3ef6600
fix(ssrf): handle DNS resolution in SSRF protection
Ayman Bagabas created
Commit log
19bc627
fix(ssh): add argument validation to webhook deliveries commands
Ayman Bagabas created
45855b6
chore(deps): bump the all group across 1 directory with 10 updates (#787)
Click to expand commit body
Bumps the all group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [charm.land/bubbles/v2](https://github.com/charmbracelet/bubbles) | `2.0.0-rc.1.0.20251208171859-93a004ab70c8` | `2.0.0` | | [github.com/caarlos0/env/v11](https://github.com/caarlos0/env) | `11.3.1` | `11.4.0` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.16.5` | `5.17.0` | | [github.com/lib/pq](https://github.com/lib/pq) | `1.11.1` | `1.11.2` | | [github.com/lrstanley/bubblezone/v2](https://github.com/lrstanley/bubblezone) | `2.0.0-alpha.3` | `2.0.0` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.47.0` | `0.48.0` | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `1.44.3` | `1.46.1` | Updates `charm.land/bubbles/v2` from 2.0.0-rc.1.0.20251208171859-93a004ab70c8 to 2.0.0 - [Release notes](https://github.com/charmbracelet/bubbles/releases) - [Commits](https://github.com/charmbracelet/bubbles/commits/v2.0.0) Updates `charm.land/bubbletea/v2` from 2.0.0-rc.2.0.20251216153312-819e2e89c62e to 2.0.0 - [Release notes](https://github.com/charmbracelet/bubbletea/releases) - [Commits](https://github.com/charmbracelet/bubbletea/commits/v2.0.0) Updates `charm.land/lipgloss/v2` from 2.0.0-beta.3.0.20251205162909-7869489d8971 to 2.0.0 - [Release notes](https://github.com/charmbracelet/lipgloss/releases) - [Commits](https://github.com/charmbracelet/lipgloss/commits/v2.0.0) Updates `github.com/caarlos0/env/v11` from 11.3.1 to 11.4.0 - [Release notes](https://github.com/caarlos0/env/releases) - [Commits](https://github.com/caarlos0/env/compare/v11.3.1...v11.4.0) Updates `github.com/charmbracelet/colorprofile` from 0.4.1 to 0.4.2 - [Release notes](https://github.com/charmbracelet/colorprofile/releases) - [Commits](https://github.com/charmbracelet/colorprofile/compare/v0.4.1...v0.4.2) Updates `github.com/go-git/go-git/v5` from 5.16.5 to 5.17.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.16.5...v5.17.0) Updates `github.com/lib/pq` from 1.11.1 to 1.11.2 - [Release notes](https://github.com/lib/pq/releases) - [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md) - [Commits](https://github.com/lib/pq/compare/v1.11.1...v1.11.2) Updates `github.com/lrstanley/bubblezone/v2` from 2.0.0-alpha.3 to 2.0.0 - [Commits](https://github.com/lrstanley/bubblezone/compare/v2.0.0-alpha.3...v2.0.0) Updates `golang.org/x/crypto` from 0.47.0 to 0.48.0 - [Commits](https://github.com/golang/crypto/compare/v0.47.0...v0.48.0) Updates `modernc.org/sqlite` from 1.44.3 to 1.46.1 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.44.3...v1.46.1) --- updated-dependencies: - dependency-name: charm.land/bubbles/v2 dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: charm.land/bubbletea/v2 dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: charm.land/lipgloss/v2 dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/caarlos0/env/v11 dependency-version: 11.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/charmbracelet/colorprofile dependency-version: 0.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/go-git/go-git/v5 dependency-version: 5.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/lib/pq dependency-version: 1.11.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/lrstanley/bubblezone/v2 dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: golang.org/x/crypto dependency-version: 0.48.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: modernc.org/sqlite dependency-version: 1.46.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
e80b183
Merge commit from fork
Click to expand commit body
* fix: apply SSRF protection to LFS HTTP client The LFS HTTP client uses http.DefaultClient which has no SSRF protection. This allows server-side requests from LFS operations to reach private/internal networks. The webhook subsystem already has SSRF protection via secureHTTPClient with IP validation and redirect blocking, but the LFS code path was missed. Add a shared pkg/ssrf package with a secure HTTP client constructor that validates resolved IPs before dialing (blocking private, link- local, loopback, CGNAT, and reserved ranges) and blocks redirects. Replace http.DefaultClient in newHTTPClient() with ssrf.NewSecureClient() at both locations (batch API client and BasicTransferAdapter). * refactor: consolidate webhook SSRF protection into pkg/ssrf Pull shared IP validation into pkg/ssrf so both the LFS client and webhook client use the same SSRF protection. The webhook validator becomes a thin wrapper and the inline secureHTTPClient is replaced with ssrf.NewSecureClient(). Two latent issues in the webhook path fixed in the process: - nil ParseIP result was silently allowed through (now fail-closed) - IPv6-mapped IPv4 bypassed manual range checks (now normalized) Error aliases kept in pkg/webhook for backward compatibility.
Vinayak Mishra created
41aa86b
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 (#784)
Click to expand commit body
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.16.4 to 5.16.5. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.16.4...v5.16.5) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-version: 5.16.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
a4edda0
chore(deps): bump github.com/charmbracelet/x/ansi in the all group (#783)
dependabot[bot] created
67188b7
chore(deps): bump the all group with 2 updates (#780)
Click to expand commit body
Bumps the all group with 2 updates: [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) and [github.com/lib/pq](https://github.com/lib/pq). Updates `github.com/golang-jwt/jwt/v5` from 5.3.0 to 5.3.1 - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Commits](https://github.com/golang-jwt/jwt/compare/v5.3.0...v5.3.1) Updates `github.com/lib/pq` from 1.10.9 to 1.11.1 - [Release notes](https://github.com/lib/pq/releases) - [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md) - [Commits](https://github.com/lib/pq/compare/v1.10.9...v1.11.1) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v5 dependency-version: 5.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/lib/pq dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
85fecd7
ci: sync dependabot config (#774)
Charm created
35a000e
chore(deps): bump the all group with 2 updates (#778)
Click to expand commit body
Bumps the all group with 2 updates: [github.com/alecthomas/chroma/v2](https://github.com/alecthomas/chroma) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `github.com/alecthomas/chroma/v2` from 2.23.0 to 2.23.1 - [Release notes](https://github.com/alecthomas/chroma/releases) - [Commits](https://github.com/alecthomas/chroma/compare/v2.23.0...v2.23.1) Updates `modernc.org/sqlite` from 1.44.2 to 1.44.3 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.44.2...v1.44.3) --- updated-dependencies: - dependency-name: github.com/alecthomas/chroma/v2 dependency-version: 2.23.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: modernc.org/sqlite dependency-version: 1.44.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
8539f9a
fix: authentication bypass
Ayman Bagabas created
91e4b2b
chore(deps): bump the all group with 4 updates (#776)
Click to expand commit body
Bumps the all group with 4 updates: [github.com/alecthomas/chroma/v2](https://github.com/alecthomas/chroma), [github.com/charmbracelet/x/ansi](https://github.com/charmbracelet/x), [golang.org/x/crypto](https://github.com/golang/crypto) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `github.com/alecthomas/chroma/v2` from 2.22.0 to 2.23.0 - [Release notes](https://github.com/alecthomas/chroma/releases) - [Commits](https://github.com/alecthomas/chroma/compare/v2.22.0...v2.23.0) Updates `github.com/charmbracelet/x/ansi` from 0.11.3 to 0.11.4 - [Commits](https://github.com/charmbracelet/x/compare/ansi/v0.11.3...ansi/v0.11.4) Updates `golang.org/x/crypto` from 0.46.0 to 0.47.0 - [Commits](https://github.com/golang/crypto/compare/v0.46.0...v0.47.0) Updates `modernc.org/sqlite` from 1.43.0 to 1.44.2 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.43.0...v1.44.2) --- updated-dependencies: - dependency-name: github.com/alecthomas/chroma/v2 dependency-version: 2.23.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/charmbracelet/x/ansi dependency-version: 0.11.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: golang.org/x/crypto dependency-version: 0.47.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: modernc.org/sqlite dependency-version: 1.44.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
2368256
chore(deps): bump the all group with 3 updates (#775)
Click to expand commit body
Bumps the all group with 3 updates: [github.com/alecthomas/chroma/v2](https://github.com/alecthomas/chroma), [github.com/spf13/cobra](https://github.com/spf13/cobra) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `github.com/alecthomas/chroma/v2` from 2.21.1 to 2.22.0 - [Release notes](https://github.com/alecthomas/chroma/releases) - [Commits](https://github.com/alecthomas/chroma/compare/v2.21.1...v2.22.0) Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2) Updates `modernc.org/sqlite` from 1.42.2 to 1.43.0 - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.42.2...v1.43.0) --- updated-dependencies: - dependency-name: github.com/alecthomas/chroma/v2 dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: modernc.org/sqlite dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
28c4854
feat: add support for certificate reloading upon SIGHUP (#710)
Click to expand commit body
* feat: add support for certificate reloading upon SIGHUP * fix: support certificate reloading for unix and add test * fix(cmd): move cert reloader logic to the serve package --------- Co-authored-by: Ayman Bagabas <ayman.bagabas@gmail.com>
Harsh Mantri and Ayman Bagabas created
0758e66
chore(ci): update linting workflow
Ayman Bagabas created
1249f9b
chore(lint): remove unused nolint directive
Ayman Bagabas created
2d0e48f
chore(lint): fix lint issues
Ayman Bagabas created
0f573f4
chore: update golangci-lint config
Ayman Bagabas created
000ab51
Merge commit from fork
Click to expand commit body
* fix: require admin privileges for force delete of LFS locks Move user context retrieval before the force flag check to ensure proper authorization. Force deletions now require admin privileges, preventing non-admin users from deleting locks owned by others. Fixes GHSA-6jm8-x3g6-r33j (CVE-2026-22253) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: improve comment clarity for force delete path Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Tomer Fichman and Claude Opus 4.5 created
62e2d5c
fix(ssh): ui: respect anon-access setting for the ui
Click to expand commit body
Fixes: https://github.com/charmbracelet/soft-serve/issues/759
Ayman Bagabas created
ba7d415
ci: sync golangci-lint config (#767)
Click to expand commit body
Co-authored-by: aymanbagabas <3187948+aymanbagabas@users.noreply.github.com>
github-actions[bot] and aymanbagabas created
c8779b1
chore(deps): bump the all group across 1 directory with 9 updates (#772)
Click to expand commit body
Bumps the all group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/alecthomas/chroma/v2](https://github.com/alecthomas/chroma) | `2.20.0` | `2.21.1` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.16.2` | `5.16.4` | | [github.com/google/go-querystring](https://github.com/google/go-querystring) | `1.1.0` | `1.2.0` | | [github.com/muesli/mango-cobra](https://github.com/muesli/mango-cobra) | `1.2.0` | `1.3.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.23.0` | `1.23.2` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.45.0` | `0.46.0` | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `1.38.2` | `1.42.2` | Updates `github.com/alecthomas/chroma/v2` from 2.20.0 to 2.21.1 - [Release notes](https://github.com/alecthomas/chroma/releases) - [Commits](https://github.com/alecthomas/chroma/compare/v2.20.0...v2.21.1) Updates `github.com/go-git/go-git/v5` from 5.16.2 to 5.16.4 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.16.2...v5.16.4) Updates `github.com/google/go-querystring` from 1.1.0 to 1.2.0 - [Release notes](https://github.com/google/go-querystring/releases) - [Commits](https://github.com/google/go-querystring/compare/v1.1.0...v1.2.0) Updates `github.com/muesli/mango-cobra` from 1.2.0 to 1.3.0 - [Release notes](https://github.com/muesli/mango-cobra/releases) - [Commits](https://github.com/muesli/mango-cobra/compare/v1.2.0...v1.3.0) Updates `github.com/prometheus/client_golang` from 1.23.0 to 1.23.2 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.23.0...v1.23.2) Updates `github.com/spf13/cobra` from 1.9.1 to 1.10.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.9.1...v1.10.1) Updates `golang.org/x/crypto` from 0.45.0 to 0.46.0 - [Commits](https://github.com/golang/crypto/compare/v0.45.0...v0.46.0) Updates `golang.org/x/sync` from 0.18.0 to 0.19.0 - [Commits](https://github.com/golang/sync/compare/v0.18.0...v0.19.0) Updates `modernc.org/sqlite` from 1.38.2 to 1.42.2 - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.38.2...v1.42.2) --- updated-dependencies: - dependency-name: github.com/alecthomas/chroma/v2 dependency-version: 2.21.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/go-git/go-git/v5 dependency-version: 5.16.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/google/go-querystring dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/muesli/mango-cobra dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/spf13/cobra dependency-version: 1.10.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/crypto dependency-version: 0.46.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/sync dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: modernc.org/sqlite dependency-version: 1.42.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
2447a96
fix(tests): ignore stderr output in SSRF webhook test
Ayman Bagabas created
9e67180
chore(deps): bump actions/checkout from 5 to 6 in the all group (#765)
Click to expand commit body
Bumps the all group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 5 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
8262d91
chore: go mod tidy
Ayman Bagabas created
a7f2fbe
chore: bump dependencies and use charm.land modules
Ayman Bagabas created
f946151
chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#764)
Click to expand commit body
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.41.0 to 0.45.0. - [Commits](https://github.com/golang/crypto/compare/v0.41.0...v0.45.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
8a99b84
test: fix
Click to expand commit body
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
bb73b9a
Merge commit from fork
Click to expand commit body
closes GHSA-vwq2-jx9q-9h9f Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
56e9784
docs: Add `IdentitiesOnly` option to ssh command examples (#628)
Rob Berwick created
d963932
Merge commit from fork
Click to expand commit body
* sec: escape ansi sequences on user input fixes HSA-fv2r-r8mp-pg48 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * Apply suggestion from @Tomer-PL Co-authored-by: Tomer Fichman <tomer@irregular.com> * chore: fmt Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> Co-authored-by: Tomer Fichman <tomer@irregular.com>
Carlos Alexandro Becker and Tomer Fichman created
ea8799b
feat: add CORS headers (#654)
fetsorn created
15e9e25
chore(deps): bump actions/setup-go from 5 to 6 in the all group (#748)
Click to expand commit body
Bumps the all group with 1 update: [actions/setup-go](https://github.com/actions/setup-go). Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
6856877
feat: add readiness and liveness probes for self healing (#734)
Click to expand commit body
* feat: add k8s readiness and liveness probes * fix: switch to single err var and add logging * chore: remove fmt import
Jay Madden created
5c8639b
chore(deps): update all deps (#746)
Click to expand commit body
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
8e52267
chore(deps): bump github.com/sergi/go-diff (#729)
Click to expand commit body
Bumps [github.com/sergi/go-diff](https://github.com/sergi/go-diff) from 1.3.2-0.20230802210424-5b0b94c5c0d3 to 1.4.0. - [Commits](https://github.com/sergi/go-diff/commits/v1.4.0) --- updated-dependencies: - dependency-name: github.com/sergi/go-diff dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
bec9fb3
chore(deps): bump github.com/prometheus/client_golang (#739)
Click to expand commit body
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.22.0 to 1.23.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
e5edfd5
sec: update git-module (#742)
Click to expand commit body
The regex solution proposed in #737 is not sufficient. I've added `--end-of-options` to the relevant commands in https://github.com/aymanbagabas/git-module/pull/1 so this reverts changes made in #737 and update git-module to include that fix. Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
a73db1a
test: use a repo that doesn't change as much (#743)
Click to expand commit body
wizard tutorial last commit was 2y ago catwalk get commits almost daily Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
5d9034c
ci: sync dependabot config (#741)
Charm created
76a71ef
chore(deps): bump actions/checkout from 4 to 5 (#735)
Click to expand commit body
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
5a2bde5
fix: check that commit is a SHA1 (#737)
Click to expand commit body
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
68e6304
chore(deps): bump github.com/alecthomas/chroma/v2 from 2.19.0 to 2.20.0 (#730)
Click to expand commit body
Bumps [github.com/alecthomas/chroma/v2](https://github.com/alecthomas/chroma) from 2.19.0 to 2.20.0. - [Release notes](https://github.com/alecthomas/chroma/releases) - [Changelog](https://github.com/alecthomas/chroma/blob/master/.goreleaser.yml) - [Commits](https://github.com/alecthomas/chroma/compare/v2.19.0...v2.20.0) --- updated-dependencies: - dependency-name: github.com/alecthomas/chroma/v2 dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
efa8c06
chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.3.0 (#731)
Click to expand commit body
Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.2 to 5.3.0. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.2...v5.3.0) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v5 dependency-version: 5.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
fa175c7
fix: repo commit help (#736)
Click to expand commit body
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
de888b9
test: fix golden files
Click to expand commit body
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Carlos Alexandro Becker created
844f175
ci: sync golangci-lint config (#732)
Click to expand commit body
Co-authored-by: aymanbagabas <3187948+aymanbagabas@users.noreply.github.com>
github-actions[bot] and aymanbagabas created
dbcded6
chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 (#727)
Click to expand commit body
--- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
9b64ebd
chore(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 (#726)
Click to expand commit body
--- updated-dependencies: - dependency-name: golang.org/x/sync dependency-version: 0.16.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
397288d
fix(ui): help menu on file list view (#719)
Click to expand commit body
* fix(ui): Add additional key function indicators Add the h and l indications in the help message when those keys select items from lists. * fix(ui); Fix action long help on file views Prior to this commit, the copy command help was not overwritten as intended, and blame and toggle line number options were shown in help on the file list view page, but only functioned on the file content view page.
Eldon created
52f7a9e
feat(tui): yank the patch/diff to clipboard (#725)
Benjamin Chausse created