Commit graph

523 commits

Author SHA1 Message Date
dependabot[bot]
1b8616ca89
chore(deps)(deps): bump the github-actions-minor group across 1 directory with 8 updates (#7289)
Bumps the github-actions-minor group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.17.0` | `2.19.0` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` |
| [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` |
| [KSXGitHub/github-actions-deploy-aur](https://github.com/ksxgithub/github-actions-deploy-aur) | `4.1.2` | `4.1.3` |
| [signpath/github-action-submit-signing-request](https://github.com/signpath/github-action-submit-signing-request) | `2.1` | `2.2` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.93` | `1.0.101` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.35.2` |
| [cloudflare/wrangler-action](https://github.com/cloudflare/wrangler-action) | `3.14.1` | `3.15.0` |



Updates `step-security/harden-runner` from 2.17.0 to 2.19.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](f808768d15...8d3c67de8e)

Updates `actions/setup-node` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](53b83947a5...48b55a011b)

Updates `actions/cache` from 5.0.4 to 5.0.5
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](668228422a...27d5ce7f10)

Updates `KSXGitHub/github-actions-deploy-aur` from 4.1.2 to 4.1.3
- [Release notes](https://github.com/ksxgithub/github-actions-deploy-aur/releases)
- [Commits](abe8ac26b5...da03e16036)

Updates `signpath/github-action-submit-signing-request` from 2.1 to 2.2
- [Release notes](https://github.com/signpath/github-action-submit-signing-request/releases)
- [Commits](bc66d86b01...b9d91eadd3)

Updates `anthropics/claude-code-action` from 1.0.93 to 1.0.101
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](b47fd721da...38ec876110)

Updates `github/codeql-action` from 4.35.1 to 4.35.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](c10b8064de...95e58e9a2c)

Updates `cloudflare/wrangler-action` from 3.14.1 to 3.15.0
- [Release notes](https://github.com/cloudflare/wrangler-action/releases)
- [Changelog](https://github.com/cloudflare/wrangler-action/blob/main/CHANGELOG.md)
- [Commits](da0e0dfe58...9acf94ace1)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: actions/cache
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: KSXGitHub/github-actions-deploy-aur
  dependency-version: 4.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: signpath/github-action-submit-signing-request
  dependency-version: '2.2'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.101
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.35.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: cloudflare/wrangler-action
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-20 13:41:16 +02:00
Johannes Millan
01e30b9c7e
Feat/to me it looks like there are lots of 60dd04 (#7280)
* fix(issue): prevent crash from orphan issueProviderId (#7135)

The Jira image-headers effect in task-detail-panel subscribed to
selectIssueProviderById without an error handler, so a task with an
issueProviderId pointing at a deleted provider (e.g. after sync
convergence where taskIdsToUnlink didn't cover all local tasks)
propagated the selector throw to Zone.js as a crash dialog. Wrap the
inner selector observable in catchError that logs and falls back to
of(null); the downstream jiraCfg?.isEnabled guard handles the fallback.

Also drop IssueLog.log(issueProviderKey, issueProvider) from the
throwing variant of the selector: providers may carry credentials
(host, token, apiKey) and IssueLog history is exportable.

* fix(focus-mode): sync tray countdown with in-app timer during breaks

Tray title was rebuilt from a cached currentFocusSessionTime that only
refreshed when CURRENT_TASK_UPDATED fired. addTimeSpent is gated on an
active current task, so during focus-mode breaks or task-less focus
sessions the cache froze while the in-app timer kept ticking.

Add the tick action to taskChangeElectron$ so the cache refreshes every
second whenever the focus timer is running.

Fixes #7278

* fix(ci): restore GitHub Actions SHA pins undone by 0e9218bd68

Commit 0e9218bd68 silently reverted PR #7212 (github-actions-minor group
bump) along with its stated sync/client-id work. This restores the 15
workflow files to their pre-revert state.

Actions restored to newer pinned SHAs:
- actions/upload-artifact v7.0.0 -> v7.0.1
- step-security/harden-runner v2.16.1 -> v2.17.0
- softprops/action-gh-release v2.6.1 -> v3.0.0
- signpath/github-action-submit-signing-request v2.0 -> v2.1
- anthropics/claude-code-action v1.0.89 -> v1.0.93
- docker/build-push-action v7.0.0 -> v7.1.0
- easingthemes/ssh-deploy v5.1.1 -> v6.0.3

* fix: restore i18n, UI, and docs work undone by 0e9218bd68

Commit 0e9218bd68 silently reverted the following work alongside its stated
sync/client-id changes. Files where later master commits (fec7b25f23, etc.)
already re-applied the reverted work are intentionally left untouched.

Restored:
- #7232 docs/long-term-plans/location-based-reminders.md (513 lines)
- #7199 Romanian i18n phase 3 (ro.json + ro-md.json, ~1168 lines)
- #7049 Polish translation improvements
- #7143 planner component styling (4 scss files)
- #7211 add-task-bar preserve time estimate when typing title
- #7208 task.reducer roll-up estimates for added subtasks
- #6767 focus-mode pomodoro reset button
- #7205 plugin-dev github-issue-provider TOKEN description
- #7231 mobile-bottom-nav FAB fix
- a4fe03272 iOS keyboard accessory bar (global-theme + dialog-fullscreen-markdown)
- 309670db3 ShortSyntaxEffects undefined guard
- 667a7986f Dropbox PKCE auth comment/behavior

* fix(electron): restore electron + e2e work undone by 0e9218bd68

Commit 0e9218bd68 silently reverted the following electron/e2e work.
Files already re-fixed by later master commits are left as-is:
- e2e/tests/sync/supersync-archive-conflict.spec.ts (de33234976 + 191d129ff3)

Restored:
- e8a3e156eb fix(electron): Linux autostart IDB backing-store recovery
  (re-adds electron/clear-stale-idb-locks.ts + start-app.ts wiring)
- 5ce78a5b63 fix(electron): macOS Cmd+Q / Dock > Quit hang
  (setIsQuiting + before-quit delegate to close-handler)
- 46e0fa2d01 fix(sync): FILE_SYNC_LIST_FILES IPC contract
  (electronAPI.d.ts + local-file-sync + preload + ipc-events)
- ea1ef16307 fix(android): session-only SAF permissions on OEM devices
- 8865dc0a50 test(e2e): supersync parallel-worker stampede guard
  (SUPERSYNC_SERVER_HEALTHY env-var fallback + goto retry loop)
- af7c7687e2 test(e2e): block WS-triggered downloads in non-WS specs
- 265b44db5d test(e2e): premature waitForURL on daily-summary
  (this is literally the fix the bad commit's message claimed to add)

Conflict resolutions:
- e2e/utils/supersync-helpers.ts: kept the refined getDoneTaskElement
  checks from d64014d086 (later than c558bcab5e) while restoring the
  goto retry loop from 8865dc0a50.
- electron/start-app.ts: unioned imports (setIsQuiting +
  clearStaleLevelDbLocks from theirs, fs from ours).

* fix(sync): restore sync-core work undone by 0e9218bd68

Commit 0e9218bd68 silently reverted parts of several sync fixes. Most
sync-core reverts have already been re-addressed differently on master
by later commits (1f5184f6e7, 05cd875dd6, 09f5ced2c9, 7df43358ab,
d9158d6adb, 32dbc95ed9, 8c3b08e016, f89fe1ebc3) — those files are
intentionally left untouched to avoid reverting master's newer work.

This PR restores only the pieces that are genuinely still missing:

- e8a3e156eb fix(electron): IDB backing-store autoreload (in-app piece)
  operation-log-hydrator.service.ts + .spec.ts (the electron/clear-
  stale-idb-locks.ts piece was restored in the prior commit)

Plus three low-risk documentation/cleanup restorations:
- operation-sync.util.ts — add "Nextcloud" to isFileBasedProvider JSDoc
- dropbox.ts — restore improved _getRedirectUri JSDoc (667a7986fb)
- dialog-get-and-enter-auth-code.component.ts — restore isNativePlatform
  comment explaining why manual code entry flow is used (667a7986fb)
- file-adapter.interface.ts — remove stray "// NEW" comment (46e0fa2d01)

Intentionally NOT restored (master's newer work covers or supersedes):
- sync-trigger.service.ts / sync.effects.ts (05cd875dd6)
- sync-wrapper.service.ts (1f5184f6e7)
- sync-errors.ts (1f5184f6e7 re-added LegacySyncFormatDetectedError)
- file-based-sync-adapter.service.ts + spec (1f5184f6e7 + d9158d6adb)
- file-based-sync.types.ts (1f5184f6e7)
- operation-log.const.ts (32dbc95ed9 bumped IDB_OPEN_RETRIES to 5)
- dialog-sync-initial-cfg.component.ts (f89fe1ebc3)
2026-04-20 12:04:38 +02:00
Johannes Millan
0e9218bd68 fix(sync): handle data validation errors and improve client ID management
- Separate JsonParseError and SyncDataCorruptedError handlers in sync wrapper
- Handle corrupted remote data gracefully instead of throwing
- Add getOrGenerateClientId() as unified entry point, eliminating dual injection
  of ClientIdService + CLIENT_ID_PROVIDER in snapshot-upload, file-based-encryption,
  and sync-hydration services
- Use crypto.getRandomValues() instead of Math.random() for client ID generation
- Warn user when stored client ID is invalid and must be regenerated
- Fix flaky e2e supersync tests (premature waitForURL match on daily-summary URL)
2026-04-16 17:41:39 +02:00
dependabot[bot]
e5d34f6a96
chore(deps)(deps): bump easingthemes/ssh-deploy from 5.1.1 to 6.0.3 (#7151)
Bumps [easingthemes/ssh-deploy](https://github.com/easingthemes/ssh-deploy) from 5.1.1 to 6.0.3.
- [Release notes](https://github.com/easingthemes/ssh-deploy/releases)
- [Changelog](https://github.com/easingthemes/ssh-deploy/blob/main/docs/CHANGELOG.md)
- [Commits](a1aa0b6cf9...2cc5b27bf3)

---
updated-dependencies:
- dependency-name: easingthemes/ssh-deploy
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 16:41:16 +02:00
dependabot[bot]
d77cd0eb93
chore(deps)(deps): bump the github-actions-minor group with 5 updates (#7212)
Bumps the github-actions-minor group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.1` | `2.17.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |
| [signpath/github-action-submit-signing-request](https://github.com/signpath/github-action-submit-signing-request) | `2.0` | `2.1` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.89` | `1.0.93` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.0.0` | `7.1.0` |


Updates `step-security/harden-runner` from 2.16.1 to 2.17.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](fe10465874...f808768d15)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](bbbca2ddaa...043fb46d1a)

Updates `signpath/github-action-submit-signing-request` from 2.0 to 2.1
- [Release notes](https://github.com/signpath/github-action-submit-signing-request/releases)
- [Commits](3f9250c566...bc66d86b01)

Updates `anthropics/claude-code-action` from 1.0.89 to 1.0.93
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](6e2bd52842...b47fd721da)

Updates `docker/build-push-action` from 7.0.0 to 7.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](d08e5c354a...bcafcacb16)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: signpath/github-action-submit-signing-request
  dependency-version: '2.1'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.93
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: docker/build-push-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 16:40:32 +02:00
dependabot[bot]
b074642d01
chore(deps)(deps): bump softprops/action-gh-release (#7213)
Bumps the softprops-action-gh-release-major group with 1 update: [softprops/action-gh-release](https://github.com/softprops/action-gh-release).


Updates `softprops/action-gh-release` from 2.6.1 to 3.0.0
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](153bb8e044...b430933298)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: softprops-action-gh-release-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 16:40:29 +02:00
dependabot[bot]
77a065a1b9
chore(deps)(deps): bump the github-actions-minor group with 7 updates (#7150)
Bumps the github-actions-minor group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.0` | `2.16.1` |
| [gradle/actions](https://github.com/gradle/actions) | `6.0.1` | `6.1.0` |
| [android-actions/setup-android](https://github.com/android-actions/setup-android) | `4.0.0` | `4.0.1` |
| [KSXGitHub/github-actions-deploy-aur](https://github.com/ksxgithub/github-actions-deploy-aur) | `4.1.1` | `4.1.2` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.82` | `1.0.89` |
| [docker/login-action](https://github.com/docker/login-action) | `4.0.0` | `4.1.0` |
| [zenoprax/stalesweeper](https://github.com/zenoprax/stalesweeper) | `1.0.0` | `1.1.2` |


Updates `step-security/harden-runner` from 2.16.0 to 2.16.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](fa2e9d605c...fe10465874)

Updates `gradle/actions` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](39e147cb9d...50e97c2cd7)

Updates `android-actions/setup-android` from 4.0.0 to 4.0.1
- [Release notes](https://github.com/android-actions/setup-android/releases)
- [Commits](651bceb6f9...40fd30fb8d)

Updates `KSXGitHub/github-actions-deploy-aur` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/ksxgithub/github-actions-deploy-aur/releases)
- [Commits](2ac5a4c1d7...abe8ac26b5)

Updates `anthropics/claude-code-action` from 1.0.82 to 1.0.89
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](88c168b39e...6e2bd52842)

Updates `docker/login-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](b45d80f862...4907a6ddec)

Updates `zenoprax/stalesweeper` from 1.0.0 to 1.1.2
- [Release notes](https://github.com/zenoprax/stalesweeper/releases)
- [Commits](https://github.com/zenoprax/stalesweeper/compare/v1.0.0...v1.1.2)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.16.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: gradle/actions
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: android-actions/setup-android
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: KSXGitHub/github-actions-deploy-aur
  dependency-version: 4.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.89
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: docker/login-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: zenoprax/stalesweeper
  dependency-version: 1.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 20:34:50 +02:00
Corey Newton
a1e03ff815
Increase frequency of stale-discussions.yml workflow (#7080)
Despite "failing" in the GH Action logs there is still useful work being done by this action as-is. I have increased the frequency from weekly to daily to accelerate the catch-up process after which I expect it to remain within all rate limits.

I've also re-released by action using SemVer so dependabot should pick up any improvements I make to the rate limit problem itself.
2026-04-01 12:08:44 +02:00
dependabot[bot]
6256cd7839
chore(deps)(deps): bump android-actions/setup-android (#7016)
Bumps [android-actions/setup-android](https://github.com/android-actions/setup-android) from 3.2.2 to 4.0.0.
- [Release notes](https://github.com/android-actions/setup-android/releases)
- [Commits](9fc6c4e906...651bceb6f9)

---
updated-dependencies:
- dependency-name: android-actions/setup-android
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 15:45:06 +02:00
dependabot[bot]
94e2d4304d
chore(deps)(deps): bump the github-actions-minor group with 2 updates (#7014)
Bumps the github-actions-minor group with 2 updates: [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `anthropics/claude-code-action` from 1.0.76 to 1.0.82
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](6062f37096...88c168b39e)

Updates `github/codeql-action` from 4.34.1 to 4.35.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3869755554...c10b8064de)

---
updated-dependencies:
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.82
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 15:44:52 +02:00
dependabot[bot]
07bc4bfa95
chore(deps)(deps): bump gradle/actions from 5.0.2 to 6.0.1 (#7015)
Bumps [gradle/actions](https://github.com/gradle/actions) from 5.0.2 to 6.0.1.
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](0723195856...39e147cb9d)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-version: 6.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 14:39:47 +02:00
Johannes Millan
a4bea36520 feat(tasks): dynamic strikethrough gesture for mobile swipe-right
Replace the accent-colored block + checkmark icon on swipe-right with
a dynamic strikethrough line that follows the touch position. The line
extends from left to right tracking the finger, transitions at the
trigger threshold, and snaps to full width on completion.

For undo (swiping on done tasks), the native text-decoration
line-through fades out via text-decoration-color animation, task
opacity increases from dimmed to full, and the checkmark unchecks.

Key implementation details:
- Strikethrough Y position adapts to task title center, with
  even-line-count offset for multi-line titles
- Undo uses text-decoration-color animation on .display-value
- showUndoneAnimation input on done-toggle removes is-done class
- Left swipe (context menu) behavior is unchanged
- Zero performance impact on desktop (IS_TOUCH_PRIMARY guard)
2026-03-26 17:43:03 +01:00
Johannes Millan
76e2cdd6d8 ci(release): auto-generate release notes from PRs 2026-03-24 21:21:43 +01:00
dependabot[bot]
5b8c722850
chore(deps)(deps): bump the github-actions-minor group with 3 updates (#6933)
Bumps the github-actions-minor group with 3 updates: [actions/cache](https://github.com/actions/cache), [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/cache` from 5.0.3 to 5.0.4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](cdf6c1fa76...668228422a)

Updates `anthropics/claude-code-action` from 1.0.72 to 1.0.76
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](cd77b50d2b...6062f37096)

Updates `github/codeql-action` from 4.32.6 to 4.34.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0d579ffd05...3869755554)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 5.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.76
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.34.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-23 11:21:18 +01:00
Johannes Millan
8e074278e7 ci: add supersync server unit tests to scheduled E2E workflow
Add a new supersync-server-tests job to the scheduled E2E workflow that
runs the SuperSync server unit tests (vitest). These were previously
missing from CI entirely.

Also extend the push path filter to include packages/super-sync-server
and packages/shared-schema so the workflow triggers on pushes to master
that change server code.
2026-03-20 21:36:30 +01:00
Johannes Millan
170af6b877 fix(ci): make SignPath signing a hard requirement for Windows releases
Signing failure previously resulted in no exe files in the release
because all publish steps were gated on signing success, but
continue-on-error silently swallowed the failure. Now the job
fails hard if signing fails, making the problem visible. Also
increases SignPath timeout from 10 to 60 minutes.
2026-03-20 21:36:30 +01:00
Johannes Millan
757b7d4f52 fix(ci): prevent duplicate unsigned exe files in GitHub Releases
Root cause: electron-builder auto-published unsigned files via implicit
tag-based publishing (despite release:false), and spaces in NSIS
artifact names caused naming mismatches — electron-builder sanitized
spaces to hyphens while softprops/action-gh-release converted them
to dots, resulting in three sets of exe files per architecture.

Changes:
- Hardcode NSIS artifactName with hyphens to eliminate spaces
- Add --publish never to explicitly prevent auto-publishing
- Update latest.yml with signed file hashes (preserving EB fields)
- Use lockfile-pinned app-builder-bin for blockmap regeneration
- Scope blockmap publishing to NSIS setup files only
- Fail hard if latest.yml references missing files
2026-03-19 18:58:52 +01:00
Johannes Millan
d708d22729 fix(ci): add shell: bash to npm cache step on Windows runners
PowerShell (default on Windows) treats $GITHUB_OUTPUT as an undefined
variable instead of the environment variable, so the cache path output
was never written, causing actions/cache to fail with "path required".
2026-03-19 15:21:47 +01:00
Johannes Millan
161da56585 fix(ci): close pull_request_target pwn request vulnerability (#6879)
Split PR preview into two workflows using the workflow_run pattern:
- pr-preview-build.yml (pull_request): builds without secret access
- pr-preview-deploy.yml (workflow_run): deploys pre-built artifact with secrets

Prevents fork PR authors from executing arbitrary code with access to
CLOUDFLARE_API_TOKEN, UNSPLASH_KEY, and other repository secrets.
2026-03-19 13:11:36 +01:00
Kondamon
a9a8d5bbb6
ci: add package-lock.json registry check and pin npm registry (#6875)
* ci: add package-lock.json registry check and pin npm registry

Prevents contributors using mirror registries (e.g. npmmirror.com) from
rewriting all resolved URLs in package-lock.json, which also causes
cascading formatting changes due to different dependency versions.

* fix(ci): use || true instead of || echo 0 in registry check

When all resolved URLs are standard, grep -cv outputs 0 and exits with
code 1. The || echo 0 then fires and also outputs 0, making BAD_COUNT
"0\n0" which causes a bash integer expression error. Using || true
swallows the exit code without extra output.

---------

Co-authored-by: Kondamon <kondamon@github.com>
2026-03-19 12:01:40 +01:00
Johannes Millan
fc70665861
Fix recurring task tests and update GitHub Actions output syntax (#6871)
* fix(ci): replace deprecated set-output and fix E2E test failures

- Replace deprecated `::set-output` with `$GITHUB_OUTPUT` in all
  workflow files (build.yml, ci.yml, build-android.yml, manual-build.yml)
- Fix recurring-start-date-epoch-bug-6860 E2E test: use en-GB date
  format (DD/MM/YYYY) instead of US format since app defaults to en-GB
- Fix recurring-future-start-date-bug-6856 E2E test: wait for Save
  button to be enabled, increase persistence wait, and fix
  reload/navigation ordering for more reliable state verification

https://claude.ai/code/session_01JovQ5nVMSVQXUBFVknZtSm

* fix(ci): replace deprecated set-output in remaining workflow files

Fix 3 additional workflow files that still used the deprecated
::set-output syntax: build-create-windows-store-on-release.yml,
build-publish-to-mac-store-on-release.yml, and
build-update-web-app-on-release.yml.

https://claude.ai/code/session_01JovQ5nVMSVQXUBFVknZtSm

---------

Co-authored-by: Claude <noreply@anthropic.com>
2026-03-19 01:42:57 +01:00
Johannes Millan
868c780096 build: remove code reviews by claude 2026-03-18 13:14:10 +01:00
dependabot[bot]
2a8f14f8d2
chore(deps)(deps): bump the github-actions-minor group with 5 updates (#6848)
Bumps the github-actions-minor group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.15.1` | `2.16.0` |
| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.5.0` | `2.6.1` |
| [treosh/lighthouse-ci-action](https://github.com/treosh/lighthouse-ci-action) | `12.6.1` | `12.6.2` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.70` | `1.0.72` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` |


Updates `step-security/harden-runner` from 2.15.1 to 2.16.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](58077d3c7e...fa2e9d605c)

Updates `softprops/action-gh-release` from 2.5.0 to 2.6.1
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](a06a81a03e...153bb8e044)

Updates `treosh/lighthouse-ci-action` from 12.6.1 to 12.6.2
- [Release notes](https://github.com/treosh/lighthouse-ci-action/releases)
- [Commits](fcd65974f7...3e7e23fb74)

Updates `anthropics/claude-code-action` from 1.0.70 to 1.0.72
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](26ec041249...cd77b50d2b)

Updates `actions/download-artifact` from 8.0.0 to 8.0.1
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](70fc10c6e5...3e5f45b2cf)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: softprops/action-gh-release
  dependency-version: 2.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: treosh/lighthouse-ci-action
  dependency-version: 12.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.72
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: actions/download-artifact
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 10:17:25 +01:00
Johannes Millan
d401e6169e feat(tasks): add deadlines feature with reminders and planner integration
Add deadline support for tasks with date-only and time-specific deadlines.

Core:
- Add deadlineDay, deadlineWithTime, deadlineRemindAt fields to task model
- Add NgRx actions (setDeadline, removeDeadline, clearDeadlineReminder)
- Add meta-reducer with mutual exclusivity and input validation
- Register deadline actions in ActionType enum and op-log codes

UI:
- Create deadline dialog with calendar, time input, and reminder options
- Add deadline badge to task list row with overdue warning color
- Add deadline item to task detail panel with flag icon
- Add deadline options to task context menu
- Show deadlines in scheduled list page

Reminders:
- Add deadline reminder effects and selectors
- Show reminder dialog with grouped deadline/schedule sections
- Handle deadline reminder clearing on dismiss, done, add-to-today
- Cancel Android native deadline notifications on delete/archive

Planner:
- Show deadline tasks in planner day view and overdue section
- Create dedicated planner-deadline-task component
- Optimize deadline grouping with O(N) single-pass selector

Other:
- Add deadline-today banner effect for unplanned deadline tasks
- Add translation keys for all deadline UI strings
- Add E2E tests for deadline reminder flows
- Add unit tests for deadline reducer and overdue utility
- Extract shared isDeadlineOverdue utility function
- Guard app-state selectors against undefined during teardown
2026-03-15 18:48:00 +01:00
Johannes Millan
c54ce6196a fix(build): prevent duplicate Windows exe files in releases
The action-electron-builder omits --publish when release=false, causing
electron-builder to default to onTag on CI and publish unsigned files.
The signed files were then published separately, creating duplicates.

- Add --publish never to explicitly prevent auto-publishing
- Hardcode NSIS artifactName with hyphens to avoid SignPath converting
  spaces to dots (Super.Productivity → Super-Productivity)
- Skip blockmap regeneration for portable targets, fail loudly if an
  NSIS blockmap is unexpectedly missing
- Update normalization comment and docs filename reference
2026-03-13 18:51:50 +01:00
Johannes Millan
b8cef7f1f8 ci(release): harden release body generation
- Pin actions/checkout to commit hash for supply-chain security
- Pass github context via env vars to prevent script injection
- Guard against empty PREV_TAG on first release
- Remove unused step id
2026-03-09 14:11:54 +01:00
Johannes Millan
6786ae36ee ci(release): add full changelog link to draft releases 2026-03-09 14:11:54 +01:00
Johannes Millan
ed98e89c55 fix(ci): prevent secret exfiltration via pull_request_target misuse
Remove allowed_non_write_users: '*' which allowed any fork PR to trigger
the review workflow with base repo secrets. Remove unnecessary id-token:
write permission. Fixes GHSA-v4qq-p376-rvh8.
2026-03-09 14:11:54 +01:00
dependabot[bot]
7df1a7f0f0
chore(deps)(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 (#6771)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.12.0 to 4.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](8d2750c68a...4d04d5d948)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 11:43:26 +01:00
dependabot[bot]
d30027ab4d
chore(deps)(deps): bump docker/metadata-action from 5.10.0 to 6.0.0 (#6772)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.10.0 to 6.0.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](c299e40c65...030e881283)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 11:43:19 +01:00
dependabot[bot]
f930440fc7
chore(deps)(deps): bump the github-actions-minor group with 5 updates (#6770)
Bumps the github-actions-minor group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.15.0` | `2.15.1` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.2.0` | `6.3.0` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.3` | `4.9.0` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.65` | `1.0.70` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.4` | `4.32.6` |


Updates `step-security/harden-runner` from 2.15.0 to 2.15.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](a90bcbc653...58077d3c7e)

Updates `actions/setup-node` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](6044e13b5d...53b83947a5)

Updates `actions/dependency-review-action` from 4.8.3 to 4.9.0
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](05fe457637...2031cfc080)

Updates `anthropics/claude-code-action` from 1.0.65 to 1.0.70
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](220272d388...26ec041249)

Updates `github/codeql-action` from 4.32.4 to 4.32.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](89a39a4e59...0d579ffd05)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.15.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: actions/setup-node
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: actions/dependency-review-action
  dependency-version: 4.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.70
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.32.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 11:43:10 +01:00
dependabot[bot]
93baf54a32
chore(deps)(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 (#6773)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.19.2 to 7.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](10e90e3645...d08e5c354a)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 11:42:56 +01:00
dependabot[bot]
f7348a9217
chore(deps)(deps): bump docker/login-action from 3.7.0 to 4.0.0 (#6774)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](c94ce9fb46...b45d80f862)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 11:42:43 +01:00
Johannes Millan
ade604d28d fix(build): remove duplicate Windows exe uploads in releases
Remove the premature unsigned exe upload that caused duplicate release
assets with different naming (hyphens vs dots). Now only signed binaries
are published via a single upload at the end, guarded by SignPath success.
2026-03-07 22:32:03 +01:00
Johannes Millan
ad815af08a fix(ci): allow Claude code review to read PR files and diff
The review agent was denied all 7 attempts to access PR code because:
- Read/Glob/Grep tools were missing from allowedTools
- Shell pipes/redirects caused Bash(gh pr diff:*) to not match
- gh pr checkout and git diff were not in the allowed list
- Only the base branch was checked out (fetch-depth: 1)
2026-03-03 20:14:54 +01:00
Johannes Millan
04982a28da fix(ci): preserve original filenames when replacing with signed executables
SignPath renames files (spaces become dots), causing duplicate assets on
GitHub releases. Normalize filenames by stripping spaces, dots, and
hyphens to match signed files back to their originals, then overwrite
in-place to preserve the correct asset names for website download links.
2026-03-03 11:27:20 +01:00
Johannes Millan
fbec3c683a ci(e2e): increase SuperSync test shards from 2 to 4
Reduces per-shard test count to ~24 tests, giving more headroom
within the 40-minute job timeout when retries are needed.
2026-03-03 11:27:19 +01:00
dependabot[bot]
413b6a5fd0
chore(deps)(deps): bump the github-actions-minor group with 3 updates (#6687)
Bumps the github-actions-minor group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [gradle/actions](https://github.com/gradle/actions) and [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action).


Updates `step-security/harden-runner` from 2.14.2 to 2.15.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](5ef0c079ce...a90bcbc653)

Updates `gradle/actions` from 5.0.1 to 5.0.2
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](f29f5a9d7b...0723195856)

Updates `anthropics/claude-code-action` from 1.0.55 to 1.0.65
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](edd85d6153...220272d388)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: gradle/actions
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.65
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-02 11:44:51 +01:00
dependabot[bot]
7a2935a8e4
chore(deps)(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (#6688)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7.0.0 to 8.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](37930b1c2a...70fc10c6e5)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-02 11:44:33 +01:00
dependabot[bot]
778f81f1c5
chore(deps)(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#6689)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](b7c566a772...bbbca2ddaa)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-02 11:42:43 +01:00
Johannes Millan
ed7576a0f7 fix(ci): add discussions write permission to stale-discussions workflow
The stalesweeper action needs write access to close discussions and add
comments. Without explicit permissions, the GITHUB_TOKEN only has read
access, causing FORBIDDEN errors.
2026-03-01 11:33:47 +01:00
Johannes Millan
844cd0d95f build(ci): switch SignPath to release-signing policy 2026-02-28 21:41:00 +01:00
Johannes Millan
5552506180 ci(workflows): use node 22 for npm install jobs 2026-02-25 19:14:11 +01:00
Johannes Millan
2ebaebed45 fix(build): use snapcraft upload instead of deprecated push command 2026-02-25 15:27:57 +01:00
Johannes Millan
56b2d19759 ci(windows-store): remove redundant lint and test steps
Lint and unit tests are already covered by the main CI workflow.
Removing them from the Windows Store build avoids failures from
Windows-specific test issues and speeds up artifact creation.
2026-02-25 15:27:56 +01:00
dependabot[bot]
5c93bf1471
chore(deps)(deps): bump the github-actions-minor group with 5 updates (#6610)
Bumps the github-actions-minor group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [browser-actions/setup-chrome](https://github.com/browser-actions/setup-chrome) | `2.1.0` | `2.1.1` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.2` | `4.8.3` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.52` | `1.0.55` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.3` | `4.32.4` |
| [actions/stale](https://github.com/actions/stale) | `10.1.1` | `10.2.0` |


Updates `browser-actions/setup-chrome` from 2.1.0 to 2.1.1
- [Release notes](https://github.com/browser-actions/setup-chrome/releases)
- [Changelog](https://github.com/browser-actions/setup-chrome/blob/master/CHANGELOG.md)
- [Commits](b94431e051...4f8e94349a)

Updates `actions/dependency-review-action` from 4.8.2 to 4.8.3
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](3c4e3dcb1a...05fe457637)

Updates `anthropics/claude-code-action` from 1.0.52 to 1.0.55
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](68cfeead18...edd85d6153)

Updates `github/codeql-action` from 4.32.3 to 4.32.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9e907b5e64...89a39a4e59)

Updates `actions/stale` from 10.1.1 to 10.2.0
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](997185467f...b5d41d4e1d)

---
updated-dependencies:
- dependency-name: browser-actions/setup-chrome
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: actions/dependency-review-action
  dependency-version: 4.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.55
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.32.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: actions/stale
  dependency-version: 10.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 13:16:42 +01:00
dependabot[bot]
a96ad20fde
chore(deps)(deps): bump the github-actions-minor group with 3 updates (#6547)
Bumps the github-actions-minor group with 3 updates: [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action), [github/codeql-action](https://github.com/github/codeql-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `anthropics/claude-code-action` from 1.0.46 to 1.0.52
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](6c61301d8e...68cfeead18)

Updates `github/codeql-action` from 4.32.2 to 4.32.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](45cbd0c69e...9e907b5e64)

Updates `docker/build-push-action` from 6.18.0 to 6.19.2
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](263435318d...10e90e3645)

---
updated-dependencies:
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.52
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.32.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: docker/build-push-action
  dependency-version: 6.19.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-16 10:44:56 +01:00
Corey Newton
d2a7d4936d
ci/discussion pruning (#6548)
* ci(community): initial discussion pruning workflow

This is the original workflow from steffen-karlsson/stalesweeper@v1.1.1
https://github.com/marketplace/actions/stalesweeper
The debug mode does not work which makes testing with dry-run impossible.
There is a re-worked action that probably won't get merged: https://github.com/thenick775/stalesweeper
I'm preserving the original workflow for posterity and potential troubleshooting. See next commit for details.

* ci(community): revised workflow for revised action

This is a new workflow that uses the modified thenick775/stalesweeper action.
https://github.com/LizardByte/community/blob/master/.github/workflows/discussions-stale.yml
Verbose mode appears to built-in now: b7f8c5e1c3
This workflow requires additional modifications as it uses environment variables and other settings that are not applicable to the SP repo.

* ci(community): add first valid workflow

Remove unnecessary permissions.
Remove unnecessary token placeholders.
Reduce frequency of workflow to reduce API calls.
Change defaults for manual runs to use safer options.
Use 180 days for the standard "expiry date" for regular discussions.
Create separate job and expiry for answered questions in "Q&A".
Make an exception for any discussions marked as "documentation gap".

* ci(community): switch action to controlled fork

There is really only a single action in GH Marketplace that does what is
needed and relying on a fork of *that* is a bit risky. I've separated
this commit out for easier `git revert` later on if needed.
2026-02-16 10:41:55 +01:00
Johannes Millan
fb1ba9e0a2 ci(e2e): shard SuperSync tests into 2 parallel jobs
Split the e2e-supersync job using Playwright's --shard flag with a
GitHub Actions matrix strategy to halve wall-clock time and reduce
timeout risk.
2026-02-15 11:19:22 +01:00
Johannes Millan
7afaa0dff1 fix(ci): prevent duplicate draft releases on tag push
Add a create-release job that pre-creates a single draft release
before mac-bin and windows-bin start. This eliminates the race
condition where parallel jobs each created their own draft release.
2026-02-13 17:54:06 +01:00