verdigado-images/container-pre-commit
1
0
Fork 0
Code Issues 1 Pull requests 2 Projects Releases Packages 2 Wiki Activity

Renovate: Update all non-major dependencies #54

Open
renovate wants to merge 1 commit from renovate-all-minor-patch into main
pull from: renovate-all-minor-patch
merge into: verdigado-images:main
Conversation 0 Commits 1 Files changed 3 +6 -6
renovate commented 2025-06-02 11:09:23 +02:00
Member
Copy link

This PR contains the following updates:

Package Type Update Change
alpine_3_20/git patch 2.45.3-r0 -> 2.45.4-r0
gitleaks/gitleaks repository minor v8.26.0 -> v8.28.0
pre-commit minor 4.2.0 -> 4.3.0
pyyaml (source) pre-commit-python patch ==6.0.2 -> ==6.0.3
woodpeckerci/plugin-docker-buildx (source) patch 6.0.1 -> 6.0.3

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

gitleaks/gitleaks (gitleaks/gitleaks)

v8.28.0

Compare Source

Changelog

Optimizations

#​1909 waits to find newlines until a match. This ends up saving a boat load of time since before we were finding newlines for every fragment regardless if a rule matched or not.
#​1908 promoted @​rgmz excellent stopword optimization

Composite Rules (Multi-part or required Rules) #​1905

In v8.28.0 Gitleaks introduced composite rules, which are made up of a single "primary" rule and one or more auxiliary or required rules. To create a composite rule, add a [[rules.required]] table to the primary rule specifying an id and optionally withinLines and/or withinColumns proximity constraints. A fragment is a chunk of content that Gitleaks processes at once (typically a file, part of a file, or git diff), and proximity matching instructs the primary rule to only report a finding if the auxiliary required rules also find matches within the specified area of the fragment.

Proximity matching: Using the withinLines and withinColumns fields instructs the primary rule to only report a finding if the auxiliary required rules also find matches within the specified proximity. You can set:

  • withinLines: N - required findings must be within N lines (vertically)
  • withinColumns: N - required findings must be within N characters (horizontally)
  • Both - creates a rectangular search area (both constraints must be satisfied)
  • Neither - fragment-level matching (required findings can be anywhere in the same fragment)

Here are diagrams illustrating each proximity behavior:

p = primary captured secret
a = auxiliary (required) captured secret
fragment = section of data gitleaks is looking at

    *Fragment-level proximity*               
    Any required finding in the fragment
          ┌────────┐                       
   ┌──────┤fragment├─────┐                 
   │      └──────┬─┤     │ ┌───────┐       
   │             │a│◀────┼─│✓ MATCH│       
   │          ┌─┐└─┘     │ └───────┘       
   │┌─┐       │p│        │                 
   ││a│    ┌─┐└─┘        │ ┌───────┐       
   │└─┘    │a│◀──────────┼─│✓ MATCH│       
   └─▲─────┴─┴───────────┘ └───────┘       
     │    ┌───────┐                        
     └────│✓ MATCH│                        
          └───────┘                        
                                           
                                           
   *Column bounded proximity*
   `withinColumns = 3`                    
          ┌────────┐                       
   ┌────┬─┤fragment├─┬───┐                 
   │      └──────┬─┤     │ ┌───────────┐   
   │    │        │a│◀┼───┼─│+1C ✓ MATCH│   
   │          ┌─┐└─┘     │ └───────────┘   
   │┌─┐ │     │p│    │   │                 
┌──▶│a│  ┌─┐  └─┘        │ ┌───────────┐   
│  │└─┘ ││a│◀────────┼───┼─│-2C ✓ MATCH│   
│  │       ┘             │ └───────────┘   
│  └── -3C ───0C─── +3C ─┘                 
│  ┌─────────┐                             
│  │ -4C ✗ NO│                             
└──│  MATCH  │                             
   └─────────┘                             
                                           
                                           
   *Line bounded proximity*
   `withinLines = 4`                      
         ┌────────┐                        
   ┌─────┤fragment├─────┐                  
  +4L─ ─ ┴────────┘─ ─ ─│                  
   │                    │                  
   │              ┌─┐   │ ┌────────────┐   
   │         ┌─┐  │a│◀──┼─│+1L ✓ MATCH │   
   0L  ┌─┐   │p│  └─┘   │ ├────────────┤   
   │   │a│◀──┴─┴────────┼─│-1L ✓ MATCH │   
   │   └─┘              │ └────────────┘   
   │                    │ ┌─────────┐      
  -4L─ ─ ─ ─ ─ ─ ─ ─┌─┐─│ │-5L ✗ NO │      
   │                │a│◀┼─│  MATCH  │      
   └────────────────┴─┴─┘ └─────────┘      
                                           
                                           
   *Line and column bounded proximity*
   `withinLines = 4`                      
   `withinColumns = 3`                    
         ┌────────┐                        
   ┌─────┤fragment├─────┐                  
  +4L   ┌└────────┴ ┐   │                  
   │            ┌─┐     │ ┌───────────────┐
   │    │       │a│◀┼───┼─│+2L/+1C ✓ MATCH│
   │         ┌─┐└─┘     │ └───────────────┘
   0L   │    │p│    │   │                  
   │         └─┘        │                  
   │    │           │   │ ┌────────────┐   
  -4L    ─ ─ ─ ─ ─ ─┌─┐ │ │-5L/+3C ✗ NO│   
   │                │a│◀┼─│   MATCH    │   
   └───-3C────0L───+3C┴─┘ └────────────┘

v8.27.2

Compare Source

Changelog

v8.27.1

Compare Source

Changelog

v8.27.0

Compare Source

Changelog

Got another @​bplaxco release. Cheers!

Archive Scanning

Sometimes secrets are packaged within archive files like zip files or tarballs,
making them difficult to discover. Now you can tell gitleaks to automatically
extract and scan the contents of archives. The flag --max-archive-depth
enables this feature for both dir and git scan types. The default value of
"0" means this feature is disabled by default.

Recursive scanning is supported since archives can also contain other archives.
The --max-archive-depth flag sets the recursion limit. Recursion stops when
there are no new archives to extract, so setting a very high max depth just
sets the potential to go that deep. It will only go as deep as it needs to.

The findings for secrets located within an archive will include the path to the
file inside the archive. Inner paths are separated with !.

Example finding (shortened for brevity):

Finding:     DB_PASSWORD=8ae31cacf141669ddfb5da
...
File:        testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod
Line:        4
Commit:      6e6ee6596d337bb656496425fb98644eb62b4a82
...
Fingerprint: 6e6ee6596d337bb656496425fb98644eb62b4a82:testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod:generic-api-key:4
Link:        https://github.com/leaktk/gitleaks/blob/6e6ee6596d337bb656496425fb98644eb62b4a82/testdata/archives/nested.tar.gz

This means a secret was detected on line 4 of files/.env.prod. which is in
archives/files.tar which is in testdata/archives/nested.tar.gz.

Currently supported formats:

The compression
and archive
formats supported by mholt's archives package
are supported.

pre-commit/pre-commit (pre-commit)

v4.3.0

Compare Source

==================

Features
yaml/pyyaml (pyyaml)

v6.0.3

Compare Source

What's Changed

  • Support for Python 3.14 and free-threading (experimental).

Full Changelog: https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3

woodpecker-plugins/docker-buildx (woodpeckerci/plugin-docker-buildx)

v6.0.3

Compare Source

❤️ Thanks to all contributors! ❤️

@​woodpecker-bot, @​xoxys

📦️ Dependency
  • fix(deps): update module github.com/stretchr/testify to v1.11.1 [#​287]
  • chore(deps): update docker/buildx-bin docker tag to v0.28.0 [#​285]
  • chore(deps): update golang docker tag to v1.25 [#​286]
  • fix(deps): update module github.com/urfave/cli/v3 to v3.4.1 [#​288]
  • chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.4.0 [#​284]
  • chore(deps): update docker docker tag to v28.4.0 [#​283]
  • chore(deps): update docker.io/woodpeckerci/plugin-ready-release-go docker tag to v3.4.0 [#​280]
  • fix(deps): update module github.com/aws/aws-sdk-go to v1.55.8 [#​279]
  • chore(deps): update docker docker tag to v28.3.3 [#​278]
  • chore(deps): update docker docker tag to v28.3.2 [#​274]
  • chore(deps): update docker/buildx-bin docker tag to v0.26.1 [#​277]
  • chore(deps): update docker.io/woodpeckerci/plugin-ready-release-go docker tag to v3.3.0 [#​273]
  • chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v6.0.2 [#​271]
  • chore(deps): update docker docker tag to v28.3.1 [#​270]
Misc
  • Add option BUILDKIT_OCI_MAX_PARALLELISM [#​289]

v6.0.2

Compare Source

❤️ Thanks to all contributors! ❤️

@​joeky888, @​woodpecker-bot

📚 Documentation
  • Update ecr and build args example [#​240]
📦️ Dependency
  • chore(deps): update docker docker tag to v28.3.0 [#​269]
  • chore(deps): update docker/buildx-bin docker tag to v0.25.0 [#​265]
  • fix(deps): update module github.com/urfave/cli/v3 to v3.3.8 [#​262]
  • fix(deps): update module github.com/go-git/go-git/v5 to v5.16.2 [#​261]
  • fix(deps): update module github.com/go-git/go-git/v5 to v5.16.1 [#​260]
  • chore(deps): update docker docker tag to v28.2.2 [#​259]
  • chore(deps): update docker/buildx-bin docker tag to v0.24.0 [#​245]
  • chore(deps): update davidanson/markdownlint-cli2 docker tag to v0.18.1 [#​243]
  • chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v6 [#​236]
  • chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.3.0 [#​242]
Misc
  • chore(deps): update davidanson/markdownlint-cli2 docker tag to v0.18.0 (0a39185)
  • fix(deps): update module github.com/urfave/cli/v3 to v3.3.3 (5aea281)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | alpine_3_20/git | | patch | `2.45.3-r0` -> `2.45.4-r0` | | [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) | repository | minor | `v8.26.0` -> `v8.28.0` | | [pre-commit](https://github.com/pre-commit/pre-commit) | | minor | `4.2.0` -> `4.3.0` | | [pyyaml](https://pyyaml.org/) ([source](https://github.com/yaml/pyyaml)) | pre-commit-python | patch | `==6.0.2` -> `==6.0.3` | | [woodpeckerci/plugin-docker-buildx](https://codeberg.org/woodpecker-plugins/docker-buildx) ([source](https://codeberg.org/woodpecker-plugins/docker-buildx.git)) | | patch | `6.0.1` -> `6.0.3` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://github.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>gitleaks/gitleaks (gitleaks/gitleaks)</summary> ### [`v8.28.0`](https://github.com/gitleaks/gitleaks/releases/tag/v8.28.0) [Compare Source](https://github.com/gitleaks/gitleaks/compare/v8.27.2...v8.28.0) #### Changelog - [`4fb4382`](https://github.com/gitleaks/gitleaks/commit/4fb4382) cant count - [`b1c9c7e`](https://github.com/gitleaks/gitleaks/commit/b1c9c7e) Composite rules ([#&#8203;1905](https://github.com/gitleaks/gitleaks/issues/1905)) - [`72977e4`](https://github.com/gitleaks/gitleaks/commit/72977e4) feat: add Anthropic API key detection ([#&#8203;1910](https://github.com/gitleaks/gitleaks/issues/1910)) - [`7b02c98`](https://github.com/gitleaks/gitleaks/commit/7b02c98) fix(git): handle port ([#&#8203;1912](https://github.com/gitleaks/gitleaks/issues/1912)) - [`2a7bcff`](https://github.com/gitleaks/gitleaks/commit/2a7bcff) dont prematurely calculate fragment newlines ([#&#8203;1909](https://github.com/gitleaks/gitleaks/issues/1909)) - [`bd79c3e`](https://github.com/gitleaks/gitleaks/commit/bd79c3e) feat(allowlist): promote optimizations ([#&#8203;1908](https://github.com/gitleaks/gitleaks/issues/1908)) - [`7fb4eda`](https://github.com/gitleaks/gitleaks/commit/7fb4eda) Fix: CVEs on go and go crypto ([#&#8203;1868](https://github.com/gitleaks/gitleaks/issues/1868)) - [`a044b81`](https://github.com/gitleaks/gitleaks/commit/a044b81) feat: add artifactory reference token and api key detection ([#&#8203;1906](https://github.com/gitleaks/gitleaks/issues/1906)) - [`bf380d4`](https://github.com/gitleaks/gitleaks/commit/bf380d4) silly - [`f487f85`](https://github.com/gitleaks/gitleaks/commit/f487f85) Update gitleaks.yml - [`958f55a`](https://github.com/gitleaks/gitleaks/commit/958f55a) add just like that, no leaks ##### Optimizations [#&#8203;1909](https://github.com/gitleaks/gitleaks/issues/1909) waits to find newlines until a match. This ends up saving a boat load of time since before we were finding newlines for every fragment regardless if a rule matched or not. [#&#8203;1908](https://github.com/gitleaks/gitleaks/issues/1908) promoted [@&#8203;rgmz](https://github.com/rgmz) excellent stopword optimization ##### Composite Rules (Multi-part or `required` Rules) [#&#8203;1905](https://github.com/gitleaks/gitleaks/issues/1905) In v8.28.0 Gitleaks introduced composite rules, which are made up of a single "primary" rule and one or more auxiliary or `required` rules. To create a composite rule, add a `[[rules.required]]` table to the primary rule specifying an `id` and optionally `withinLines` and/or `withinColumns` proximity constraints. A fragment is a chunk of content that Gitleaks processes at once (typically a file, part of a file, or git diff), and proximity matching instructs the primary rule to only report a finding if the auxiliary `required` rules also find matches within the specified area of the fragment. **Proximity matching:** Using the `withinLines` and `withinColumns` fields instructs the primary rule to only report a finding if the auxiliary `required` rules also find matches within the specified proximity. You can set: - **`withinLines: N`** - required findings must be within N lines (vertically) - **`withinColumns: N`** - required findings must be within N characters (horizontally) - **Both** - creates a rectangular search area (both constraints must be satisfied) - **Neither** - fragment-level matching (required findings can be anywhere in the same fragment) Here are diagrams illustrating each proximity behavior: ``` p = primary captured secret a = auxiliary (required) captured secret fragment = section of data gitleaks is looking at *Fragment-level proximity* Any required finding in the fragment ┌────────┐ ┌──────┤fragment├─────┐ │ └──────┬─┤ │ ┌───────┐ │ │a│◀────┼─│✓ MATCH│ │ ┌─┐└─┘ │ └───────┘ │┌─┐ │p│ │ ││a│ ┌─┐└─┘ │ ┌───────┐ │└─┘ │a│◀──────────┼─│✓ MATCH│ └─▲─────┴─┴───────────┘ └───────┘ │ ┌───────┐ └────│✓ MATCH│ └───────┘ *Column bounded proximity* `withinColumns = 3` ┌────────┐ ┌────┬─┤fragment├─┬───┐ │ └──────┬─┤ │ ┌───────────┐ │ │ │a│◀┼───┼─│+1C ✓ MATCH│ │ ┌─┐└─┘ │ └───────────┘ │┌─┐ │ │p│ │ │ ┌──▶│a│ ┌─┐ └─┘ │ ┌───────────┐ │ │└─┘ ││a│◀────────┼───┼─│-2C ✓ MATCH│ │ │ ┘ │ └───────────┘ │ └── -3C ───0C─── +3C ─┘ │ ┌─────────┐ │ │ -4C ✗ NO│ └──│ MATCH │ └─────────┘ *Line bounded proximity* `withinLines = 4` ┌────────┐ ┌─────┤fragment├─────┐ +4L─ ─ ┴────────┘─ ─ ─│ │ │ │ ┌─┐ │ ┌────────────┐ │ ┌─┐ │a│◀──┼─│+1L ✓ MATCH │ 0L ┌─┐ │p│ └─┘ │ ├────────────┤ │ │a│◀──┴─┴────────┼─│-1L ✓ MATCH │ │ └─┘ │ └────────────┘ │ │ ┌─────────┐ -4L─ ─ ─ ─ ─ ─ ─ ─┌─┐─│ │-5L ✗ NO │ │ │a│◀┼─│ MATCH │ └────────────────┴─┴─┘ └─────────┘ *Line and column bounded proximity* `withinLines = 4` `withinColumns = 3` ┌────────┐ ┌─────┤fragment├─────┐ +4L ┌└────────┴ ┐ │ │ ┌─┐ │ ┌───────────────┐ │ │ │a│◀┼───┼─│+2L/+1C ✓ MATCH│ │ ┌─┐└─┘ │ └───────────────┘ 0L │ │p│ │ │ │ └─┘ │ │ │ │ │ ┌────────────┐ -4L ─ ─ ─ ─ ─ ─┌─┐ │ │-5L/+3C ✗ NO│ │ │a│◀┼─│ MATCH │ └───-3C────0L───+3C┴─┘ └────────────┘ ``` ### [`v8.27.2`](https://github.com/gitleaks/gitleaks/releases/tag/v8.27.2) [Compare Source](https://github.com/gitleaks/gitleaks/compare/v8.27.1...v8.27.2) #### Changelog - [`c7acf33`](https://github.com/gitleaks/gitleaks/commit/c7acf33) Merge branch 'master' of github.com:gitleaks/gitleaks - [`9faaa4a`](https://github.com/gitleaks/gitleaks/commit/9faaa4a) Add experimental allowlist optimizations ([#&#8203;1731](https://github.com/gitleaks/gitleaks/issues/1731)) - [`79068b3`](https://github.com/gitleaks/gitleaks/commit/79068b3) Detect Notion Public API Keys [#&#8203;1889](https://github.com/gitleaks/gitleaks/issues/1889) ([#&#8203;1890](https://github.com/gitleaks/gitleaks/issues/1890)) ### [`v8.27.1`](https://github.com/gitleaks/gitleaks/releases/tag/v8.27.1) [Compare Source](https://github.com/gitleaks/gitleaks/compare/v8.27.0...v8.27.1) #### Changelog - [`80468ef`](https://github.com/gitleaks/gitleaks/commit/80468ef) Merge branch 'master' of github.com:gitleaks/gitleaks - [`ef82237`](https://github.com/gitleaks/gitleaks/commit/ef82237) fix(atlassian): reduce false-positives for v1 pattern ([#&#8203;1892](https://github.com/gitleaks/gitleaks/issues/1892)) - [`2463f11`](https://github.com/gitleaks/gitleaks/commit/2463f11) Fix log suppresion issue ([#&#8203;1887](https://github.com/gitleaks/gitleaks/issues/1887)) - [`6f251ee`](https://github.com/gitleaks/gitleaks/commit/6f251ee) Added Heroku API Key New Version ([#&#8203;1883](https://github.com/gitleaks/gitleaks/issues/1883)) - [`20f9a1d`](https://github.com/gitleaks/gitleaks/commit/20f9a1d) Add Platform Bitbucket ([#&#8203;1886](https://github.com/gitleaks/gitleaks/issues/1886)) - [`722ce82`](https://github.com/gitleaks/gitleaks/commit/722ce82) Add Platform Gitea ([#&#8203;1884](https://github.com/gitleaks/gitleaks/issues/1884)) - [`79780b8`](https://github.com/gitleaks/gitleaks/commit/79780b8) Merge branch 'master' of github.com:gitleaks/gitleaks - [`c5683ca`](https://github.com/gitleaks/gitleaks/commit/c5683ca) prevent default warn message when max-archive-depth not set ([#&#8203;1881](https://github.com/gitleaks/gitleaks/issues/1881)) - [`0357c3c`](https://github.com/gitleaks/gitleaks/commit/0357c3c) prevent default warn message when max-archive-depth not set ### [`v8.27.0`](https://github.com/gitleaks/gitleaks/releases/tag/v8.27.0) [Compare Source](https://github.com/gitleaks/gitleaks/compare/v8.26.0...v8.27.0) #### Changelog - [`782f310`](https://github.com/gitleaks/gitleaks/commit/782f310) Archive support ([#&#8203;1872](https://github.com/gitleaks/gitleaks/issues/1872)) - [`489d13c`](https://github.com/gitleaks/gitleaks/commit/489d13c) Update README.md - [`d29ee55`](https://github.com/gitleaks/gitleaks/commit/d29ee55) Reduce aws-access-token false positives ([#&#8203;1876](https://github.com/gitleaks/gitleaks/issues/1876)) - [`611db65`](https://github.com/gitleaks/gitleaks/commit/611db65) Set `pass_filenames` to `false` for Docker hook ([#&#8203;1850](https://github.com/gitleaks/gitleaks/issues/1850)) - [`0589ae0`](https://github.com/gitleaks/gitleaks/commit/0589ae0) unicode decoding ([#&#8203;1854](https://github.com/gitleaks/gitleaks/issues/1854)) - [`82f7e32`](https://github.com/gitleaks/gitleaks/commit/82f7e32) Diagnostics ([#&#8203;1856](https://github.com/gitleaks/gitleaks/issues/1856)) - [`f97a9ee`](https://github.com/gitleaks/gitleaks/commit/f97a9ee) chore: include decoder in debug log ([#&#8203;1853](https://github.com/gitleaks/gitleaks/issues/1853)) Got another [@&#8203;bplaxco](https://github.com/bplaxco) release. Cheers! ##### Archive Scanning Sometimes secrets are packaged within archive files like zip files or tarballs, making them difficult to discover. Now you can tell gitleaks to automatically extract and scan the contents of archives. The flag `--max-archive-depth` enables this feature for both `dir` and `git` scan types. The default value of "0" means this feature is disabled by default. Recursive scanning is supported since archives can also contain other archives. The `--max-archive-depth` flag sets the recursion limit. Recursion stops when there are no new archives to extract, so setting a very high max depth just sets the potential to go that deep. It will only go as deep as it needs to. The findings for secrets located within an archive will include the path to the file inside the archive. Inner paths are separated with `!`. Example finding (shortened for brevity): ``` Finding: DB_PASSWORD=8ae31cacf141669ddfb5da ... File: testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod Line: 4 Commit: 6e6ee6596d337bb656496425fb98644eb62b4a82 ... Fingerprint: 6e6ee6596d337bb656496425fb98644eb62b4a82:testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod:generic-api-key:4 Link: https://github.com/leaktk/gitleaks/blob/6e6ee6596d337bb656496425fb98644eb62b4a82/testdata/archives/nested.tar.gz ``` This means a secret was detected on line 4 of `files/.env.prod.` which is in `archives/files.tar` which is in `testdata/archives/nested.tar.gz`. Currently supported formats: The [compression](https://github.com/mholt/archives?tab=readme-ov-file#supported-compression-formats) and [archive](https://github.com/mholt/archives?tab=readme-ov-file#supported-archive-formats) formats supported by mholt's [archives package](https://github.com/mholt/archives) are supported. </details> <details> <summary>pre-commit/pre-commit (pre-commit)</summary> ### [`v4.3.0`](https://github.com/pre-commit/pre-commit/blob/HEAD/CHANGELOG.md#430---2025-08-09) [Compare Source](https://github.com/pre-commit/pre-commit/compare/v4.2.0...v4.3.0) \================== ##### Features - `language: docker` / `language: docker_image`: detect rootless docker. - [#&#8203;3446](https://github.com/pre-commit/pre-commit/issues/3446) PR by [@&#8203;matthewhughes934](https://github.com/matthewhughes934). - [#&#8203;1243](https://github.com/pre-commit/pre-commit/issues/1243) issue by [@&#8203;dkolepp](https://github.com/dkolepp). - `language: julia`: avoid `startup.jl` when executing hooks. - [#&#8203;3496](https://github.com/pre-commit/pre-commit/issues/3496) PR by [@&#8203;ericphanson](https://github.com/ericphanson). - `language: dart`: support latest dart versions which require a higher sdk lower bound. - [#&#8203;3507](https://github.com/pre-commit/pre-commit/issues/3507) PR by [@&#8203;bc-lee](https://github.com/bc-lee). </details> <details> <summary>yaml/pyyaml (pyyaml)</summary> ### [`v6.0.3`](https://github.com/yaml/pyyaml/releases/tag/6.0.3) [Compare Source](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3) #### What's Changed - Support for Python 3.14 and free-threading (experimental). **Full Changelog**: https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3 </details> <details> <summary>woodpecker-plugins/docker-buildx (woodpeckerci/plugin-docker-buildx)</summary> ### [`v6.0.3`](https://codeberg.org/woodpecker-plugins/docker-buildx/blob/HEAD/CHANGELOG.md#603---2025-09-29) [Compare Source](https://codeberg.org/woodpecker-plugins/docker-buildx/compare/v6.0.2...v6.0.3) ##### ❤️ Thanks to all contributors! ❤️ [@&#8203;woodpecker-bot](https://github.com/woodpecker-bot), [@&#8203;xoxys](https://github.com/xoxys) ##### 📦️ Dependency - fix(deps): update module github.com/stretchr/testify to v1.11.1 \[[#&#8203;287](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/287)] - chore(deps): update docker/buildx-bin docker tag to v0.28.0 \[[#&#8203;285](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/285)] - chore(deps): update golang docker tag to v1.25 \[[#&#8203;286](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/286)] - fix(deps): update module github.com/urfave/cli/v3 to v3.4.1 \[[#&#8203;288](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/288)] - chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.4.0 \[[#&#8203;284](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/284)] - chore(deps): update docker docker tag to v28.4.0 \[[#&#8203;283](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/283)] - chore(deps): update docker.io/woodpeckerci/plugin-ready-release-go docker tag to v3.4.0 \[[#&#8203;280](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/280)] - fix(deps): update module github.com/aws/aws-sdk-go to v1.55.8 \[[#&#8203;279](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/279)] - chore(deps): update docker docker tag to v28.3.3 \[[#&#8203;278](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/278)] - chore(deps): update docker docker tag to v28.3.2 \[[#&#8203;274](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/274)] - chore(deps): update docker/buildx-bin docker tag to v0.26.1 \[[#&#8203;277](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/277)] - chore(deps): update docker.io/woodpeckerci/plugin-ready-release-go docker tag to v3.3.0 \[[#&#8203;273](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/273)] - chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v6.0.2 \[[#&#8203;271](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/271)] - chore(deps): update docker docker tag to v28.3.1 \[[#&#8203;270](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/270)] ##### Misc - Add option BUILDKIT\_OCI\_MAX\_PARALLELISM \[[#&#8203;289](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/289)] ### [`v6.0.2`](https://codeberg.org/woodpecker-plugins/docker-buildx/blob/HEAD/CHANGELOG.md#602---2025-06-28) [Compare Source](https://codeberg.org/woodpecker-plugins/docker-buildx/compare/v6.0.1...v6.0.2) ##### ❤️ Thanks to all contributors! ❤️ [@&#8203;joeky888](https://github.com/joeky888), [@&#8203;woodpecker-bot](https://github.com/woodpecker-bot) ##### 📚 Documentation - Update ecr and build args example \[[#&#8203;240](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/240)] ##### 📦️ Dependency - chore(deps): update docker docker tag to v28.3.0 \[[#&#8203;269](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/269)] - chore(deps): update docker/buildx-bin docker tag to v0.25.0 \[[#&#8203;265](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/265)] - fix(deps): update module github.com/urfave/cli/v3 to v3.3.8 \[[#&#8203;262](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/262)] - fix(deps): update module github.com/go-git/go-git/v5 to v5.16.2 \[[#&#8203;261](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/261)] - fix(deps): update module github.com/go-git/go-git/v5 to v5.16.1 \[[#&#8203;260](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/260)] - chore(deps): update docker docker tag to v28.2.2 \[[#&#8203;259](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/259)] - chore(deps): update docker/buildx-bin docker tag to v0.24.0 \[[#&#8203;245](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/245)] - chore(deps): update davidanson/markdownlint-cli2 docker tag to v0.18.1 \[[#&#8203;243](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/243)] - chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v6 \[[#&#8203;236](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/236)] - chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.3.0 \[[#&#8203;242](https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/242)] ##### Misc - chore(deps): update davidanson/markdownlint-cli2 docker tag to v0.18.0 ([0a39185](https://codeberg.org/woodpecker-plugins/docker-buildx/src/commit/0a39185acaa74762656e29df4ac005ad4994c485)) - fix(deps): update module github.com/urfave/cli/v3 to v3.3.3 ([5aea281](https://codeberg.org/woodpecker-plugins/docker-buildx/src/commit/5aea281bddfef64a1f27fcd468d8fc2b016f10f9)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC4zNi4yIiwidXBkYXRlZEluVmVyIjoiNDAuNjIuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
renovate changed title from Renovate: Update pre-commit hook gitleaks/gitleaks to v8.27.0 to Renovate: Update pre-commit hook gitleaks/gitleaks to v8.27.2 2025-06-09 11:09:01 +02:00
renovate force-pushed renovate-all-minor-patch from eca35a1874 to a412ab1261 2025-06-09 11:09:03 +02:00 Compare
renovate changed title from Renovate: Update pre-commit hook gitleaks/gitleaks to v8.27.2 to Renovate: Update all non-major dependencies 2025-07-01 11:08:06 +02:00
renovate force-pushed renovate-all-minor-patch from a412ab1261 to ed1a69508a 2025-07-01 11:08:07 +02:00 Compare
renovate force-pushed renovate-all-minor-patch from ed1a69508a to 4e8f4ef2d7 2025-07-10 11:08:30 +02:00 Compare
renovate force-pushed renovate-all-minor-patch from 4e8f4ef2d7 to a6fea7b5ff 2025-07-21 11:14:17 +02:00 Compare
renovate force-pushed renovate-all-minor-patch from a6fea7b5ff to 2bfa83a4b2 2025-08-11 11:06:33 +02:00 Compare
renovate force-pushed renovate-all-minor-patch from 2bfa83a4b2 to 8ebc225432 2025-09-26 09:06:47 +02:00 Compare
renovate force-pushed renovate-all-minor-patch from 8ebc225432 to f0d8ab818a 2025-09-30 16:06:10 +02:00 Compare
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin renovate-all-minor-patch:renovate-all-minor-patch
git switch renovate-all-minor-patch

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main
git merge --no-ff renovate-all-minor-patch
git switch renovate-all-minor-patch
git rebase main
git switch main
git merge --ff-only renovate-all-minor-patch
git switch renovate-all-minor-patch
git rebase main
git switch main
git merge --no-ff renovate-all-minor-patch
git switch main
git merge --squash renovate-all-minor-patch
git switch main
git merge --ff-only renovate-all-minor-patch
git switch main
git merge renovate-all-minor-patch
git push origin main
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
verdigado-images/container-pre-commit!54
No description provided.