From 7f45264ff1b51dd0f0ed97c0eb81761eed1013f8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 16:37:26 +0100 Subject: [PATCH 01/12] fix(deps): update module github.com/redis/go-redis/v9 to v9.17.1 (#1881) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 0de54d316..1a4e103bf 100644 --- a/go.mod +++ b/go.mod @@ -58,7 +58,7 @@ require ( github.com/olekukonko/tablewriter v1.1.1 github.com/pquerna/otp v1.5.0 github.com/prometheus/client_golang v1.23.2 - github.com/redis/go-redis/v9 v9.17.0 + github.com/redis/go-redis/v9 v9.17.1 github.com/robfig/cron/v3 v3.0.1 github.com/samedi/caldav-go v3.0.0+incompatible github.com/spf13/afero v1.15.0 diff --git a/go.sum b/go.sum index fe31e4880..5e4beee9a 100644 --- a/go.sum +++ b/go.sum @@ -398,6 +398,8 @@ github.com/prometheus/procfs v0.17.0 h1:FuLQ+05u4ZI+SS/w9+BWEM2TXiHKsUQ9TADiRH7D github.com/prometheus/procfs v0.17.0/go.mod h1:oPQLaDAMRbA+u8H5Pbfq+dl3VDAvHxMUOVhe0wYB2zw= github.com/redis/go-redis/v9 v9.17.0 h1:K6E+ZlYN95KSMmZeEQPbU/c++wfmEvfFB17yEAq/VhM= github.com/redis/go-redis/v9 v9.17.0/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370= +github.com/redis/go-redis/v9 v9.17.1 h1:7tl732FjYPRT9H9aNfyTwKg9iTETjWjGKEJ2t/5iWTs= +github.com/redis/go-redis/v9 v9.17.1/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= From 5c4ea721c74f755d4d7a08a0901d006c79975e04 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 16:37:42 +0100 Subject: [PATCH 02/12] fix(deps): update dependency workbox-precaching to v7.4.0 (#1879) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- frontend/package.json | 2 +- frontend/pnpm-lock.yaml | 32 ++------------------------------ 2 files changed, 3 insertions(+), 31 deletions(-) diff --git a/frontend/package.json b/frontend/package.json index d1ace1125..9d325d165 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -105,7 +105,7 @@ "vue-i18n": "11.1.12", "vue-router": "4.6.3", "vuemoji-picker": "0.3.2", - "workbox-precaching": "7.3.0", + "workbox-precaching": "7.4.0", "zhyswan-vuedraggable": "4.1.3" }, "devDependencies": { diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml index d7341fc3e..bfd7affc0 100644 --- a/frontend/pnpm-lock.yaml +++ b/frontend/pnpm-lock.yaml @@ -170,8 +170,8 @@ importers: specifier: 0.3.2 version: 0.3.2(vue@3.5.24(typescript@5.9.3)) workbox-precaching: - specifier: 7.3.0 - version: 7.3.0 + specifier: 7.4.0 + version: 7.4.0 zhyswan-vuedraggable: specifier: 4.1.3 version: 4.1.3(vue@3.5.24(typescript@5.9.3)) @@ -6986,9 +6986,6 @@ packages: engines: {node: '>=20.0.0'} hasBin: true - workbox-core@7.3.0: - resolution: {integrity: sha512-Z+mYrErfh4t3zi7NVTvOuACB0A/jA3bgxUN3PwtAVHvfEsZxV9Iju580VEETug3zYJRc0Dmii/aixI/Uxj8fmw==} - workbox-core@7.4.0: resolution: {integrity: sha512-6BMfd8tYEnN4baG4emG9U0hdXM4gGuDU3ectXuVHnj71vwxTFI7WOpQJC4siTOlVtGqCUtj0ZQNsrvi6kZZTAQ==} @@ -7001,9 +6998,6 @@ packages: workbox-navigation-preload@7.4.0: resolution: {integrity: sha512-etzftSgdQfjMcfPgbfaZCfM2QuR1P+4o8uCA2s4rf3chtKTq/Om7g/qvEOcZkG6v7JZOSOxVYQiOu6PbAZgU6w==} - workbox-precaching@7.3.0: - resolution: {integrity: sha512-ckp/3t0msgXclVAYaNndAGeAoWQUv7Rwc4fdhWL69CCAb2UHo3Cef0KIUctqfQj1p8h6aGyz3w8Cy3Ihq9OmIw==} - workbox-precaching@7.4.0: resolution: {integrity: sha512-VQs37T6jDqf1rTxUJZXRl3yjZMf5JX/vDPhmx2CPgDDKXATzEoqyRqhYnRoxl6Kr0rqaQlp32i9rtG5zTzIlNg==} @@ -7013,15 +7007,9 @@ packages: workbox-recipes@7.4.0: resolution: {integrity: sha512-kOkWvsAn4H8GvAkwfJTbwINdv4voFoiE9hbezgB1sb/0NLyTG4rE7l6LvS8lLk5QIRIto+DjXLuAuG3Vmt3cxQ==} - workbox-routing@7.3.0: - resolution: {integrity: sha512-ZUlysUVn5ZUzMOmQN3bqu+gK98vNfgX/gSTZ127izJg/pMMy4LryAthnYtjuqcjkN4HEAx1mdgxNiKJMZQM76A==} - workbox-routing@7.4.0: resolution: {integrity: sha512-C/ooj5uBWYAhAqwmU8HYQJdOjjDKBp9MzTQ+otpMmd+q0eF59K+NuXUek34wbL0RFrIXe/KKT+tUWcZcBqxbHQ==} - workbox-strategies@7.3.0: - resolution: {integrity: sha512-tmZydug+qzDFATwX7QiEL5Hdf7FrkhjaF9db1CbB39sDmEZJg3l9ayDvPxy8Y18C3Y66Nrr9kkN1f/RlkDgllg==} - workbox-strategies@7.4.0: resolution: {integrity: sha512-T4hVqIi5A4mHi92+5EppMX3cLaVywDp8nsyUgJhOZxcfSV/eQofcOA6/EMo5rnTNmNTpw0rUgjAI6LaVullPpg==} @@ -14505,8 +14493,6 @@ snapshots: - '@types/babel__core' - supports-color - workbox-core@7.3.0: {} - workbox-core@7.4.0: {} workbox-expiration@7.4.0: @@ -14525,12 +14511,6 @@ snapshots: dependencies: workbox-core: 7.4.0 - workbox-precaching@7.3.0: - dependencies: - workbox-core: 7.3.0 - workbox-routing: 7.3.0 - workbox-strategies: 7.3.0 - workbox-precaching@7.4.0: dependencies: workbox-core: 7.4.0 @@ -14550,18 +14530,10 @@ snapshots: workbox-routing: 7.4.0 workbox-strategies: 7.4.0 - workbox-routing@7.3.0: - dependencies: - workbox-core: 7.3.0 - workbox-routing@7.4.0: dependencies: workbox-core: 7.4.0 - workbox-strategies@7.3.0: - dependencies: - workbox-core: 7.3.0 - workbox-strategies@7.4.0: dependencies: workbox-core: 7.4.0 From 210baaa8ee12ed70fc86ac67112786af999b0e74 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 17:34:15 +0100 Subject: [PATCH 03/12] chore(deps): update actions/checkout digest to 93cb6ef (#1885) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3578370ef..3d0f15a98 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -365,7 +365,7 @@ jobs: image: mcr.microsoft.com/playwright:v1.57.0-jammy options: --user 1001 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Download Vikunja Binary uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 with: From bb31798be60ba07824ba9a59af642935da69a1e3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 17:35:14 +0100 Subject: [PATCH 04/12] chore(deps): pin mcr.microsoft.com/playwright docker tag to 6aca677 (#1884) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3d0f15a98..fa9766914 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -362,7 +362,7 @@ jobs: ports: - 5556:5556 container: - image: mcr.microsoft.com/playwright:v1.57.0-jammy + image: mcr.microsoft.com/playwright:v1.57.0-jammy@sha256:6aca677c27a967caf7673d108ac67ffaf8fed134f27e17b27a05464ca0ace831 options: --user 1001 steps: - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 From c3a75bbd4dc9c9f04c27ca22a22b1fed18450d09 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 17:35:20 +0100 Subject: [PATCH 05/12] chore(deps): update pnpm to v10.23.0 (#1877) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- desktop/package.json | 2 +- frontend/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/desktop/package.json b/desktop/package.json index 6f421739a..e1be59153 100644 --- a/desktop/package.json +++ b/desktop/package.json @@ -5,7 +5,7 @@ "main": "main.js", "repository": "https://code.vikunja.io/desktop", "license": "GPL-3.0-or-later", - "packageManager": "pnpm@10.22.0", + "packageManager": "pnpm@10.23.0", "author": { "email": "maintainers@vikunja.io", "name": "Vikunja Team" diff --git a/frontend/package.json b/frontend/package.json index 9d325d165..3ff2834d4 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -13,7 +13,7 @@ }, "homepage": "https://vikunja.io/", "funding": "https://opencollective.com/vikunja", - "packageManager": "pnpm@10.22.0", + "packageManager": "pnpm@10.23.0", "keywords": [ "todo", "productivity", From f7d5122638c1a12b3bf9627776f525c1d68dc62c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 17:35:33 +0100 Subject: [PATCH 06/12] fix(deps): update dependency marked to v17 (#1797) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- frontend/package.json | 2 +- frontend/pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/frontend/package.json b/frontend/package.json index 3ff2834d4..f7009dd71 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -93,7 +93,7 @@ "is-touch-device": "1.0.1", "klona": "2.0.6", "lowlight": "3.3.0", - "marked": "16.4.2", + "marked": "17.0.1", "pinia": "3.0.4", "register-service-worker": "1.7.2", "sortablejs": "1.15.6", diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml index bfd7affc0..c046e6258 100644 --- a/frontend/pnpm-lock.yaml +++ b/frontend/pnpm-lock.yaml @@ -134,8 +134,8 @@ importers: specifier: 3.3.0 version: 3.3.0 marked: - specifier: 16.4.2 - version: 16.4.2 + specifier: 17.0.1 + version: 17.0.1 pinia: specifier: 3.0.4 version: 3.0.4(typescript@5.9.3)(vue@3.5.24(typescript@5.9.3)) @@ -4836,8 +4836,8 @@ packages: resolution: {integrity: sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==} hasBin: true - marked@16.4.2: - resolution: {integrity: sha512-TI3V8YYWvkVf3KJe1dRkpnjs68JUPyEa5vjKrp1XEEJUAOaQc+Qj+L1qWbPd0SJuAdQkFU0h73sXXqwDYxsiDA==} + marked@17.0.1: + resolution: {integrity: sha512-boeBdiS0ghpWcSwoNm/jJBwdpFaMnZWRzjA6SkUMYb40SVaN1x7mmfGKp0jvexGcx+7y2La5zRZsYFZI6Qpypg==} engines: {node: '>= 20'} hasBin: true @@ -12041,7 +12041,7 @@ snapshots: punycode.js: 2.3.1 uc.micro: 2.1.0 - marked@16.4.2: {} + marked@17.0.1: {} math-intrinsics@1.1.0: {} From 785fe6e30645c63e4ea120173fab05ee819201fb Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Nov 2025 17:45:12 +0100 Subject: [PATCH 07/12] chore(deps): update docker/metadata-action digest to c299e40 (#1887) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pr-docker.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-docker.yml b/.github/workflows/pr-docker.yml index d1e78b9ad..c0cf48239 100644 --- a/.github/workflows/pr-docker.yml +++ b/.github/workflows/pr-docker.yml @@ -39,7 +39,7 @@ jobs: version: latest - name: Docker meta id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5 with: images: ghcr.io/go-vikunja/vikunja tags: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2856b4e86..850cc911d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: - name: Docker meta version if: ${{ github.ref_type == 'tag' }} id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5 with: images: | vikunja/vikunja From 566ff99e6c524170955da6e6534dce840f243c81 Mon Sep 17 00:00:00 2001 From: kolaente Date: Thu, 27 Nov 2025 18:49:38 +0100 Subject: [PATCH 08/12] fix(editor): prevent upload overlay from intercepting text drag operations (#1890) --- .../components/tasks/partials/Attachments.vue | 95 +++++++++-- frontend/src/composables/useDropzone.ts | 157 ------------------ 2 files changed, 81 insertions(+), 171 deletions(-) delete mode 100644 frontend/src/composables/useDropzone.ts diff --git a/frontend/src/components/tasks/partials/Attachments.vue b/frontend/src/components/tasks/partials/Attachments.vue index 34397da6d..6b5f54bd7 100644 --- a/frontend/src/components/tasks/partials/Attachments.vue +++ b/frontend/src/components/tasks/partials/Attachments.vue @@ -126,7 +126,7 @@
@@ -172,8 +172,8 @@