renovate
558ad7a5a5
chore(deps): update actions/checkout action to v7 ( #179 )
...
dancefetcher / build (push) Successful in 9m9s
dancefetcher / deploy-prod (push) Successful in 42s
This PR contains the following updates:
| Package | Type | Update | Change | Pending |
|---|---|---|---|---|
| [actions/checkout](https://github.com/actions/checkout ) | action | major | `v6` → `v7` | `v7.0.0` |
---
### Release Notes
<details>
<summary>actions/checkout (actions/checkout)</summary>
### [`v7.0.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700 )
[Compare Source](https://github.com/actions/checkout/compare/v7.0.0...v7.0.0 )
- Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://github.com/aiqiaoy ) in [#​2454](https://github.com/actions/checkout/pull/2454 )
- Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2458](https://github.com/actions/checkout/pull/2458 )
- Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2460](https://github.com/actions/checkout/pull/2460 )
- Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2461](https://github.com/actions/checkout/pull/2461 )
- Bump [@​actions/core](https://github.com/actions/core ) and [@​actions/tool-cache](https://github.com/actions/tool-cache ) and Remove uuid by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2459](https://github.com/actions/checkout/pull/2459 )
- upgrade module to esm and update dependencies by [@​aiqiaoy](https://github.com/aiqiaoy ) in [#​2463](https://github.com/actions/checkout/pull/2463 )
- Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2462](https://github.com/actions/checkout/pull/2462 )
### [`v7`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700 )
[Compare Source](https://github.com/actions/checkout/compare/v6.0.3...v7.0.0 )
- Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://github.com/aiqiaoy ) in [#​2454](https://github.com/actions/checkout/pull/2454 )
- Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2458](https://github.com/actions/checkout/pull/2458 )
- Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2460](https://github.com/actions/checkout/pull/2460 )
- Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2461](https://github.com/actions/checkout/pull/2461 )
- Bump [@​actions/core](https://github.com/actions/core ) and [@​actions/tool-cache](https://github.com/actions/tool-cache ) and Remove uuid by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2459](https://github.com/actions/checkout/pull/2459 )
- upgrade module to esm and update dependencies by [@​aiqiaoy](https://github.com/aiqiaoy ) in [#​2463](https://github.com/actions/checkout/pull/2463 )
- Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://github.com/dependabot )\[bot] in [#​2462](https://github.com/actions/checkout/pull/2462 )
</details>
---
### Configuration
📅 **Schedule**: (UTC)
- Branch creation
- At any time (no schedule defined)
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMjAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIyMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->
Reviewed-on: #179
Co-authored-by: Renovate Bot <renovate@unbound.se >
Co-committed-by: Renovate Bot <renovate@unbound.se >
2026-06-20 19:39:12 +00:00
renovate
ef8e68d209
chore(deps): update golang:1.26.4 docker digest to 62df9f3 ( #178 )
dancefetcher / build (push) Successful in 11m33s
dancefetcher / deploy-prod (push) Successful in 52s
2026-06-11 06:25:14 +00:00
renovate
6b1762d786
chore(deps): update golang docker tag to v1.26.4 ( #177 )
dancefetcher / build (push) Successful in 9m12s
dancefetcher / deploy-prod (push) Successful in 42s
2026-06-05 23:20:10 +00:00
renovate
92e42f4e61
chore(deps): update go toolchain directive to v1.26.4 [security] ( #175 )
...
dancefetcher / build (push) Successful in 11m53s
dancefetcher / deploy-prod (push) Successful in 54s
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [go](https://go.dev/ ) ([source](https://github.com/golang/go )) | toolchain | patch | `1.26.3` → `1.26.4` |
---
### Inefficient candidate hostname parsing in crypto/x509
[CVE-2026-27145](https://nvd.nist.gov/vuln/detail/CVE-2026-27145 ) / [GO-2026-5037](https://pkg.go.dev/vuln/GO-2026-5037 )
<details>
<summary>More information</summary>
#### Details
(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the same input hostname.
With a large DNS SAN list, verification costs scaled quadratically based on the number of SAN entries multiplied by the hostname's label count. Because x509.Verify validates hostnames before building the certificate chain, this overhead occurred even for untrusted certificates.
#### Severity
Unknown
#### References
- [https://go.dev/cl/783621 ](https://go.dev/cl/783621 )
- [https://go.dev/issue/79694 ](https://go.dev/issue/79694 )
- [https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw ](https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw )
This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5037 ) and the [Go Vulnerability Database](https://github.com/golang/vulndb ) ([CC-BY 4.0](https://github.com/golang/vulndb#license )).
</details>
---
### Quadratic complexity in WordDecoder.DecodeHeader in mime
[CVE-2026-42504](https://nvd.nist.gov/vuln/detail/CVE-2026-42504 ) / [GO-2026-5038](https://pkg.go.dev/vuln/GO-2026-5038 )
<details>
<summary>More information</summary>
#### Details
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU.
#### Severity
Unknown
#### References
- [https://go.dev/issue/79217 ](https://go.dev/issue/79217 )
- [https://go.dev/cl/774481 ](https://go.dev/cl/774481 )
- [https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw ](https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw )
This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5038 ) and the [Go Vulnerability Database](https://github.com/golang/vulndb ) ([CC-BY 4.0](https://github.com/golang/vulndb#license )).
</details>
---
### Arbitrary inputs are included in errors without any escaping in net/textproto
[CVE-2026-42507](https://nvd.nist.gov/vuln/detail/CVE-2026-42507 ) / [GO-2026-5039](https://pkg.go.dev/vuln/GO-2026-5039 )
<details>
<summary>More information</summary>
#### Details
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged.
#### Severity
Unknown
#### References
- [https://go.dev/issue/79346 ](https://go.dev/issue/79346 )
- [https://go.dev/cl/777060 ](https://go.dev/cl/777060 )
- [https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw ](https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw )
This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5039 ) and the [Go Vulnerability Database](https://github.com/golang/vulndb ) ([CC-BY 4.0](https://github.com/golang/vulndb#license )).
</details>
---
### Configuration
📅 **Schedule**: (UTC)
- Branch creation
- ""
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDIuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIwMi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->
Reviewed-on: #175
Co-authored-by: Renovate Bot <renovate@unbound.se >
Co-committed-by: Renovate Bot <renovate@unbound.se >
2026-06-03 05:40:03 +00:00
renovate
e498f5d12f
chore(deps): update golang:1.26.3 docker digest to 54d3246 ( #174 )
dancefetcher / build (push) Successful in 19m11s
dancefetcher / deploy-prod (push) Successful in 1m2s
2026-05-20 06:21:44 +00:00
renovate
7770d3ae24
chore(deps): update golang docker tag to v1.26.3 ( #173 )
dancefetcher / build (push) Successful in 7m3s
dancefetcher / deploy-prod (push) Successful in 42s
2026-05-11 23:13:54 +00:00
renovate
01380bfb07
chore(deps): update go toolchain directive to v1.26.3 ( #172 )
dancefetcher / build (push) Successful in 7m54s
dancefetcher / deploy-prod (push) Successful in 47s
2026-05-10 00:15:09 +00:00
renovate
4749b56088
chore(deps): update golang:1.26.2 docker digest to e1203b8 ( #171 )
dancefetcher / build (push) Successful in 10m30s
dancefetcher / deploy-prod (push) Successful in 47s
2026-04-22 08:17:02 +00:00
renovate
f429e3bd16
chore(deps): update golang docker tag to v1.26.2 ( #170 )
dancefetcher / build (push) Successful in 10m22s
dancefetcher / deploy-prod (push) Successful in 50s
2026-04-10 22:55:25 +00:00
renovate
bea8a99de5
chore(deps): update dependency go to v1.26.2 ( #169 )
dancefetcher / build (push) Successful in 20m50s
dancefetcher / deploy-prod (push) Successful in 1m6s
2026-04-10 01:22:50 +00:00
renovate
ed8c5add07
chore(deps): update golang:1.26.1 docker digest to 5ba1126 ( #168 )
dancefetcher / build (push) Successful in 8m53s
dancefetcher / deploy-prod (push) Successful in 45s
2026-04-07 05:30:16 +00:00
renovate
20d3cc12b4
chore(deps): update golang:1.26.1 docker digest to 984bf90 ( #167 )
dancefetcher / build (push) Successful in 14m31s
dancefetcher / deploy-prod (push) Successful in 52s
2026-03-17 02:18:58 +00:00
renovate
28809f6f15
chore(deps): update golang docker tag to v1.26.1 ( #166 )
dancefetcher / build (push) Successful in 6m48s
dancefetcher / deploy-prod (push) Successful in 1m4s
2026-03-06 02:18:41 +00:00
renovate
45e6ef8802
chore(deps): update dependency go to v1.26.1 ( #165 )
dancefetcher / build (push) Successful in 5m42s
dancefetcher / deploy-prod (push) Successful in 1m20s
2026-03-06 01:16:31 +00:00
argoyle
7e9fffa7d0
Merge pull request 'fix(k8s): remove CPU limits to resolve KubeCPUOvercommit alert' ( #164 ) from remove-cpu-limits into master
...
dancefetcher / build (push) Successful in 5m17s
dancefetcher / deploy-prod (push) Successful in 44s
Reviewed-on: #164
2026-03-01 11:27:27 +00:00
argoyle
27041f7ca5
fix(k8s): remove CPU limits to resolve KubeCPUOvercommit alert
...
dancefetcher / build (pull_request) Successful in 6m23s
dancefetcher / deploy-prod (pull_request) Has been skipped
Remove cpu from resource limits while keeping memory limits and all
requests intact. CPU limits cause unnecessary throttling and
overcommit alerts when actual usage is far below limits.
2026-03-01 12:15:54 +01:00
renovate
3157a712e2
chore(deps): update golang:1.26.0 docker digest to 9835fb4 ( #163 )
dancefetcher / build (push) Successful in 5m36s
dancefetcher / deploy-prod (push) Successful in 1m9s
2026-02-24 22:31:46 +00:00
renovate
e6681eb02e
chore(deps): update golang docker tag to v1.26.0 ( #162 )
dancefetcher / build (push) Failing after 2s
dancefetcher / deploy-prod (push) Has been skipped
2026-02-11 00:11:02 +00:00
renovate
66b6ea5aa4
chore(deps): update golang:1.25.7 docker digest to d2819ff ( #161 )
dancefetcher / build (push) Successful in 1h17m16s
dancefetcher / deploy-prod (push) Failing after 2s
2026-02-10 22:31:38 +00:00
renovate
962d93784b
chore(deps): update dependency go to v1.26.0 ( #160 )
dancefetcher / build (push) Successful in 6m24s
dancefetcher / deploy-prod (push) Successful in 44s
2026-02-10 20:27:15 +00:00
argoyle
e77ea61eca
Merge pull request 'chore(deps): update golang docker tag to v1.25.7' ( #159 ) from renovate/golang-1.x into master
...
dancefetcher / build (push) Successful in 28m49s
dancefetcher / deploy-prod (push) Successful in 50s
Reviewed-on: #159
2026-02-05 09:20:54 +00:00
renovate
1777762126
chore(deps): update golang docker tag to v1.25.7
dancefetcher / build (pull_request) Successful in 16m3s
dancefetcher / deploy-prod (pull_request) Has been cancelled
2026-02-04 18:05:09 +00:00
renovate
b9f0dbe97e
chore(deps): update dependency go to v1.25.7 ( #158 )
dancefetcher / build (push) Successful in 15m4s
dancefetcher / deploy-prod (push) Successful in 43s
2026-02-04 16:24:16 +00:00
renovate
412c3c7ba3
chore(deps): update golang:1.25.6 docker digest to ceda080 ( #157 )
dancefetcher / build (push) Successful in 21m58s
dancefetcher / deploy-prod (push) Successful in 59s
2026-02-03 08:27:29 +00:00
renovate
17d6092dc8
chore(deps): update golang docker tag to v1.25.6 ( #156 )
dancefetcher / build (push) Successful in 1h18m0s
dancefetcher / deploy-prod (push) Successful in 1m15s
2026-01-15 22:24:13 +00:00
renovate
dd2633fb44
chore(deps): update dependency go to v1.25.6 ( #155 )
dancefetcher / build (push) Successful in 12m16s
dancefetcher / deploy-prod (push) Successful in 37s
2026-01-15 20:25:32 +00:00
renovate
9bea70c3aa
chore(deps): update golang:1.25.5 docker digest to 3a01526 ( #154 )
dancefetcher / build (push) Successful in 51m52s
dancefetcher / deploy-prod (push) Failing after 2s
2026-01-13 06:29:08 +00:00
argoyle
4d4c4737a3
Merge pull request 'fix: remove incorrect digest pinning from image reference' ( #153 ) from fix/remove-digest-pinning into master
...
dancefetcher / build (push) Successful in 9m32s
dancefetcher / deploy-prod (push) Successful in 31s
Reviewed-on: #153
2026-01-09 12:02:01 +00:00
argoyle
bb9d47f6b3
fix: remove incorrect digest pinning from image reference
dancefetcher / build (pull_request) Successful in 20m19s
dancefetcher / deploy-prod (pull_request) Has been skipped
2026-01-09 11:54:24 +01:00
renovate
6afe6cebcc
chore(deps): update oci.unbound.se/dancefinder/dancefetcher docker digest to 91a06ed ( #152 )
dancefetcher / build (push) Successful in 12m54s
dancefetcher / deploy-prod (push) Successful in 52s
2026-01-09 09:03:37 +00:00
renovate
105297c7cf
chore(deps): pin oci.unbound.se/dancefinder/dancefetcher docker tag to fed388a ( #151 )
dancefetcher / build (push) Successful in 10m40s
dancefetcher / deploy-prod (push) Successful in 2m15s
2026-01-09 08:02:32 +00:00
argoyle
3fca36706f
Merge pull request 'chore: remove GitLab CI pipeline' ( #150 ) from remove-gitlab-ci into master
...
dancefetcher / build (push) Failing after 3m28s
dancefetcher / deploy-prod (push) Has been skipped
Reviewed-on: #150
2026-01-08 19:54:11 +00:00
argoyle
fc31ea981b
chore: remove GitLab CI pipeline
dancefetcher / build (pull_request) Successful in 5m45s
dancefetcher / deploy-prod (pull_request) Has been skipped
2026-01-08 20:36:54 +01:00
argoyle
eb032b4125
Merge pull request 'ci: remove aws-iam-authenticator (using service account auth)' ( #149 ) from remove-aws-iam-auth into master
...
dancefetcher / build (push) Successful in 4m53s
dancefetcher / deploy-prod (push) Successful in 1m49s
Reviewed-on: #149
2026-01-08 08:56:27 +00:00
argoyle
a01dfe03e4
ci: remove aws-iam-authenticator (using service account auth)
dancefetcher / build (pull_request) Successful in 4m34s
dancefetcher / deploy-prod (pull_request) Has been skipped
2026-01-08 09:43:09 +01:00
argoyle
f88745f6e8
Merge pull request 'ci: remove KUBECONFIG_CONTENT (runner env var)' ( #148 ) from remove-kubeconfig into master
...
dancefetcher / build (push) Successful in 4m45s
dancefetcher / deploy-prod (push) Failing after 35s
Reviewed-on: #148
2026-01-08 07:36:50 +00:00
argoyle
a4e09afbfc
ci: remove KUBECONFIG_CONTENT (runner env var)
dancefetcher / build (pull_request) Successful in 8m30s
dancefetcher / deploy-prod (pull_request) Has been skipped
2026-01-08 08:25:36 +01:00
argoyle
bcf04bb8ce
Merge pull request 'ci: add aws-iam-authenticator to deploy job' ( #147 ) from aws-iam-auth into master
...
dancefetcher / build (push) Failing after 1m2s
dancefetcher / deploy-prod (push) Has been skipped
Reviewed-on: #147
2026-01-07 21:22:08 +00:00
argoyle
049a0270b9
ci: add aws-iam-authenticator to deploy job
dancefetcher / deploy-prod (pull_request) Blocked by required conditions
dancefetcher / build (pull_request) Successful in 4m4s
2026-01-07 20:58:57 +01:00
argoyle
94227f00ac
Merge pull request 'chore(deps): update actions/checkout action to v6' ( #145 ) from renovate/actions-checkout-6.x into master
...
dancefetcher / build (push) Failing after 2m2s
dancefetcher / deploy-prod (push) Has been skipped
Reviewed-on: #145
2026-01-07 18:33:40 +00:00
argoyle
c5f5670453
Merge pull request 'ci: add KUBECONFIG_CONTENT secret to deploy job' ( #146 ) from kubeconfig-secret into master
...
dancefetcher / build (push) Successful in 4m7s
dancefetcher / deploy-prod (push) Failing after 32s
Reviewed-on: #146
2026-01-07 16:22:43 +00:00
argoyle
acfd041884
ci: add KUBECONFIG_CONTENT secret to deploy job
dancefetcher / build (pull_request) Successful in 7m33s
dancefetcher / deploy-prod (pull_request) Has been skipped
2026-01-07 17:12:24 +01:00
renovate
9b5d048fa3
chore(deps): update actions/checkout action to v6
dancefetcher / build (pull_request) Successful in 7m38s
dancefetcher / deploy-prod (pull_request) Has been skipped
2026-01-07 16:02:20 +00:00
argoyle
87778defbf
Merge pull request 'ci: migrate from GitLab CI to Gitea Actions' ( #144 ) from ci-migrate-gitlab-to-gitea-actions into master
...
dancefetcher / build (push) Successful in 5m41s
dancefetcher / deploy-prod (push) Failing after 6s
Reviewed-on: #144
2026-01-07 15:56:26 +00:00
argoyle
cfe50f4db3
ci: migrate from GitLab CI to Gitea Actions
...
dancefetcher / build (pull_request) Successful in 4m36s
dancefetcher / deploy-prod (pull_request) Has been skipped
- Add Gitea Actions workflow (.gitea/workflows/ci.yaml)
- Update K8s deployment image registry to oci.unbound.se
2026-01-07 16:39:19 +01:00
argoyle
764afae3b0
Merge branch 'renovate/golang-1.25.5' into 'master'
...
chore(deps): update golang:1.25.5 docker digest to ad03ba9
See merge request unboundsoftware/dancefinder/dancefetcher!140
2025-12-30 16:01:13 +01:00
f42333798c
chore(deps): update golang:1.25.5 docker digest to ad03ba9
2025-12-30 04:03:44 +00:00
argoyle
9bcf1bebf8
Merge branch 'renovate/golang-1.25.5' into 'master'
...
chore(deps): update golang:1.25.5 docker digest to 0c27bcf
See merge request unboundsoftware/dancefinder/dancefetcher!139
2025-12-09 09:55:54 +01:00
4f12a4e1a6
chore(deps): update golang:1.25.5 docker digest to 0c27bcf
2025-12-09 02:17:39 +00:00
argoyle
6e8e955167
Merge branch 'renovate/github.com-gocolly-colly-v2-2.x' into 'master'
...
fix(deps): update module github.com/gocolly/colly/v2 to v2.3.0
See merge request unboundsoftware/dancefinder/dancefetcher!138
2025-12-04 13:50:39 +01:00
renovate
argoyle
Renovate