/codeql-bundle-v2.25.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/719098349ea5beae8aa364bf9b71ff1c8d937df2 "><code>7190983</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/2bb209555a024d051f6271c8a846b402497f9445 "><code>2bb2095</code></a>
Update default bundle to codeql-bundle-v2.25.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/7851e55dc3be31ec4bcc3ef98453de2cb306e698 "><code>7851e55</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3850 ">#3850</a>
from github/mbg/private-registry/cloudsmith-gcp</li>
<li><a
href="https://github.com/github/codeql-action/commit/262a15f6cf4c7a43d6a38ad76392e5e2d4977751 "><code>262a15f</code></a>
Add generic non-printable chars test for OIDC configs</li>
<li><a
href="https://github.com/github/codeql-action/commit/a6109b1c07173a53ece3d179a925ff9644d1fabd "><code>a6109b1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3853 ">#3853</a>
from github/mbg/start-proxy/improved-checks</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...e46ed2cbd01164d986452f91f178727624ae40d7 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected] >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-11 10:36:16 +01:00
1e6514a471
build(deps): bump org.projectlombok:lombok from 1.18.44 to 1.18.46 ( #6342 )
...
Bumps
[org.projectlombok:lombok](https://github.com/projectlombok/lombok ) from
1.18.44 to 1.18.46.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown ">org.projectlombok:lombok's
changelog</a>.</em></p>
<blockquote>
<h3>v1.18.46 (April 22nd, 2026)</h3>
<ul>
<li>PLATFORM: JDK26 support added <a
href="https://redirect.github.com/projectlombok/lombok/issues/4019 ">#4019</a>.</li>
<li>PLATFORM: Spring Tools Suite 5 supported <a
href="https://redirect.github.com/projectlombok/lombok/issues/3985 ">#3985</a>.</li>
<li>BUGFIX: <code>@Jacksonized</code> no longer stops generating
<code>@JsonProperty</code> once an explicit <code>@JsonIgnore</code>
annotations is encountered <a
href="https://redirect.github.com/projectlombok/lombok/issues/4022 ">#4022</a>.</li>
<li>BUGFIX: In eclipse, mixing <code>@Jacksonized</code> and
<code>fluent = true</code> no longer causes the error
<code>com.fasterxml.jackson.annotation.JsonProperty is not a repeatable
annotation interface</code>. <a
href="https://redirect.github.com/projectlombok/lombok/issues/3934 ">#3934</a>.</li>
<li>BUGFIX: Some finishing touches for v1.18.44's support of Jackson3 <a
href="https://redirect.github.com/projectlombok/lombok/issues/4004 ">#4004</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/projectlombok/lombok/commit/936ca59baf844fd6c0ad641974295498785d8091 "><code>936ca59</code></a>
[build] lombok's launcher is still intended to be 1.4 compatible, or at
least...</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/fcdab3f29e1b48c8f4b33ef9231ec2587a43d122 "><code>fcdab3f</code></a>
[version] pre-release version bump</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/1cb7d49c5d2dc98af7a66413d8119dec285d0666 "><code>1cb7d49</code></a>
[changelog]<a
href="https://redirect.github.com/projectlombok/lombok/issues/4004 ">#4004</a>
Mention Jackson3 final touches in changelog.</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/12a15b00555ec8097eca2bf7d77c2c2124e13e0e "><code>12a15b0</code></a>
Fix: Bump EA_JDK to 27 (25 and 26 have been released)</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/2be766cfc2ef56f2d986f28f734c98535d611aee "><code>2be766c</code></a>
Merge branch 'jackson3-final-touches'</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/290fa4c8539c7e97b47f7e80033e078127050eb5 "><code>290fa4c</code></a>
[trivial] constantize the warning we spit out for ambiguous jackson2/3,
and m...</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/e6567b6621f86b43033ab4a75e0273780e18e998 "><code>e6567b6</code></a>
test: Add Jackson 3 test cases and version ambiguity warnings</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/45e72e241abe98dcfb66408402da825dd2b8e925 "><code>45e72e2</code></a>
feat: Add Jackson 3 databind/dataformat annotations to HandlerUtil copy
lists</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/184d42363d86446a63b6270ac1eb352dc43ae76c "><code>184d423</code></a>
feat: Add Jackson 3 support to <a
href="https://github.com/Jacksonized "><code>@Jacksonized</code></a>
handlers</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/e027ad0f1515bd33d4d329d90e59dccbaf44651e "><code>e027ad0</code></a>
refactored to ShadowClassLoader use Collections::enumeration instead of
Vector</li>
<li>Additional commits viewable in <a
href="https://github.com/projectlombok/lombok/compare/v1.18.44...v1.18.46 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected] >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-11 10:36:04 +01:00
c4874deb5d
build(deps): bump step-security/harden-runner from 2.19.0 to 2.19.1 ( #6341 )
...
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner )
from 2.19.0 to 2.19.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases ">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.19.1</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: detect ubuntu-slim runners early and bail out by <a
href="https://github.com/devantler "><code>@devantler</code></a> in <a
href="https://redirect.github.com/step-security/harden-runner/pull/657 ">step-security/harden-runner#657</a></li>
</ul>
<p>What the fix changes</p>
<ul>
<li>Harden-Runner will detect <code>ubuntu-slim</code> runners and exit
cleanly with an informational log message, instead of post harden runner
step failing on chown: invalid user: 'undefined'.</li>
</ul>
<p>What the fix does not do</p>
<ul>
<li>Jobs running on <code>ubuntu-slim</code> will not be monitored by
Harden-Runner. The agent relies on kernel-level features (that require
elevated capabilities).</li>
<li>Per GitHub's docs on <a
href="https://docs.github.com/en/actions/reference/runners/github-hosted-runners#single-cpu-runners ">single-CPU
runners</a>: "The container for ubuntu-slim runners runs in
unprivileged mode. This means that some operations requiring elevated
privileges such as mounting file systems, using Docker-in-Docker, or
accessing low-level kernel features are not supported." Those
low-level kernel features are what the agent needs, so monitoring inside
the unprivileged container is not feasible today.</li>
</ul>
<p>For StepSecurity enterprise customers
If your security posture requires that workflows are always monitored,
you can block the use of <code>ubuntu-slim</code> via workflow run
policies see the <a
href="https://docs.stepsecurity.io/workflow-run-policies/policies#runner-label-policy ">Runner
Label Policy</a> docs. This lets you enforce that jobs only run on
monitored runner types.</p>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/devantler "><code>@devantler</code></a>
made their first contribution in <a
href="https://redirect.github.com/step-security/harden-runner/pull/657 ">step-security/harden-runner#657</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2.19.0...v2.19.1 ">https://github.com/step-security/harden-runner/compare/v2.19.0...v2.19.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/a5ad31d6a139d249332a2605b85202e8c0b78450 "><code>a5ad31d</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/657 ">#657</a>
from devantler/fix/ubuntu-slim-user-env</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6e928567d74554b8842dd434908da31c593ba85c "><code>6e92856</code></a>
build dist and trim ubuntu-slim message</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4e0504ee086374bdec7064e5c26d48af41ba6209 "><code>4e0504e</code></a>
Merge branch 'main' into fix/ubuntu-slim-user-env</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/376d25a97f3a1640ff8cbbddaa4af25948df2cf3 "><code>376d25a</code></a>
fix: detect ubuntu-slim runners early and bail out</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/8d3c67de8e2fe68ef647c8db1e6a09f647780f40...a5ad31d6a139d249332a2605b85202e8c0b78450 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected] >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-11 10:35:44 +01:00
James Brunton and GitHub
4ee47fdddd
Fix Task commands in Powershell ( #6330 )
2026-05-08 10:47:36 +01:00
James Brunton and GitHub
270af912d4
Fix frontend download links pointing to split Mac binaries ( #6325 )
2026-05-07 20:25:01 +01:00
Anthony Stirling and GitHub
efd2ed754c
Enhance automate to have import and export buttons ( #6326 )
2026-05-07 20:23:11 +01:00
6730ad7cbb
Desktop: persist auth token to disk when Credential Manager is restricted ( #6303 )
...
Co-authored-by: James Brunton <[email protected] >
2026-05-07 16:02:48 +01:00
James Brunton and GitHub
8fb9fced35
Convert to building a universal Mac app ( #6302 )
2026-05-07 14:26:28 +01:00
ed56490f93
Fix move button on multitool ( #6291 )
...
Hitting move button twice on multitool didn't work
---------
Co-authored-by: EthanHealy01 <[email protected] >
2026-05-05 20:46:47 +00:00
c892b985e2
build(deps): bump springSecuritySamlVersion from 7.0.4 to 7.0.5 ( #6255 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 19:01:06 +01:00
James Brunton and GitHub
95c39b4648
Fix missing desktop save indicator on files ( #6310 )
...
# Description of Changes
Save indicator stopped showing up after #6050 , which fixed the missing
truncation on filenames, but accidentally bypassed the save indicator
component at the same time. This PR puts the component back in and makes
it support truncation so we can have both.
<img width="586" height="166" alt="image"
src="https://github.com/user-attachments/assets/529c3dcb-ee00-4a6d-ae53-ef8657204369 "
/>
2026-05-05 11:19:11 +00:00
44f2d0d679
build(deps): bump the embedpdf group across 1 directory with 23 updates ( #6299 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 12:15:01 +01:00
1a63aa045e
build(deps): bump the tauri group across 1 directory with 7 updates ( #6305 )
...
Bumps the tauri group with 5 updates in the /frontend/src-tauri
directory:
| Package | From | To |
| --- | --- | --- |
| [tauri](https://github.com/tauri-apps/tauri ) | `2.10.2` | `2.10.3` |
| [tauri-plugin-fs](https://github.com/tauri-apps/plugins-workspace ) |
`2.4.5` | `2.5.0` |
| [tauri-plugin-dialog](https://github.com/tauri-apps/plugins-workspace )
| `2.6.0` | `2.7.0` |
| [tauri-plugin-http](https://github.com/tauri-apps/plugins-workspace ) |
`2.5.7` | `2.5.8` |
|
[tauri-plugin-single-instance](https://github.com/tauri-apps/plugins-workspace )
| `2.4.0` | `2.4.1` |
Updates `tauri` from 2.10.2 to 2.10.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases ">tauri's
releases</a>.</em></p>
<blockquote>
<h2>tauri v2.10.3</h2>
<!-- raw HTML omitted -->
<pre><code>Fetching advisory database from
`https://github.com/RustSec/advisory-db.git `
Loaded 941 security advisories (from /home/runner/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (1052 crate dependencies)
Crate: atk
Version: 0.18.2
Warning: unmaintained
Title: gtk-rs GTK3 bindings - no longer maintained
Date: 2024-03-04
ID: RUSTSEC-2024-0413
URL: https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
├── wry 0.54.0
│ └── tauri-runtime-wry 2.10.1
│ └── tauri 2.10.3
│ ├── tauri-utils 2.8.3
│ │ ├── tauri-schema-generator 0.0.0
│ │ ├── tauri-runtime-wry 2.10.1
│ │ ├── tauri-runtime 2.10.1
│ │ │ ├── tauri-runtime-wry 2.10.1
│ │ │ └── tauri 2.10.3
│ │ ├── tauri-plugin 2.5.4
│ │ │ ├── tauri-plugin-sample 0.1.0
│ │ │ │ └── api 0.1.0
│ │ │ └── tauri-plugin-log 2.6.0
│ │ │ └── api 0.1.0
│ │ ├── tauri-macros 2.5.5
│ │ │ └── tauri 2.10.3
│ │ ├── tauri-codegen 2.5.5
│ │ │ ├── tauri-macros 2.5.5
│ │ │ └── tauri-build 2.5.6
│ │ │ ├── tauri-file-associations-demo 0.1.0
│ │ │ ├── tauri 2.10.3
│ │ │ ├── resources 0.1.0
│ │ │ ├── bench_helloworld 0.1.0
│ │ │ ├── bench_files_transfer 0.1.0
│ │ │ ├── bench_cpu_intensive 0.1.0
│ │ │ └── api 0.1.0
│ │ ├── tauri-cli 2.10.1
│ │ │ └── tauri-cli-node 0.0.0
│ │ ├── tauri-bundler 2.8.1
│ │ │ └── tauri-cli 2.10.1
│ │ ├── tauri-build 2.5.6
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/tauri/commit/9b17a7aeae9a83222ffe829aa4e2d8a5ba6bed8c "><code>9b17a7a</code></a>
fix(ci): bump rustsec/audit-check to v2 and ignore time audit (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15030 ">#15030</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/d86827980d45826bb30749a3dbc11c9326ed8bd9 "><code>d868279</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14897 ">#14897</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/3a65cc6885ea61e35dc5be23b229043ab6e92372 "><code>3a65cc6</code></a>
fix(test): disable <code>resolve_resource_dir</code> on Android (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15026 ">#15026</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/52cf195b78e0b78f02d8aae997116c620355b095 "><code>52cf195</code></a>
refactor(cli): reduce some nesting code (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14844 ">#14844</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/c3cbff3f7430161715f80f82128b345a6f7140c9 "><code>c3cbff3</code></a>
fix: resource path handles <code>./</code> path differently (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14662 ">#14662</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/33754ae5e3740d022483b6164511c5c001a3c24b "><code>33754ae</code></a>
fix(cli): unusable empty password private keys (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15022 ">#15022</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/3935dee121e1dcb4f377c9933233c0ace186b0bb "><code>3935dee</code></a>
Add AI tool policy to contributing guide (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15002 ">#15002</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/33932a72b27c970dde242da5241f7a340277507d "><code>33932a7</code></a>
chore(deps-dev): bump svelte from 5.51.5 to 5.53.5 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15015 ">#15015</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/7d3c7593a9d41ac1cc7f72e959263f22d32bc61d "><code>7d3c759</code></a>
chore(deps): update dependency rollup to v4.59.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15001 ">#15001</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/f20256bca542dfd6ba4b5e2741a6a9439cc57be8 "><code>f20256b</code></a>
chore: fix clippy warnings (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14999 ">#14999</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-v2.10.2...tauri-v2.10.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tauri-plugin-fs` from 2.4.5 to 2.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases ">tauri-plugin-fs's
releases</a>.</em></p>
<blockquote>
<h2>dialog-js v2.5.0</h2>
<h2>[2.5.0]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/dff6fa986a9a05ba98b6ca660fea78ae97251fc2 "><code>dff6fa98</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3034 ">#3034</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../onehumandev "><code>@onehumandev</code></a>)
Add <code>pickerMode</code> option to file picker (currently only used
on iOS)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>[email protected] </code></li>
</ul>
<h3>feat</h3>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/c23fa03f07d5c1c220bcf0bca482364513e3f754 "><code>c23fa03f</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3098 ">#3098</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../Lepidopteran "><code>@Lepidopteran</code></a>)
Add <code>xdg-portal</code> as an optional feature for
<code>rfd</code></li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn Unknown user config "always-auth". This
will stop working in the next major version of npm.
npm warn publish npm auto-corrected some errors in your package.json
when publishing. Please run "npm pkg fix" to address these
errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an
object
npm warn publish "repository.url" was normalized to
"git+https://github.com/tauri-apps/plugins-workspace.git" ;
npm notice
npm notice 📦 @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 3.5kB README.md
npm notice 6.4kB dist-js/index.cjs
npm notice 12.2kB dist-js/index.d.ts
npm notice 6.3kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 656B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-dialog
npm notice version: 2.5.0
npm notice filename: tauri-apps-plugin-dialog-2.5.0.tgz
npm notice package size: 5.8 kB
npm notice unpacked size: 30.0 kB
npm notice shasum: 52057077b52cc51643ac9829d48c2c590e5e1a54
npm notice integrity: sha512-I0R0ygwRd9AN8[...]lxPHD5vDcFjiA==
npm notice total files: 7
npm notice
npm notice Security Notice: Classic tokens have been revoked. Granular
tokens are now limited to 90 days and require 2FA by default. Update
your CI/CD workflows to avoid disruption. Learn more
https://gh.io/all-npm-classic-tokens-revoked
npm notice Publishing to https://registry.npmjs.org/ with tag latest and
public access
npm notice publish Signed provenance statement with source and build
information from GitHub Actions
npm notice publish Provenance statement published to transparency log:
https://search.sigstore.dev/?logIndex=804721691
+ @tauri-apps/[email protected]
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/d6a3898001a4bcc659e045f9501498751b77dbe6 "><code>d6a3898</code></a>
Publish New Versions (v2) (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3268 ">#3268</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/2e5bcdf202f98ec0fb0481725dd32f0626c766c8 "><code>2e5bcdf</code></a>
chore(deps): fix audits (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3373 ">#3373</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/4374b4fc1a9a7c0506034d86707fd3288d347f9b "><code>4374b4f</code></a>
chore(notification): remove unused dev-deps (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3372 ">#3372</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/f75d21db3351d6f12adf585c2c797c20ece94f7f "><code>f75d21d</code></a>
chore(deps): remove used of tauri-utils build feature (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3360 ">#3360</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/4b95f5e079593d5b2b98220c332f420dc70d18d1 "><code>4b95f5e</code></a>
chore(deps): update dependency eslint to v10.1.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3357 ">#3357</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/99c3e37b54c115e8712f67c2b53ed1f2f0b4aae6 "><code>99c3e37</code></a>
chore(deps): bump tar in /plugins/updater/tests/updater-migration/v1-app
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3352 ">#3352</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/eaac19a5b7e325a06d4c1c6d740e38d86c55cd89 "><code>eaac19a</code></a>
chore(deps): update rust crate tar to v0.4.45 [security] (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3353 ">#3353</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/5183e314cbabc179228e232992ad67025f30272d "><code>5183e31</code></a>
chore(deps): update dependency typescript-eslint to v8.57.1 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3344 ">#3344</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/2c0883e64e9a53ea18102ed350cd5e65ba7c8f4b "><code>2c0883e</code></a>
chore(deps): update dependency vite to v8 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3346 ">#3346</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/024ec0c29c20cf94579dab9b79d6be0da61a8daa "><code>024ec0c</code></a>
fix(deep-link): ChromeOS deep link calls filtered and ignored by plugin
(fix ...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/fs-v2.4.5...fs-v2.5.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tauri-plugin-dialog` from 2.6.0 to 2.7.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases ">tauri-plugin-dialog's
releases</a>.</em></p>
<blockquote>
<h2>dialog-js v2.7.0</h2>
<h2>[2.7.0]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/24154472a6710a690173df0a121125d1f1b871e8 "><code>24154472</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3287 ">#3287</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../Legend-Master "><code>@Legend-Master</code></a>)
Re-use <code>message</code> command in Rust side for <code>ask</code>
and <code>confirm</code> commands, <code>allow-ask</code> and
<code>allow-confirm</code> permissions are now aliases to
<code>allow-message</code></li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>[email protected] </code></li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn Unknown user config "always-auth". This
will stop working in the next major version of npm. See `npm help npmrc`
for supported config options.
npm warn publish npm auto-corrected some errors in your package.json
when publishing. Please run "npm pkg fix" to address these
errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an
object
npm warn publish "repository.url" was normalized to
"git+https://github.com/tauri-apps/plugins-workspace.git" ;
npm notice
npm notice 📦 @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 3.5kB README.md
npm notice 6.9kB dist-js/index.cjs
npm notice 14.6kB dist-js/index.d.ts
npm notice 6.8kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 657B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-dialog
npm notice version: 2.7.0
npm notice filename: tauri-apps-plugin-dialog-2.7.0.tgz
npm notice package size: 6.7 kB
npm notice unpacked size: 33.3 kB
npm notice shasum: b510ecd42d9900725eaf51f42ec98523c40d29b4
npm notice integrity: sha512-4nS/hfGMGCXiA[...]RtrKXkANKDHvw==
npm notice total files: 7
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and
public access
npm notice publish Signed provenance statement with source and build
information from GitHub Actions
npm notice publish Provenance statement published to transparency log:
https://search.sigstore.dev/?logIndex=1235993203
+ @tauri-apps/[email protected]
</code></pre>
<!-- raw HTML omitted -->
<h2>dialog v2.7.0</h2>
<h2>[2.7.0]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/24154472a6710a690173df0a121125d1f1b871e8 "><code>24154472</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3287 ">#3287</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../Legend-Master "><code>@Legend-Master</code></a>)
Re-use <code>message</code> command in Rust side for <code>ask</code>
and <code>confirm</code> commands, <code>allow-ask</code> and
<code>allow-confirm</code> permissions are now aliases to
<code>allow-message</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/51b430be986ed98635c02ba504f6f30a35771c01 "><code>51b430b</code></a>
ci: delete .changes/updater-new-bundle-support.md</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/fd439b143e265fc3ab4de435d6d4b641cffc66f1 "><code>fd439b1</code></a>
Publish New Versions (v2) (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2964 ">#2964</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/2522b71f6bcae65c03b24415eb9295c9e7c84ffc "><code>2522b71</code></a>
fix(deep-link): revert the breaking change introduced by <a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2928 ">#2928</a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2970 ">#2970</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/9021a732474322073769c1b21f6eee2e4b0dd15e "><code>9021a73</code></a>
chore(deps): update dependency rollup to v4.50.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2966 ">#2966</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/625bb1c0965394b88522643731f78ccbcca84add "><code>625bb1c</code></a>
feat(log): re-export the log crate (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2965 ">#2965</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/6215afe0239f815740a2c28150614ca4fef0b486 "><code>6215afe</code></a>
chore(deps): update dependency rollup to v4.49.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2962 ">#2962</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/8cf8eeab02efddd4e44e3bba92b33902a8c00956 "><code>8cf8eea</code></a>
feat(updater): inject bundle_type into endpoint url (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2960 ">#2960</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/509eba8d441c4f6ecf0af77b572cb2afd69a752d "><code>509eba8</code></a>
feat: support message dialogs with 3 buttons (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2641 ">#2641</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/9ac5fe84e704ef20c437456cb1017b54b101b333 "><code>9ac5fe8</code></a>
feat(updater): support bundle-specific targets (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2624 ">#2624</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/c24741031993894929a9ed00972ff9f6cd9540be "><code>c247410</code></a>
chore(deps): update dependency typescript-eslint to v8.41.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2956 ">#2956</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/log-v2.6.0...log-v2.7.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tauri-plugin-http` from 2.5.7 to 2.5.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases ">tauri-plugin-http's
releases</a>.</em></p>
<blockquote>
<h2>http-js v2.5.8</h2>
<h2>[2.5.8]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/29712892526cfc2d35c9002e0a56925084ae1b73 "><code>29712892</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3252 ">#3252</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../NVolcz "><code>@NVolcz</code></a>)
Correct Response header initialization to support cloning and ensure
Set-Cookie visibility.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>[email protected] </code></li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn Unknown user config "always-auth". This
will stop working in the next major version of npm. See `npm help npmrc`
for supported config options.
npm warn publish npm auto-corrected some errors in your package.json
when publishing. Please run "npm pkg fix" to address these
errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an
object
npm warn publish "repository.url" was normalized to
"git+https://github.com/tauri-apps/plugins-workspace.git" ;
npm notice
npm notice 📦 @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 2.6kB README.md
npm notice 7.1kB dist-js/index.cjs
npm notice 2.4kB dist-js/index.d.ts
npm notice 7.0kB dist-js/index.js
npm notice 655B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-http
npm notice version: 2.5.8
npm notice filename: tauri-apps-plugin-http-2.5.8.tgz
npm notice package size: 5.1 kB
npm notice unpacked size: 20.5 kB
npm notice shasum: a6e638fd0d1b17563ef0c53745373c0b1eb50260
npm notice integrity: sha512-oxd7oypzQeu8k[...]hKUbhuKWcunRw==
npm notice total files: 6
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and
public access
npm notice publish Signed provenance statement with source and build
information from GitHub Actions
npm notice publish Provenance statement published to transparency log:
https://search.sigstore.dev/?logIndex=1235993387
+ @tauri-apps/[email protected]
</code></pre>
<!-- raw HTML omitted -->
<h2>http v2.5.8</h2>
<h2>[2.5.8]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/29712892526cfc2d35c9002e0a56925084ae1b73 "><code>29712892</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3252 ">#3252</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../NVolcz "><code>@NVolcz</code></a>)
Correct Response header initialization to support cloning and ensure
Set-Cookie visibility.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/d6a3898001a4bcc659e045f9501498751b77dbe6 "><code>d6a3898</code></a>
Publish New Versions (v2) (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3268 ">#3268</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/2e5bcdf202f98ec0fb0481725dd32f0626c766c8 "><code>2e5bcdf</code></a>
chore(deps): fix audits (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3373 ">#3373</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/4374b4fc1a9a7c0506034d86707fd3288d347f9b "><code>4374b4f</code></a>
chore(notification): remove unused dev-deps (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3372 ">#3372</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/f75d21db3351d6f12adf585c2c797c20ece94f7f "><code>f75d21d</code></a>
chore(deps): remove used of tauri-utils build feature (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3360 ">#3360</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/4b95f5e079593d5b2b98220c332f420dc70d18d1 "><code>4b95f5e</code></a>
chore(deps): update dependency eslint to v10.1.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3357 ">#3357</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/99c3e37b54c115e8712f67c2b53ed1f2f0b4aae6 "><code>99c3e37</code></a>
chore(deps): bump tar in /plugins/updater/tests/updater-migration/v1-app
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3352 ">#3352</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/eaac19a5b7e325a06d4c1c6d740e38d86c55cd89 "><code>eaac19a</code></a>
chore(deps): update rust crate tar to v0.4.45 [security] (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3353 ">#3353</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/5183e314cbabc179228e232992ad67025f30272d "><code>5183e31</code></a>
chore(deps): update dependency typescript-eslint to v8.57.1 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3344 ">#3344</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/2c0883e64e9a53ea18102ed350cd5e65ba7c8f4b "><code>2c0883e</code></a>
chore(deps): update dependency vite to v8 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3346 ">#3346</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/024ec0c29c20cf94579dab9b79d6be0da61a8daa "><code>024ec0c</code></a>
fix(deep-link): ChromeOS deep link calls filtered and ignored by plugin
(fix ...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/http-v2.5.7...http-v2.5.8 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tauri-plugin-single-instance` from 2.4.0 to 2.4.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases ">tauri-plugin-single-instance's
releases</a>.</em></p>
<blockquote>
<h2>store-js v2.4.1</h2>
<h2>[2.4.1]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/93426f85120f49beb9f40222bff45185a32d54a9 "><code>93426f85</code></a>
Fixed an issue that caused docs.rs builds to fail. No user facing
changes.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn publish npm auto-corrected some errors in your
package.json when publishing. Please run "npm pkg fix" to
address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an
object
npm warn publish "repository.url" was normalized to
"git+https://github.com/tauri-apps/plugins-workspace.git" ;
npm notice
npm notice 📦 @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 4.4kB README.md
npm notice 6.6kB dist-js/index.cjs
npm notice 8.5kB dist-js/index.d.ts
npm notice 6.4kB dist-js/index.js
npm notice 711B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-store
npm notice version: 2.4.1
npm notice filename: tauri-apps-plugin-store-2.4.1.tgz
npm notice package size: 5.5 kB
npm notice unpacked size: 27.5 kB
npm notice shasum: 5e2d3362e41861d2fa79a3f1a78c091e12963236
npm notice integrity: sha512-ckGSEzZ5Ii4Hf[...]ugpGRDOFOunkA==
npm notice total files: 6
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and
public access
npm notice publish Signed provenance statement with source and build
information from GitHub Actions
npm notice publish Provenance statement published to transparency log:
https://search.sigstore.dev/?logIndex=644610830
+ @tauri-apps/[email protected]
</code></pre>
<!-- raw HTML omitted -->
<h2>store v2.4.1</h2>
<h2>[2.4.1]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/93426f85120f49beb9f40222bff45185a32d54a9 "><code>93426f85</code></a>
Fixed an issue that caused docs.rs builds to fail. No user facing
changes.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/d66aa6ff78cbbeaef1542a1fa930c33399578a25 "><code>d66aa6f</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2822 ">#2822</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/6f345870df4e7b187deb869df03b79858e03b4fe "><code>6f34587</code></a>
fix(single-instance): disable dbus name replacement (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2860 ">#2860</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/708fa4e2b77e847ce554115e80f7eb685f4a322e "><code>708fa4e</code></a>
chore(deps): update dependency eslint-config-prettier to v10.1.8 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2858 ">#2858</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/b7292030594daa04e78979214478031241b6e38e "><code>b729203</code></a>
fix(upload): fix download() locks main thread on Android (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2838 ">#2838</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/2f9c71aae77cddd4ca2ffe9d13e9e1f23ee4f478 "><code>2f9c71a</code></a>
chore(deps): update dependency rollup to v4.45.1 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2850 ">#2850</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/80d4d8e128922b022e76049189a657b71ce95a97 "><code>80d4d8e</code></a>
chore(deps): update eslint monorepo to v9.31.0 (v2) (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2839 ">#2839</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/e7a98b0d2e60463ff86a0f031ce3c84c83a21274 "><code>e7a98b0</code></a>
chore(deps): update dependency typescript-eslint to v8.37.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2848 ">#2848</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/44a1f659125a341191420e650608b0b6ff316a0e "><code>44a1f65</code></a>
fix(fs): <code>writeFile</code> create file by default (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2846 ">#2846</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/6210cd31df00bb3c55642013c74dc1da81fa00f9 "><code>6210cd3</code></a>
chore(deps): update dependency rollup to v4.45.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2841 ">#2841</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/467f07b7de4103a653e40fec8badb6f24abcef39 "><code>467f07b</code></a>
chore(deps): update dependency vite to v7 (v2) (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2800 ">#2800</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/fs-v2.4.0...fs-v2.4.1 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tauri-plugin-deep-link` from 2.4.7 to 2.4.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases ">tauri-plugin-deep-link's
releases</a>.</em></p>
<blockquote>
<h2>deep-link-js v2.4.9</h2>
<h2>[2.4.9]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/e6cdc9f52e2cd975b11b8e4c12879d597f1f76c3 "><code>e6cdc9f5</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3396 ">#3396</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../Legend-Master "><code>@Legend-Master</code></a>)
Fix broken iOS custom URL schemes</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn Unknown user config "always-auth". This
will stop working in the next major version of npm. See `npm help npmrc`
for supported config options.
npm warn publish npm auto-corrected some errors in your package.json
when publishing. Please run "npm pkg fix" to address these
errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an
object
npm warn publish "repository.url" was normalized to
"git+https://github.com/tauri-apps/plugins-workspace.git" ;
npm notice
npm notice 📦 @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 6.2kB README.md
npm notice 3.5kB dist-js/index.cjs
npm notice 2.9kB dist-js/index.d.ts
npm notice 3.4kB dist-js/index.js
npm notice 801B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-deep-link
npm notice version: 2.4.9
npm notice filename: tauri-apps-plugin-deep-link-2.4.9.tgz
npm notice package size: 4.4 kB
npm notice unpacked size: 17.7 kB
npm notice shasum: ae56d59130380f806b533b3107c3f16654e66a8d
npm notice integrity: sha512-u0SKOUHnJ1wqe[...]hIvqLBRpgHJlA==
npm notice total files: 6
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and
public access
npm notice publish Signed provenance statement with source and build
information from GitHub Actions
npm notice publish Provenance statement published to transparency log:
https://search.sigstore.dev/?logIndex=1429011657
+ @tauri-apps/[email protected]
</code></pre>
<!-- raw HTML omitted -->
<h2>deep-link v2.4.9</h2>
<h2>[2.4.9]</h2>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/e6cdc9f52e2cd975b11b8e4c12879d597f1f76c3 "><code>e6cdc9f5</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/3396 ">#3396</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../Legend-Master "><code>@Legend-Master</code></a>)
Fix broken iOS custom URL schemes</li>
</ul>
<!-- raw HTML omitted -->
<pre><code></tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/5c7668b6bb7c9a509f394d584568b3a922161e50 "><code>5c7668b</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3397 ">#3397</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/ec0540138bece081e9a87982091947360e61987a "><code>ec05401</code></a>
chore(deps): update rust crate toml to v1 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3323 ">#3323</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/b86e999beb9fb48ef54adf3d0af631f94c06a5d0 "><code>b86e999</code></a>
chore(deps): update tauri packages to 2.11 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3407 ">#3407</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/c463d8ab1422a4cf44f627a7b4e6ba9d3553f334 "><code>c463d8a</code></a>
chore(deps): update rustls-webpki in lockfile, ignore core2 in audit (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3405 ">#3405</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/1bb7beb3076a8bf76b084223d0e4225bb2e53bc9 "><code>1bb7beb</code></a>
chore(deps): bump openssl (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3402 ">#3402</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/3412fa2741b3b6e7a251e3548a43b21f2c26c635 "><code>3412fa2</code></a>
docs(readme): fix platform support matrix (opener supports mobile)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/af81fdac9881d4ed52fbc18b9511bf10f7540ebb "><code>af81fda</code></a>
docs(readme): fix platform support matrix (mobile is supported)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/c1fd33b3a2735f2e25c1d026dc524af932db3315 "><code>c1fd33b</code></a>
fix(opener): allow open network share locations (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3343 ">#3343</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/250857b7b72cd59825a14caa046160dc2ba1bb12 "><code>250857b</code></a>
chore(deps): update dependency typescript to v6 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3363 ">#3363</a>)</li>
<li><a
href="https://github.com/tauri-apps/plugins-workspace/commit/964e13f124ad1feeb93c10168b265dc4936f738c "><code>964e13f</code></a>
fix(store): dead lock trying to set while exiting (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/3395 ">#3395</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/deep-link-v2.4.7...deep-link-v2.4.9 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tauri-build` from 2.5.5 to 2.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases ">tauri-build's
releases</a>.</em></p>
<blockquote>
<h2>tauri-build v2.6.0</h2>
<!-- raw HTML omitted -->
<pre><code>Fetching advisory database from
`https://github.com/RustSec/advisory-db.git `
Loaded 1060 security advisories (from /home/runner/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (1086 crate dependencies)
Crate: atk
Version: 0.18.2
Warning: unmaintained
Title: gtk-rs GTK3 bindings - no longer maintained
Date: 2024-03-04
ID: RUSTSEC-2024-0413
URL: https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
├── wry 0.55.0
│ └── tauri-runtime-wry 2.11.0
│ └── tauri 2.11.0
│ ├── tauri-utils 2.9.0
│ │ ├── tauri-schema-generator 0.0.0
│ │ ├── tauri-runtime-wry 2.11.0
│ │ ├── tauri-runtime 2.11.0
│ │ │ ├── tauri-runtime-wry 2.11.0
│ │ │ └── tauri 2.11.0
│ │ ├── tauri-plugin 2.6.0
│ │ │ ├── tauri-plugin-sample 0.1.0
│ │ │ │ └── api 0.1.0
│ │ │ └── tauri-plugin-log 2.6.0
│ │ │ └── api 0.1.0
│ │ ├── tauri-macros 2.6.0
│ │ │ └── tauri 2.11.0
│ │ ├── tauri-codegen 2.6.0
│ │ │ ├── tauri-macros 2.6.0
│ │ │ └── tauri-build 2.6.0
│ │ │ ├── tauri-file-associations-demo 0.1.0
│ │ │ ├── tauri 2.11.0
│ │ │ ├── resources 0.1.0
│ │ │ ├── bench_helloworld 0.1.0
│ │ │ ├── bench_files_transfer 0.1.0
│ │ │ ├── bench_cpu_intensive 0.1.0
│ │ │ └── api 0.1.0
│ │ ├── tauri-cli 2.11.0
│ │ │ └── tauri-cli-node 0.0.0
│ │ ├── tauri-bundler 2.9.0
│ │ │ └── tauri-cli 2.11.0
│ │ ├── tauri-build 2.6.0
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tauri-apps/tauri/commit/e60834fc67d87c10e2f44b2568052295cb61c325 "><code>e60834f</code></a>
Apply Version Updates From Current Changes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15041 ">#15041</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/df05c00563a91fc936bd15c6b10dd2825472f96b "><code>df05c00</code></a>
chore: minor bump for codegen crate</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/13bea1777fed60c75e37fe67d7ded5dde0b2997d "><code>13bea17</code></a>
chore: fmt</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/9808236ebf7755d498d674b614f3fc75eeac1ec4 "><code>9808236</code></a>
fix(macOS): correct value for work_area.position.y (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14655 ">#14655</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/eb0312ea9e493954298ac0b3fdaae7eafb52750e "><code>eb0312e</code></a>
feat(mobile): Propagate tao::Event::Suspended and tao::Event::Resumed to
the ...</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/4ef5797f0fb27fa2df3f39f4a54e48ef319560ec "><code>4ef5797</code></a>
feat(ios): add --no-sign and --archive-only flags to ios build (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15061 ">#15061</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/110336c88a8c0a04476619db0a5c8f7694d969a5 "><code>110336c</code></a>
fix(macOS): fix incorrect window position on multi-monitor setups (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/15250 ">#15250</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/c00a3dbffccd6e051d3b7332f706b6c63759865d "><code>c00a3db</code></a>
feat(macros): add support for rename command macro in tauri-macros <a
href="https://redirect.github.com/tauri-apps/tauri/issues/14173 ">#14173</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/1 ">#1</a>...</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/764b9139a32de149d8a914a6b5ec6cd1937c64eb "><code>764b913</code></a>
feat(cli): restart Android emulator if it is disconnected from adb (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14313 ">#14313</a>)</li>
<li><a
href="https://github.com/tauri-apps/tauri/commit/1035f12eeb8b23d9780881606d442d11c786e39e "><code>1035f12</code></a>
fix(windows): tauri-bundler detect arm system (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/14923 ">#14923</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-build-v2.5.5...tauri-build-v2.6.0 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
---------
Signed-off-by: dependabot[bot] <[email protected] >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 12:05:54 +01:00
1ae24e18b5
build(deps): bump eclipse-temurin from a051234 to b27ca47 in /docker/base ( #6292 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 11:42:36 +01:00
4764f1931b
build(deps): bump sha2 from 0.10.9 to 0.11.0 in /frontend/src-tauri ( #6180 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 11:40:58 +01:00
7f00441aab
build(deps): bump windows from 0.58.0 to 0.61.3 in /frontend/src-tauri ( #6185 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 11:40:46 +01:00
561d07b8b1
build(deps): bump globals from 17.4.0 to 17.5.0 in /frontend ( #6285 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 11:40:13 +01:00
f39db01919
build(deps): bump step-security/harden-runner from 2.15.1 to 2.19.0 ( #6228 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 11:39:59 +01:00
4ab7d3b3ae
build(deps): bump the mui group across 1 directory with 2 updates ( #6301 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 10:53:16 +01:00
d8519a6517
build(deps): bump com.google.guava:guava from 33.5.0-jre to 33.6.0-jre ( #6283 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 10:39:53 +01:00
34c9e9bdc5
build(deps): bump actions/setup-node from 6.3.0 to 6.4.0 ( #6258 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 10:38:42 +01:00
4663a9a194
build(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 3.0.2 to 3.0.3 in /app/common ( #6286 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 10:35:19 +01:00
f89f7d99ba
build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 ( #6297 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-05-05 10:34:45 +01:00
84e30cd008
build(deps): bump actions/github-script from 7.1.0 to 9.0.0 ( #6298 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 10:33:13 +01:00
69236a89c8
build(deps): bump gradle/actions from 5.0.1 to 6.1.0 ( #6294 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 10:32:53 +01:00
b66e12d15d
build(deps): bump eclipse-temurin from a051234 to b27ca47 in /docker/embedded ( #6293 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 10:32:29 +01:00
3fe8adc5cb
Switch key areas to lazily import to improve Vite chunk size ( #6278 )
...
# Description of Changes
Vite currently warns that when it's bundling our code that the chunk
size is way too high because most of the imports are static so it can't
split them into smaller chunks. This PR changes a few key areas to use
lazy imports to try and make the chunks as small as possible with
minimal code changes.
Vite's warnings kick in at minified chunks being >500kB, and we've got a
little way to go still to reach that, but we can keep chipping away at
this and I'd rather get the biggest wins done now. I've also included
Lighthouse scores because there's been discussion about improving ours
recently. It's not the aim of this PR to improve it, but it's nice that
it makes it a little better.
## Current main chunks
Build split into 12 chunks. Largest chunk in build is:
```
[frontend:build] dist/assets/index-B6JiWDxZ.js 5,175.51 kB │ gzip: 1,495.85 kB
```
<img width="1442" height="775" alt="image"
src="https://github.com/user-attachments/assets/b0e8a3fa-4ef3-4ccd-8c1d-bfed2d99bd27 "
/>
Lighthouse score:
<img width="423" height="146" alt="before"
src="https://github.com/user-attachments/assets/c62056e8-2e77-49a6-a1ae-f08ec8021fb3 "
/>
## This PR's chunks
Build split into 176 chunks. Largest chunk in build is:
```
[frontend:build] dist/assets/index-qCgeCY4B.js 2,878.54 kB │ gzip: 861.03 kB
```
<img width="1447" height="776" alt="image"
src="https://github.com/user-attachments/assets/8d0c3cf0-cc25-41c3-b114-4940d3e99349 "
/>
Lighthouse score:
<img width="402" height="145" alt="after"
src="https://github.com/user-attachments/assets/99a26eb3-bd15-4b92-bf22-82b58b458f52 "
/>
---------
Co-authored-by: EthanHealy01 <[email protected] >
2026-05-01 15:21:06 +00:00
51f5345151
Inform AI engine which endpoints are disabled on the backend ( #6251 )
...
# Description of Changes
Have the Java send a list of enabled endpoints to the AI engine so it
can intelligently respond to the user that the tool does exist but is
disabled on the server so it can't acutally run the operation, instead
of the current behaviour where it sends the API call back and then 503
errors because the execution fails when the URL is disabled.
<img width="380" height="208" alt="image"
src="https://github.com/user-attachments/assets/5842fb2e-2e55-45a5-8205-25515636daae "
/>
---------
Co-authored-by: EthanHealy01 <[email protected] >
2026-05-01 14:59:53 +00:00
James Brunton and GitHub
5541dd666c
Flesh out RAG system ( #6197 )
...
# Description of Changes
Flesh out the RAG system and connect it to the PDF Question Agent so it
can respond to questions about PDFs of an extremely large size.
I'd expect lots more work will need to be done to finish off the RAG
system to really be what we need, but this should be a reasonable start
which will let us connect it to tools and have the ingestion mostly
handled automatically. I'm leaving file deletion and proper file ID
management to be done in a future PR. We also need to consider whether
all tools should retrieve content exclusively via RAG, or whether it's
beneficial to have tools sometimes fetch the direct content and other
times fetch it from RAG.
A diagram of the expected interaction is as follows:
```mermaid
sequenceDiagram
autonumber
actor U as User
participant FE as Frontend<br/>(ChatPanel)
participant J as Java<br/>(AiWorkflowService)
participant O as Engine:<br/>OrchestratorAgent
participant QA as Engine:<br/>PdfQuestionAgent
participant RAG as Engine:<br/>RagService + SqliteVecStore
participant V as VoyageAI<br/>(embeddings)
participant L as LLM<br/>(Claude / etc.)
U->>FE: types "Summarise this PDF"<br/>(PDF already uploaded)
FE->>J: POST /api/v1/ai/orchestrate/stream<br/>multipart: fileInputs[], userMessage
Note over J: ByteHashFileIdStrategy<br/>id = sha256(bytes)[:16]
J->>O: POST /api/v1/orchestrator<br/>{ files:[{id,name}], userMessage }
O->>L: route via fast model
L-->>O: delegate_pdf_question
O->>QA: PdfQuestionRequest
loop for each file
QA->>RAG: has_collection(file.id)
RAG-->>QA: false
end
QA-->>O: NeedIngestResponse(files_to_ingest)
O-->>J: { outcome:"need_ingest", filesToIngest:[...] }
Note over J: onNeedIngest
loop per file
J->>J: PDFBox: extract page text
J->>O: POST /api/v1/rag/documents<br/>(long-running timeout)
O->>RAG: chunk + stage documents
O->>V: embed_documents (batches of 256)
V-->>O: embeddings
O->>RAG: add_documents
O-->>J: { chunks_indexed: N }
end
Note over J: retry with resumeWith=pdf_question
J->>O: POST /api/v1/orchestrator
Note over O: fast-path to PdfQuestionAgent
O->>QA: PdfQuestionRequest
Note over QA: build RagCapability<br/>pinned to file IDs
QA->>L: run(prompt) with search_knowledge tool
loop up to max_searches
L->>QA: search_knowledge(query)
QA->>V: embed_query
V-->>QA: query vector
QA->>RAG: search(vector, collections=[file.id])
RAG-->>QA: top-k chunks
QA-->>L: formatted chunks
end
Note over QA: once budget spent,<br/>prepare() hides the tool
L-->>QA: PdfQuestionAnswerResponse
QA-->>O: answer
O-->>J: { outcome:"answer", answer, evidence }
J-->>FE: SSE "result"
FE->>U: assistant bubble
```
2026-05-01 14:11:54 +01:00
Anthony Stirling and GitHub
5605062153
Add Dependabot groups for frontend npm + cargo deps ( #6287 )
2026-05-01 11:37:07 +01:00
86774d556e
Pdf comment agent ( #6196 )
...
Co-authored-by: James Brunton <[email protected] >
2026-05-01 10:19:38 +01:00
2dc5276e8b
Fix French translations for various terms ( #6218 )
...
Co-authored-by: Copilot <[email protected] >
2026-04-30 23:09:57 +01:00
c58deb6b55
build(deps): bump tauri-apps/tauri-action from 0.5.25 to 0.6.2 ( #6257 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-30 22:36:15 +01:00
Anthony Stirling and GitHub
324a7cd25e
decouple appimage ( #6281 )
2026-04-30 21:36:33 +01:00
Anthony Stirling and GitHub
d28ad89f64
gha cleanups ( #6275 )
...
# Description of Changes
Adds all pre commit PR checks under single file with job validator to
have a true "required" run step "all-checks-passed" check
Moves all GHAs into workflow helper function calls
Note if: always() overrides the default skip-on-needs-failure, "Needs"
is added to ensure the validation runs at end of all other tasks
---
## Checklist
### General
- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md )
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md )
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md )
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/ )
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags )
(for new translation tags only)
### Translations (if applicable)
- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md )
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have run `task check` to verify linters, typechecks, and tests
pass
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#7-testing )
for more details.
2026-04-30 17:08:34 +01:00
Anthony Stirling and GitHub
d8c1ffa8ef
fix stubs playwright ( #6274 )
2026-04-30 12:37:15 +01:00
b552feaf28
Update Backend 3rd Party Licenses ( #6264 )
...
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
2026-04-30 10:19:08 +01:00
Peter Dave Hello and GitHub
890cf16f74
Adjust zh-TW translation ignore list ( #6062 )
2026-04-29 10:55:51 +01:00
493757bf41
build(deps): bump com.google.guava:guava from 33.5.0-jre to 33.6.0-jre in /app/common ( #6260 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 21:42:20 +01:00
99b9b60f50
build(deps-dev): bump @stylistic/stylelint-plugin from 4.0.0 to 5.1.0 in /devTools ( #6177 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 21:42:02 +01:00
85aa722f37
build(deps): bump the npm_and_yarn group across 2 directories with 8 updates ( #6266 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 21:41:45 +01:00
1c42ce7087
build(deps): bump com.github.junrar:junrar from 7.5.8 to 7.5.10 in /app/common ( #6261 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 18:45:49 +01:00
5bd62eeb5c
build(deps): bump github/codeql-action from 4.32.6 to 4.35.2 ( #6256 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 18:45:38 +01:00
87e5b84324
build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 ( #6254 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 18:45:24 +01:00
568c6da165
build(deps-dev): bump stylelint from 17.4.0 to 17.8.0 in /devTools ( #6253 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 18:45:09 +01:00
Anthony Stirling and GitHub
c818db1042
ci(tauri): skip Linux GPG signing when secret is missing ( #6263 )
2026-04-28 18:43:52 +01:00
cd3a59f077
build(deps): bump com.drewnoakes:metadata-extractor from 2.19.0 to 2.20.0 ( #6184 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-04-28 17:40:22 +01:00
05e2ce45d4
build(deps): bump com.drewnoakes:metadata-extractor from 2.19.0 to 2.20.0 in /app/common ( #6193 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected] >
2026-04-28 17:40:04 +01:00
94cf25b319
Update Backend 3rd Party Licenses ( #6243 )
...
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
2026-04-28 17:38:00 +01:00
4149276b01
build(deps): bump actions/dependency-review-action from 4.8.2 to 4.9.0 ( #6230 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-28 17:37:43 +01:00