mirror of
https://github.com/toeverything/AFFiNE.git
synced 2026-03-23 07:40:46 +08:00
v2026.3.9-canary.917
11109 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
renovate[bot]
|
02744cec00 |
chore: bump up apple/swift-collections version to from: "1.4.0" (#14616)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [apple/swift-collections](https://redirect.github.com/apple/swift-collections) | minor | `from: "1.3.0"` → `from: "1.4.0"` | --- ### Release Notes <details> <summary>apple/swift-collections (apple/swift-collections)</summary> ### [`v1.4.0`](https://redirect.github.com/apple/swift-collections/releases/tag/1.4.0): Swift Collections 1.4.0 [Compare Source](https://redirect.github.com/apple/swift-collections/compare/1.3.0...1.4.0) This feature release supports Swift toolchain versions 6.0, 6.1 and 6.2. It includes a variety of bug fixes, and ships the following new features: ##### New ownership-aware ring buffer and hashed container implementations In the `DequeModule` module, we have two new source-stable types that provide ownership-aware ring buffer implementations: - [`struct UniqueDeque<Element>`][UniqueDeque] is a uniquely held, dynamically resizing, noncopyable deque. - [`struct RigidDeque<Element>`][RigidDeque] is a fixed-capacity deque implementation. `RigidDeque`/`UniqueDeque` are to `Deque` like `RigidArray`/`UniqueArray` are to `Array` -- they provide noncopyable embodiments of the same basic data structure, with many of the same operations. [UniqueDeque]: https://swiftpackageindex.com/apple/swift-collections/documentation/dequemodule/uniquedeque [RigidDeque]: https://swiftpackageindex.com/apple/swift-collections/documentation/dequemodule/rigiddeque In the `BasicContainers` module, this release adds previews of four new types, implementing ownership-aware hashed containers: - [`struct UniqueSet<Element>`][UniqueSet] is a uniquely held, dynamically resizing set. - [`struct RigidSet<Element>`][RigidSet] is a fixed-capacity set. - [`struct UniqueDictionary<Key, Value>`][UniqueDictionary] is a uniquely held, dynamically resizing dictionary. - [`struct RigidDictionary<Key, Value>`][RigidDictionary] is a fixed-capacity dictionary. [RigidSet]: https://redirect.github.com/apple/swift-collections/tree/main/Sources/BasicContainers/RigidSet [UniqueSet]: https://redirect.github.com/apple/swift-collections/tree/main/Sources/BasicContainers/UniqueSet [RigidDictionary]: https://redirect.github.com/apple/swift-collections/tree/main/Sources/BasicContainers/RigidDictionary [UniqueDictionary]: https://redirect.github.com/apple/swift-collections/tree/main/Sources/BasicContainers/UniqueDictionary These are direct analogues of the standard `Set` and `Dictionary` types. These types are built on top of the `Equatable` and `Hashable` protocol generalizations that were proposed in [SE-0499]; as that proposal is not yet implemented in any shipping toolchain, these new types are shipping as source-unstable previews, conditional on a new `UnstableHashedContainers` package trait. The final API of these types will also deeply depend on the `struct Borrow` and `struct Inout` proposals (and potentially other language/stdlib improvements) that are currently working their way through the Swift Evolution process. Accordingly, we may need to make source-breaking changes to the interfaces of these types -- they are not ready to be blessed as Public API. However, we encourage intrepid engineers to try them on for size, and report pain points. (Of which we expect there will be many in this first preview.) [SE-0499]: https://redirect.github.com/swiftlang/swift-evolution/blob/main/proposals/0499-support-non-copyable-simple-protocols.md We continue the pattern of `Rigid-` and `Unique-` naming prefixes with these new types: - The `Unique` types (`UniqueArray`, `UniqueDeque`, `UniqueSet`, `UniqueDictionary` etc.) are dynamically self-sizing containers that automatically reallocate their storage as needed to best accommodate their contents; the `Unique` prefix was chosen to highlight that these types are always uniquely held, avoiding the complications of mutating shared copies. - The `Rigid` types remove dynamic sizing, and they operate strictly within an explicitly configured capacity. Dynamic sizing is not always appropriate -- when targeting space- or time-constrained environments (think embedded use cases or real-time work), it is preferable to avoid implicit reallocations, and to instead choose to have explicit control over when (and if) storage is reallocated, and to what size. This is where the `Rigid` types come in: their instances are created with a specific capacity and it is a runtime error to exceed that. This makes them quite inflexible (hence the "rigid" qualifier), but in exchange, their operations provide far stricter complexity guarantees: they exhibit no random runtime latency spikes, and they can trivially fit in strict memory budgets. ##### Early drafts of borrowing sequence, generative iteration and container protocols This release includes highly experimental but *working* implementations of new protocols supplying ownership-aware alternatives to the classic `Sequence`/`Collection` protocol hierarchy. These protocols and the generic operations built on top of them can be turned on by enabling the `UnstableContainersPreview` package trait. - [`protocol BorrowingSequence<Element>`][BorrowingSequence] models borrowing sequences with ephemeral lifetimes. (This is already progressing through Swift Evolution.) - [`protocol Container<Element>`][Container] models constructs that physically store their contents, and can expose stable spans over them. - [`protocol Producer<Element, ProducerError>`][Producer] models a generative iterator -- a construct that generates items demand. - [`protocol Drain<Element>`][Drain] refines `Producer` to model an in-place consumable elements -- primarily for use around container types. [BorrowingSequence]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Protocols/BorrowingSequence.swift [BorrowingIteratorProtocol]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Protocols/BorrowingIteratorProtocol.swift [Container]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Protocols/Container.swift [Producer]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Protocols/Producer.swift [Drain]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Protocols/Drain.swift In this version, the package has developed these protocols just enough to implement basic generic operations for moving data between containers like `UniqueArray` and `RigidDeque`. As we gain experience using these, future releases may start adding basic generic algorithms, more protocols (bidirectional, random-access, (per)mutable, range-replaceable containers etc.) convenience adapters, and other features -- or we may end up entirely overhauling or simply discarding some/all of them. Accordingly, the experimental interfaces enabled by `UnstableContainersPreview` are not source stable, and they are not intended for production use. We expect the eventual production version of these (or whatever designs they evolve into) to ship in the Swift Standard Library. We do highly recommend interested folks to try playing with these, to get a feel for the strange problems of Ownership. Besides these protocols, the package also defines rudimentary substitutes of some basic primitives that belong in the Standard Library: - [`struct InputSpan<Element>`][InputSpan] the dual of `OutputSpan` -- while `OutputSpan` is primarily for moving items *into* somebody else's storage, `InputSpan` enables safely moving items *out of* storage. - [`struct Borrow<Target>`][Borrow] represents a borrowing reference to an item. (This package models this with a pointer, which is an ill-fitting substitute for the real implementation in the stdlib.) - [`struct Inout<Target>`][Inout] represents a mutating reference to an item. [InputSpan]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Types/InputSpan.swift [Borrow]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Types/Borrow.swift [Inout]: https://redirect.github.com/apple/swift-collections/blob/main/Sources/ContainersPreview/Types/Inout.swift ##### A formal way to access `SortedSet` and `SortedDictionary` types The `SortedCollections` module contains (preexisting) early drafts of two sorted collection types `SortedSet` and `SortedDictionary`, built on top of an in-memory B-tree implementation. This release defines an `UnstableSortedCollections` package trait that can be used to enable building these types for experimentation without manually modifying the package. Like in previous releases, these implementations remain unfinished in this release, with known API issues; accordingly, these types remain unstable. (Issue [#​1](https://redirect.github.com/apple/swift-collections/issues/1) remains open.) Future package releases may change their interface in ways that break source compatibility, or they may remove these types altogether. ##### Minor interface-level changes - The `Collections` module no longer uses the unstable `@_exported import` feature. Instead, it publishes public typealiases of every type that it previously reexported from `DequeModule`, `OrderedCollections`, `BitCollections`, `HeapModule` and `HashTreeCollections`. - We renamed some `RigidArray`/`UniqueArray` operations to improve their clarity at the point of use. The old names are still available, but deprecated. | Old name | New name | | ----------------------------------------------- | ------------------------------------------------- | | `append(count:initializingWith:)` | `append(addingCount:initializingWith:)` | | `insert(count:at:initializingWith:)` | `insert(addingCount:at:initializingWith:)` | | `replaceSubrange(_:newCount:initializingWith:)` | `replace(removing:addingCount:initializingWith:)` | | `replaceSubrange(_:moving:)` | `replace(removing:moving:)` | | `replaceSubrange(_:copying:)` | `replace(removing:copying:)` | | `copy()` | `clone()` | | `copy(capacity:)` | `clone(capacity:)` | - We have now defined a complete set of `OutputSpan`/`InputSpan`-based `append`/`insert`/`replace`/`consume` primitives, fully generalized to be implementable by piecewise contiguous containers. These operations pave the way for a `Container`-based analogue of the classic `RangeReplaceableCollection` protocol, with most of the user-facing operations becoming standard generic algorithms built on top of these primitives: ``` mutating func append<E: Error>( addingCount newItemCount: Int, initializingWith initializer: (inout OutputSpan<Element>) throws(E) -> Void ) mutating func insert<E: Error>( addingCount newItemCount: Int, at index: Int, initializingWith initializer: (inout OutputSpan<Element>) throws(E) -> Void ) throws(E) mutating func replace<E: Error>( removing subrange: Range<Int>, consumingWith consumer: (inout InputSpan<Element>) -> Void, addingCount newItemCount: Int, initializingWith initializer: (inout OutputSpan<Element>) throws(E) -> Void ) throws(E) mutating func consume( _ subrange: Range<Int>, consumingWith consumer: (inout InputSpan<Element>) -> Void ) ``` - The package no longer uses the code generation tool `gyb`. #### What's Changed - Fix links in GitHub templates by [@​lorentey](https://redirect.github.com/lorentey) in [#​527](https://redirect.github.com/apple/swift-collections/pull/527) - Adopt `package` access modifier and get rid of gybbing by [@​lorentey](https://redirect.github.com/lorentey) in [#​526](https://redirect.github.com/apple/swift-collections/pull/526) - \[Doc] Fix links in landing page by [@​Azoy](https://redirect.github.com/Azoy) in [#​531](https://redirect.github.com/apple/swift-collections/pull/531) - \[BigString] Refactor \_Chunk to be its own managed buffer of UTF8 by [@​Azoy](https://redirect.github.com/Azoy) in [#​488](https://redirect.github.com/apple/swift-collections/pull/488) - Add new package trait UnstableSortedCollections by [@​lorentey](https://redirect.github.com/lorentey) in [#​533](https://redirect.github.com/apple/swift-collections/pull/533) - \[RopeModule] Fix warnings by [@​lorentey](https://redirect.github.com/lorentey) in [#​534](https://redirect.github.com/apple/swift-collections/pull/534) - Fix ability to build & test BigString with Xcode & CMake by [@​lorentey](https://redirect.github.com/lorentey) in [#​537](https://redirect.github.com/apple/swift-collections/pull/537) - \[BigString] Bring back Index.\_isUTF16TrailingSurrogate by [@​Azoy](https://redirect.github.com/Azoy) in [#​539](https://redirect.github.com/apple/swift-collections/pull/539) - chore: restrict GitHub workflow permissions - future-proof by [@​incertum](https://redirect.github.com/incertum) in [#​540](https://redirect.github.com/apple/swift-collections/pull/540) - \[BitCollections] Add missing imports for InternalCollectionsUtilities by [@​lorentey](https://redirect.github.com/lorentey) in [#​554](https://redirect.github.com/apple/swift-collections/pull/554) - Compare self.value to other, not itself by [@​SiliconA-Z](https://redirect.github.com/SiliconA-Z) in [#​553](https://redirect.github.com/apple/swift-collections/pull/553) - Change useFloyd heuristic to match comment by [@​SiliconA-Z](https://redirect.github.com/SiliconA-Z) in [#​551](https://redirect.github.com/apple/swift-collections/pull/551) - Typo: symmetric difference should be the xor, not intersection by [@​SiliconA-Z](https://redirect.github.com/SiliconA-Z) in [#​550](https://redirect.github.com/apple/swift-collections/pull/550) - first should get the Initialized elements by [@​SiliconA-Z](https://redirect.github.com/SiliconA-Z) in [#​549](https://redirect.github.com/apple/swift-collections/pull/549) - Replace Container with a far less powerful (but more universal) Iterable construct by [@​lorentey](https://redirect.github.com/lorentey) in [#​543](https://redirect.github.com/apple/swift-collections/pull/543) - Temporarily stop testing RigidArray & UniqueArray on release/6.3 snapshots on Linux by [@​lorentey](https://redirect.github.com/lorentey) in [#​562](https://redirect.github.com/apple/swift-collections/pull/562) - \[RigidArray, HashTrees] Mark deinitializers inlinable by [@​lorentey](https://redirect.github.com/lorentey) in [#​560](https://redirect.github.com/apple/swift-collections/pull/560) - GHA: Add weekly dependabot by [@​bkhouri](https://redirect.github.com/bkhouri) in [#​563](https://redirect.github.com/apple/swift-collections/pull/563) - Work around temporary issue with current 6.3 snapshots by [@​lorentey](https://redirect.github.com/lorentey) in [#​565](https://redirect.github.com/apple/swift-collections/pull/565) - Add `RigidDeque` and `UniqueDeque` by [@​lorentey](https://redirect.github.com/lorentey) in [#​557](https://redirect.github.com/apple/swift-collections/pull/557) - \[Collections module] Stop using `@_exported import` by [@​lorentey](https://redirect.github.com/lorentey) in [#​566](https://redirect.github.com/apple/swift-collections/pull/566) - Delete stray benchmark results files by [@​lorentey](https://redirect.github.com/lorentey) in [#​567](https://redirect.github.com/apple/swift-collections/pull/567) - Assorted `RigidArray`/`UniqueArray` updates by [@​lorentey](https://redirect.github.com/lorentey) in [#​569](https://redirect.github.com/apple/swift-collections/pull/569) - `RigidArray`/`UniqueArray`: Add new copying span initializers by [@​Azoy](https://redirect.github.com/Azoy) in [#​572](https://redirect.github.com/apple/swift-collections/pull/572) - `RigidDeque`/`UniqueDeque`: Add some top-level documentation by [@​lorentey](https://redirect.github.com/lorentey) in [#​571](https://redirect.github.com/apple/swift-collections/pull/571) - Update docs for Container.nextSpan(after:maximumCount:) by [@​lorentey](https://redirect.github.com/lorentey) in [#​574](https://redirect.github.com/apple/swift-collections/pull/574) - Remove workaround for bug in OutputSpan.wUMBP by [@​lorentey](https://redirect.github.com/lorentey) in [#​570](https://redirect.github.com/apple/swift-collections/pull/570) - \[RigidArray, RigidDeque].nextSpan: Validate `maximumCount` by [@​lorentey](https://redirect.github.com/lorentey) in [#​575](https://redirect.github.com/apple/swift-collections/pull/575) - Bump swiftlang/github-workflows/.github/workflows/soundness.yml from 0.0.6 to 0.0.7 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​577](https://redirect.github.com/apple/swift-collections/pull/577) - give constant folding an opportunity to select a much faster code path for empty dictionary (and set) literals by [@​tayloraswift](https://redirect.github.com/tayloraswift) in [#​578](https://redirect.github.com/apple/swift-collections/pull/578) - Bump swiftlang/github-workflows/.github/workflows/swift\_package\_test.yml from 0.0.6 to 0.0.7 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​576](https://redirect.github.com/apple/swift-collections/pull/576) - Ownership-aware Set and Dictionary variants by [@​lorentey](https://redirect.github.com/lorentey) in [#​573](https://redirect.github.com/apple/swift-collections/pull/573) - \[Prerelease] Check API for consistency, fill holes, patch incoherencies by [@​lorentey](https://redirect.github.com/lorentey) in [#​581](https://redirect.github.com/apple/swift-collections/pull/581) - \[BitSet] Amend return value of `update(with:)` method by [@​benrimmington](https://redirect.github.com/benrimmington) in [#​538](https://redirect.github.com/apple/swift-collections/pull/538) - \[BasicContainers] Fix spelling of a source file by [@​lorentey](https://redirect.github.com/lorentey) in [#​585](https://redirect.github.com/apple/swift-collections/pull/585) - Include notes about index mutation in `span(after/before:)` (+ other doc fixes) by [@​natecook1000](https://redirect.github.com/natecook1000) in [#​541](https://redirect.github.com/apple/swift-collections/pull/541) - \[BasicContainers] Finalize requirements for hashed containers by [@​lorentey](https://redirect.github.com/lorentey) in [#​586](https://redirect.github.com/apple/swift-collections/pull/586) - Update README for 1.4.0 by [@​lorentey](https://redirect.github.com/lorentey) in [#​587](https://redirect.github.com/apple/swift-collections/pull/587) - Working towards the 1.4.0 tag by [@​lorentey](https://redirect.github.com/lorentey) in [#​588](https://redirect.github.com/apple/swift-collections/pull/588) - \[BasicContainers] Avoid defining set/dictionary types unless UnstableHashedContainers is enabled by [@​lorentey](https://redirect.github.com/lorentey) in [#​589](https://redirect.github.com/apple/swift-collections/pull/589) - \[BasicContainers] RigidArray: Correct spelling of replacement for deprecated method by [@​lorentey](https://redirect.github.com/lorentey) in [#​590](https://redirect.github.com/apple/swift-collections/pull/590) #### New Contributors - [@​incertum](https://redirect.github.com/incertum) made their first contribution in [#​540](https://redirect.github.com/apple/swift-collections/pull/540) - [@​SiliconA-Z](https://redirect.github.com/SiliconA-Z) made their first contribution in [#​553](https://redirect.github.com/apple/swift-collections/pull/553) - [@​bkhouri](https://redirect.github.com/bkhouri) made their first contribution in [#​563](https://redirect.github.com/apple/swift-collections/pull/563) - [@​dependabot](https://redirect.github.com/dependabot)\[bot] made their first contribution in [#​577](https://redirect.github.com/apple/swift-collections/pull/577) - [@​tayloraswift](https://redirect.github.com/tayloraswift) made their first contribution in [#​578](https://redirect.github.com/apple/swift-collections/pull/578) - [@​benrimmington](https://redirect.github.com/benrimmington) made their first contribution in [#​538](https://redirect.github.com/apple/swift-collections/pull/538) **Full Changelog**: <https://github.com/apple/swift-collections/compare/1.3.0...1.4.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>v2026.3.9-canary.917 |
||
|
renovate[bot]
|
6d710f3bdc |
chore: bump up Node.js to v22.22.1 (#14598)
> ℹ️ **Note** > > This PR body was truncated due to platform limits. This PR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://redirect.github.com/nodejs/node)) | patch | `22.22.0` → `22.22.1` | --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v22.22.1`](https://redirect.github.com/nodejs/node/releases/tag/v22.22.1): 2026-03-05, Version 22.22.1 'Jod' (LTS) [Compare Source](https://redirect.github.com/nodejs/node/compare/v22.22.0...v22.22.1) ##### Notable Changes - \[[`7b93a65f27`](https://redirect.github.com/nodejs/node/commit/7b93a65f27)] - **build**: test on Python 3.14 (Christian Clauss) [#​59983](https://redirect.github.com/nodejs/node/pull/59983) - \[[`6063d888fe`](https://redirect.github.com/nodejs/node/commit/6063d888fe)] - **cli**: mark `--heapsnapshot-near-heap-limit` as stable (Joyee Cheung) [#​60956](https://redirect.github.com/nodejs/node/pull/60956) - \[[`d950b151a2`](https://redirect.github.com/nodejs/node/commit/d950b151a2)] - **crypto**: update root certificates to NSS 3.119 (Node.js GitHub Bot) [#​61419](https://redirect.github.com/nodejs/node/pull/61419) - \[[`4f42f8c428`](https://redirect.github.com/nodejs/node/commit/4f42f8c428)] - **crypto**: update root certificates to NSS 3.117 (Node.js GitHub Bot) [#​60741](https://redirect.github.com/nodejs/node/pull/60741) - \[[`b6ebf2cd53`](https://redirect.github.com/nodejs/node/commit/b6ebf2cd53)] - **doc**: add avivkeller to collaborators (Aviv Keller) [#​61115](https://redirect.github.com/nodejs/node/pull/61115) - \[[`35854f424d`](https://redirect.github.com/nodejs/node/commit/35854f424d)] - **doc**: add gurgunday to collaborators (Gürgün Dayıoğlu) [#​61094](https://redirect.github.com/nodejs/node/pull/61094) - \[[`5c6a076e5d`](https://redirect.github.com/nodejs/node/commit/5c6a076e5d)] - **meta**: add Renegade334 to collaborators (Renegade334) [#​60714](https://redirect.github.com/nodejs/node/pull/60714) ##### Commits - \[[`5f773488c2`](https://redirect.github.com/nodejs/node/commit/5f773488c2)] - **assert**: use a set instead of an array for faster lookup (Ruben Bridgewater) [#​61076](https://redirect.github.com/nodejs/node/pull/61076) - \[[`feecbb0eab`](https://redirect.github.com/nodejs/node/commit/feecbb0eab)] - **assert,util**: fix deep comparison for sets and maps with mixed types (Ruben Bridgewater) [#​61388](https://redirect.github.com/nodejs/node/pull/61388) - \[[`096095b127`](https://redirect.github.com/nodejs/node/commit/096095b127)] - **benchmark**: add SQLite benchmarks (Guilherme Araújo) [#​61401](https://redirect.github.com/nodejs/node/pull/61401) - \[[`b5fe481415`](https://redirect.github.com/nodejs/node/commit/b5fe481415)] - **benchmark**: use boolean options in benchmark tests (SeokhunEom) [#​60129](https://redirect.github.com/nodejs/node/pull/60129) - \[[`fa9faacacb`](https://redirect.github.com/nodejs/node/commit/fa9faacacb)] - **benchmark**: allow boolean option values (SeokhunEom) [#​60129](https://redirect.github.com/nodejs/node/pull/60129) - \[[`ba8714ac21`](https://redirect.github.com/nodejs/node/commit/ba8714ac21)] - **benchmark**: fix incorrect base64 input in byteLength benchmark (semimikoh) [#​60841](https://redirect.github.com/nodejs/node/pull/60841) - \[[`53596de876`](https://redirect.github.com/nodejs/node/commit/53596de876)] - **benchmark**: use typescript for import cjs benchmark (Joyee Cheung) [#​60663](https://redirect.github.com/nodejs/node/pull/60663) - \[[`e8930e9d7c`](https://redirect.github.com/nodejs/node/commit/e8930e9d7c)] - **benchmark**: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) [#​60603](https://redirect.github.com/nodejs/node/pull/60603) - \[[`1155e412b1`](https://redirect.github.com/nodejs/node/commit/1155e412b1)] - **benchmark**: add per-suite setup option (Joyee Cheung) [#​60574](https://redirect.github.com/nodejs/node/pull/60574) - \[[`e01903d304`](https://redirect.github.com/nodejs/node/commit/e01903d304)] - **benchmark**: improve cpu.sh for safety and usability (Nam Yooseong) [#​60162](https://redirect.github.com/nodejs/node/pull/60162) - \[[`623a405747`](https://redirect.github.com/nodejs/node/commit/623a405747)] - **benchmark**: add benchmark for leaf source text modules (Joyee Cheung) [#​60205](https://redirect.github.com/nodejs/node/pull/60205) - \[[`7f5e7b9f7f`](https://redirect.github.com/nodejs/node/commit/7f5e7b9f7f)] - **benchmark**: add microbench on isInsideNodeModules (Chengzhong Wu) [#​60991](https://redirect.github.com/nodejs/node/pull/60991) - \[[`db132b85a8`](https://redirect.github.com/nodejs/node/commit/db132b85a8)] - **bootstrap**: initialize http proxy after user module loader setup (Joyee Cheung) [#​58938](https://redirect.github.com/nodejs/node/pull/58938) - \[[`66aab9f987`](https://redirect.github.com/nodejs/node/commit/66aab9f987)] - **buffer**: let Buffer.of use heap (Сковорода Никита Андреевич) [#​60503](https://redirect.github.com/nodejs/node/pull/60503) - \[[`c3cf00c671`](https://redirect.github.com/nodejs/node/commit/c3cf00c671)] - **buffer**: speed up concat via TypedArray#set (Gürgün Dayıoğlu) [#​60399](https://redirect.github.com/nodejs/node/pull/60399) - \[[`f6fad231e9`](https://redirect.github.com/nodejs/node/commit/f6fad231e9)] - **build**: skip sscache action on non-main branches (Joyee Cheung) [#​61790](https://redirect.github.com/nodejs/node/pull/61790) - \[[`2145f91f6b`](https://redirect.github.com/nodejs/node/commit/2145f91f6b)] - **build**: update android-patches/trap-handler.h.patch (Mo Luo) [#​60369](https://redirect.github.com/nodejs/node/pull/60369) - \[[`5b49759dd8`](https://redirect.github.com/nodejs/node/commit/5b49759dd8)] - **build**: update devcontainer.json to use paired nix env (Joyee Cheung) [#​61414](https://redirect.github.com/nodejs/node/pull/61414) - \[[`24724cde40`](https://redirect.github.com/nodejs/node/commit/24724cde40)] - **build**: fix misplaced comma in ldflags (hqzing) [#​61294](https://redirect.github.com/nodejs/node/pull/61294) - \[[`c57a19934e`](https://redirect.github.com/nodejs/node/commit/c57a19934e)] - **build**: fix crate vendor file checksums on windows (Chengzhong Wu) [#​61329](https://redirect.github.com/nodejs/node/pull/61329) - \[[`8659d7cd07`](https://redirect.github.com/nodejs/node/commit/8659d7cd07)] - **build**: fix inconsistent quoting in `Makefile` (Antoine du Hamel) [#​60511](https://redirect.github.com/nodejs/node/pull/60511) - \[[`44f339b315`](https://redirect.github.com/nodejs/node/commit/44f339b315)] - **build**: remove temporal updater (Chengzhong Wu) [#​61151](https://redirect.github.com/nodejs/node/pull/61151) - \[[`d60a6cebd5`](https://redirect.github.com/nodejs/node/commit/d60a6cebd5)] - **build**: update test-wpt-report to use NODE instead of OUT\_NODE (Filip Skokan) [#​61024](https://redirect.github.com/nodejs/node/pull/61024) - \[[`34ccf187f5`](https://redirect.github.com/nodejs/node/commit/34ccf187f5)] - **build**: skip build-ci on actions with a separate test step (Chengzhong Wu) [#​61073](https://redirect.github.com/nodejs/node/pull/61073) - \[[`7b19e101a2`](https://redirect.github.com/nodejs/node/commit/7b19e101a2)] - **build**: run embedtest with node\_g when BUILDTYPE=Debug (Chengzhong Wu) [#​60850](https://redirect.github.com/nodejs/node/pull/60850) - \[[`9408c4459f`](https://redirect.github.com/nodejs/node/commit/9408c4459f)] - **build**: upgrade Python linter ruff, add rules ASYNC,PERF (Christian Clauss) [#​59984](https://redirect.github.com/nodejs/node/pull/59984) - \[[`2166ec7f0f`](https://redirect.github.com/nodejs/node/commit/2166ec7f0f)] - **build**: use call command when calling python configure (Jacob Nichols) [#​60098](https://redirect.github.com/nodejs/node/pull/60098) - \[[`73ef70145d`](https://redirect.github.com/nodejs/node/commit/73ef70145d)] - **build**: remove V8\_COMPRESS\_POINTERS\_IN\_ISOLATE\_CAGE defs (Joyee Cheung) [#​60296](https://redirect.github.com/nodejs/node/pull/60296) - \[[`7b93a65f27`](https://redirect.github.com/nodejs/node/commit/7b93a65f27)] - **build**: test on Python 3.14 (Christian Clauss) [#​59983](https://redirect.github.com/nodejs/node/pull/59983) - \[[`508ce6ec6c`](https://redirect.github.com/nodejs/node/commit/508ce6ec6c)] - **build, src**: fix include paths for vtune files (Rahul) [#​59999](https://redirect.github.com/nodejs/node/pull/59999) - \[[`c89d3cd570`](https://redirect.github.com/nodejs/node/commit/c89d3cd570)] - **build,tools**: fix addon build deadlock on errors (Vladimir Morozov) [#​61321](https://redirect.github.com/nodejs/node/pull/61321) - \[[`40904a0591`](https://redirect.github.com/nodejs/node/commit/40904a0591)] - **build,win**: update WinGet configurations to Python 3.14 (Mike McCready) [#​61431](https://redirect.github.com/nodejs/node/pull/61431) - \[[`6d6742e7db`](https://redirect.github.com/nodejs/node/commit/6d6742e7db)] - **child\_process**: treat ipc length header as unsigned uint32 (Ryuhei Shima) [#​61344](https://redirect.github.com/nodejs/node/pull/61344) - \[[`6063d888fe`](https://redirect.github.com/nodejs/node/commit/6063d888fe)] - **cli**: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung) [#​60956](https://redirect.github.com/nodejs/node/pull/60956) - \[[`3d324a0f88`](https://redirect.github.com/nodejs/node/commit/3d324a0f88)] - **cluster**: fix port reuse between cluster (Ryuhei Shima) [#​60141](https://redirect.github.com/nodejs/node/pull/60141) - \[[`40a58709b4`](https://redirect.github.com/nodejs/node/commit/40a58709b4)] - **console**: optimize single-string logging (Gürgün Dayıoğlu) [#​60422](https://redirect.github.com/nodejs/node/pull/60422) - \[[`d950b151a2`](https://redirect.github.com/nodejs/node/commit/d950b151a2)] - **crypto**: update root certificates to NSS 3.119 (Node.js GitHub Bot) [#​61419](https://redirect.github.com/nodejs/node/pull/61419) - \[[`4f42f8c428`](https://redirect.github.com/nodejs/node/commit/4f42f8c428)] - **crypto**: update root certificates to NSS 3.117 (Node.js GitHub Bot) [#​60741](https://redirect.github.com/nodejs/node/pull/60741) - \[[`a87499ae25`](https://redirect.github.com/nodejs/node/commit/a87499ae25)] - **crypto**: ensure documented RSA-PSS saltLength default is used (Filip Skokan) [#​60662](https://redirect.github.com/nodejs/node/pull/60662) - \[[`8c65cc11e2`](https://redirect.github.com/nodejs/node/commit/8c65cc11e2)] - **crypto**: update root certificates to NSS 3.116 (Node.js GitHub Bot) [#​59956](https://redirect.github.com/nodejs/node/pull/59956) - \[[`91dc00a2c1`](https://redirect.github.com/nodejs/node/commit/91dc00a2c1)] - **debugger**: fix event listener leak in the run command (Joyee Cheung) [#​60464](https://redirect.github.com/nodejs/node/pull/60464) - \[[`0781bd3764`](https://redirect.github.com/nodejs/node/commit/0781bd3764)] - **deps**: V8: backport [`6a0a25a`](https://redirect.github.com/nodejs/node/commit/6a0a25abaed3) (Vivian Wang) [#​61688](https://redirect.github.com/nodejs/node/pull/61688) - \[[`0cf1f9c3e9`](https://redirect.github.com/nodejs/node/commit/0cf1f9c3e9)] - **deps**: update googletest to [`8508785`]( |
||
|
Kenneth Wußmann
|
0b47f92134 |
fix(oidc): allow string boolean in email_verified userinfo schema (#14609)
## Why
When using AWS Cognito as OIDC provider, AFFiNE returns a zod parsing
error because AWS returns `email_verified` as a string in the userinfo
response.
```json
{
"sub": "[UUID]",
"email_verified": "true",
"custom:mycustom1": "CustomValue",
"phone_number_verified": "true",
"phone_number": "+12065551212",
"email": "bob@example.com",
"username": "bob"
}
```
Reference:
https://docs.aws.amazon.com/cognito/latest/developerguide/userinfo-endpoint.html#get-userinfo-response-sample
Error returned in AFFiNE frontend:
```
Validation error, errors: [ { "code": "invalid_type", "expected": "boolean", "received": "string", "path": [ "email_verified" ], "message": "Expected boolean, received string" } ]
```
## What
I'm adjusting the existing `OIDCUserInfoSchema` to allow `z.boolean()`
and `z.enum(['true', 'false', '0', '1', 'yes', 'no'])`.
This matches with [our `extractBoolean` function in the
`OIDCProvider`](
|
||
|
DarkSky
|
9c55edeb62 |
feat(server): adapt gemini3.1 preview (#14583)
#### PR Dependency Tree * **PR #14583** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added Gemini 3.1 Pro Preview support (text, image, audio) and new GPT‑5 variants as defaults; centralized persistent telemetry state for more reliable client identity. * **UX** * Improved model submenu placement in chat preferences. * More robust mindmap parsing, preview, regeneration and replace behavior. * **Chores** * Bumped AI SDK and related dependencies. * **Tests** * Expanded/updated tests and increased timeouts for flaky flows. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
9742e9735e |
feat(editor): improve edgeless perf & memory usage (#14591)
#### PR Dependency Tree * **PR #14591** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * New canvas renderer debug metrics and controls for runtime inspection. * Mindmap/group reordering now normalizes group targets, improving reorder consistency. * **Bug Fixes** * Fixed connector behavior for empty/degenerate paths. * More aggressive viewport invalidation so structural changes display correctly. * Improved z-index synchronization during transforms and layer updates. * **Performance** * Retained DOM caching for brushes, shapes, and connectors to reduce DOM churn. * Targeted canvas refreshes, pooling, and reuse to lower redraw and memory overhead. * **Tests** * Added canvas renderer performance benchmarks and curve edge-case unit tests. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
86d65b2f64 |
feat(server): add image resize support (#14588)
fix #13842 #### PR Dependency Tree * **PR #14588** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Images are now processed natively and converted to WebP for smaller, optimized files; Copilot and avatar attachments use the processed WebP output. * Avatar uploads accept BMP, GIF, JPEG, PNG, WebP (5MB max) and are downscaled to a standard edge. * **Error Messages / i18n** * Added localized error "Image format not supported: {format}". * **Tests** * Added end-to-end and unit tests for conversion, EXIF preservation, and upload limits. * **Chores** * Added native image-processing dependencies. <!-- end of auto-generated comment: release notes by coderabbit.ai -->v2026.3.6-canary.912 |
||
|
DarkSky
|
f34e25e122 |
test: migrate test & utils (#14569)
#### PR Dependency Tree * **PR #14569** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Upgraded development test tooling to Vitest v4 and added Playwright browser test integration; normalized test configurations and CI shard matrix. * **Tests** * Added a large suite of new integration tests covering editor flows (edgeless, database, embeds, images, latex, code, clipboard, multi-editor, presentation, undo/redo, etc.). * Removed numerous end-to-end Playwright test suites across the same feature areas. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
b5d5b71f95 |
feat(server): improve markdown parse (#14580)
#### PR Dependency Tree * **PR #14580** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Markdown conversion now reports lists of known-unsupported and unknown block identifiers encountered during parsing, and separates them from the main markdown output. * **Bug Fixes** * Improved error handling and logging around markdown parsing. * **Tests** * Updated tests and snapshots to reflect the new block-list fields and the adjusted markdown output. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
renovate[bot]
|
09fa1a8e4e |
chore: bump up dompurify version to v3.3.2 [SECURITY] (#14581)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [dompurify](https://redirect.github.com/cure53/DOMPurify) | [`3.3.0` → `3.3.2`](https://renovatebot.com/diffs/npm/dompurify/3.3.0/3.3.2) |  |  | ### GitHub Vulnerability Alerts #### [CVE-2026-0540](https://nvd.nist.gov/vuln/detail/CVE-2026-0540) DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in 2.5.9 and 3.3.2, contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting five missing rawtext elements (noscript, xmp, noembed, noframes, iframe) in the `SAFE_FOR_XML` regex. Attackers can include payloads like `</noscript><img src=x onerror=alert(1)>` in attribute values to execute JavaScript when sanitized output is placed inside these unprotected rawtext contexts. --- ### Release Notes <details> <summary>cure53/DOMPurify (dompurify)</summary> ### [`v3.3.2`](https://redirect.github.com/cure53/DOMPurify/releases/tag/3.3.2): DOMPurify 3.3.2 [Compare Source](https://redirect.github.com/cure53/DOMPurify/compare/3.3.1...3.3.2) - Fixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters - Fixed a prototype pollution issue when working with custom elements, thanks [@​christos-eth](https://redirect.github.com/christos-eth) - Fixed a lenient config parsing in `_isValidAttribute`, thanks [@​christos-eth](https://redirect.github.com/christos-eth) - Bumped and removed several dependencies, thanks [@​Rotzbua](https://redirect.github.com/Rotzbua) - Fixed the test suite after bumping dependencies, thanks [@​Rotzbua](https://redirect.github.com/Rotzbua) ### [`v3.3.1`](https://redirect.github.com/cure53/DOMPurify/releases/tag/3.3.1): DOMPurify 3.3.1 [Compare Source](https://redirect.github.com/cure53/DOMPurify/compare/3.3.0...3.3.1) - Updated `ADD_FORBID_CONTENTS` setting to extend default list, thanks [@​MariusRumpf](https://redirect.github.com/MariusRumpf) - Updated the ESM import syntax to be more correct, thanks [@​binhpv](https://redirect.github.com/binhpv) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41Ni4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTYuMCIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
congzhou09
|
c249011238 |
fix(editor): note-edgeless-block dimensions mismatch content at non-100% scale (#14577)
### Problem ●In edgeless mode, when the `note-edgeless-block` is scaled below 100%, its outer dimension becomes larger than its content region. This extra invisible region will block some user interactions such as clicks and hovers on editing elements underneath. <img width="1060" height="541" alt="note-elem-block-click" src="https://github.com/user-attachments/assets/860d7a4f-d159-437b-bbe8-4560e2463e3d" /> ●The following video demonstrates this issue: https://github.com/user-attachments/assets/3b719b25-0d7e-496b-9507-6aa65ed0a797 ### Solution ●The root cause is that `transform: scale(...)` CSS property (which implements the scale) is currently applyed to its **inner root element** instead of itself, and the solution is to move this CSS property to the proper place. ### After ●The video below shows the behavior after this fix. https://github.com/user-attachments/assets/e2dbd75d-c2ea-460d-90a1-5cc13e12d5b8 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Centralized CSS scaling for graphics and edgeless note blocks into dedicated public methods; rendering now uses these methods instead of inline transform calculations. * **Tests** * Updated end-to-end checks to read scale directly from the edgeless note element and use a more flexible transform-matching pattern. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
7f5f7e79df |
feat(server): refactor mcp (#14579)
#### PR Dependency Tree * **PR #14579** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Full JSON-RPC MCP endpoint with batch requests, per-message validation, method dispatch (initialize, ping, tools/list, tools/call) and request cancellation * Tool listing and execution with input validation, standardized results, and improved error responses * **Chores** * Removed an external protocol dependency * Bumped MCP server version to 1.0.1 <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
fff04395bc | chore: update docs | ||
|
renovate[bot]
|
bbc01533d7 |
chore: bump up multer version to v2.1.1 [SECURITY] (#14576)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [multer](https://redirect.github.com/expressjs/multer) | [`2.1.0` →
`2.1.1`](https://renovatebot.com/diffs/npm/multer/2.1.0/2.1.1) |
|
|
### GitHub Vulnerability Alerts
####
[CVE-2026-2359](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc)
### Impact
A vulnerability in Multer versions < 2.1.0 allows an attacker to trigger
a Denial of Service (DoS) by dropping connection during file upload,
potentially causing resource exhaustion.
### Patches
Users should upgrade to `2.1.0`
### Workarounds
None
####
[CVE-2026-3304](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p)
### Impact
A vulnerability in Multer versions < 2.1.0 allows an attacker to trigger
a Denial of Service (DoS) by sending malformed requests, potentially
causing resource exhaustion.
### Patches
Users should upgrade to `2.1.0`
### Workarounds
None
####
[CVE-2026-3520](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2)
### Impact
A vulnerability in Multer versions < 2.1.1 allows an attacker to trigger
a Denial of Service (DoS) by sending malformed requests, potentially
causing stack overflow.
### Patches
Users should upgrade to `2.1.1`
### Workarounds
None
### Resources
-
https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2
- https://www.cve.org/CVERecord?id=CVE-2026-3520
-
|
||
|
congzhou09
|
e31cca3354 |
fix(editor): non-canvas block size/position in embed-edgeless-doc at non-1 zoom (#14074)
### Problem ●Similar to [PR#14015](https://github.com/toeverything/AFFiNE/pull/14015), the container's own scaling factor (`viewScale`) was not taken into account. This time the issue affects **non-canvas blocks** (e.g. `edgeless-note`, `edgeless-image`, and any component extending `GfxBlockComponent`). ●The follwing image and video show the case when zoom is 0.5. <img width="822" height="414" alt="图片" src="https://github.com/user-attachments/assets/cee1cb88-2764-443c-aa7a-0443308b0e29" /> https://github.com/user-attachments/assets/3c744579-16c4-4f10-b421-e0606da1269f ### Solution ●Incorporated `viewScale` into the CSS `translate` calculation for all `GfxBlockComponent` instances. ### Additional Improvement ●Minor refactor: the class returned by `toGfxBlockComponent()` now reuses the original `getCSSTransform()` implementation from `GfxBlockComponent.prototype` via `.call(this)`, eliminating duplicated code. ### After ●The refined is as follows. https://github.com/user-attachments/assets/24de0429-63a3-45a7-9b31-d91a4279e233 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Improved viewport scaling so visual transforms (translation and zoom) correctly account for view scale, yielding more consistent rendering during zoom and pan. * Centralized transform calculation to a shared implementation, reducing duplication and ensuring uniform behavior across views. <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
DarkSky
|
11bc333714 | Merge commit '99b07c2ee14dea1383ca6cd63633c3df542f2955' into canary | ||
|
DarkSky
|
99b07c2ee1 | fix: ios marketing version v0.26.4 | ||
|
renovate[bot]
|
fc9b99cd17 |
chore: bump up ava version to v7 (#14563)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [ava](https://avajs.dev) ([source](https://redirect.github.com/avajs/ava)) | [`^6.4.1` → `^7.0.0`](https://renovatebot.com/diffs/npm/ava/6.4.1/7.0.0) |  |  | | [ava](https://avajs.dev) ([source](https://redirect.github.com/avajs/ava)) | [`^6.4.0` → `^7.0.0`](https://renovatebot.com/diffs/npm/ava/6.4.1/7.0.0) |  |  | --- ### Release Notes <details> <summary>avajs/ava (ava)</summary> ### [`v7.0.0`](https://redirect.github.com/avajs/ava/releases/tag/v7.0.0) [Compare Source](https://redirect.github.com/avajs/ava/compare/v6.4.1...v7.0.0) ##### What's Changed - Replace `strip-ansi` with `node:util.stripVTControlCharacters` by [@​fisker](https://redirect.github.com/fisker) in [#​3403](https://redirect.github.com/avajs/ava/pull/3403) - Remove support for Node.js 18 and 23; require 20.19 or newer, 22.20 or newer or 24,12 or newer; update dependencies including transitive `glob` by [@​novemberborn](https://redirect.github.com/novemberborn) in [#​3416](https://redirect.github.com/avajs/ava/pull/3416) **Full Changelog**: <https://github.com/avajs/ava/compare/v6.4.1...v7.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40OC4xIiwidXBkYXRlZEluVmVyIjoiNDMuNDguMSIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
DarkSky
|
2137f68871 |
fix(server): normalize mail server name (#14564)
fix #14562 fix #14226 fix #14192 #### PR Dependency Tree * **PR #14564** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * SMTP and fallback SMTP name now default to empty and will use the system hostname when not set. * HELO hostname resolution includes stricter normalization/validation for more reliable mail handshakes. * **Documentation** * Updated admin and config descriptions to explain hostname/HELO behavior and fallback. * **Tests** * Added tests covering hostname normalization and rejection of invalid HELO values. * **Chores** * Updated example env and ignore rules. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
renovate[bot]
|
75efa854bf |
chore: bump up apple-actions/import-codesign-certs action to v6 (#14561)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [apple-actions/import-codesign-certs](https://redirect.github.com/apple-actions/import-codesign-certs) | action | major | `v5` → `v6` | --- ### Release Notes <details> <summary>apple-actions/import-codesign-certs (apple-actions/import-codesign-certs)</summary> ### [`v6`](https://redirect.github.com/apple-actions/import-codesign-certs/compare/v5...v6) [Compare Source](https://redirect.github.com/apple-actions/import-codesign-certs/compare/v5...v6) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
c0139abf79 |
chore: bump up actions/setup-java action to v5 (#14554)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-java](https://redirect.github.com/actions/setup-java) | action | major | `v4` → `v5` | --- ### Release Notes <details> <summary>actions/setup-java (actions/setup-java)</summary> ### [`v5`](https://redirect.github.com/actions/setup-java/compare/v4...v5) [Compare Source](https://redirect.github.com/actions/setup-java/compare/v4...v5) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>v2026.3.2-canary.1225 |
||
|
renovate[bot]
|
5a38e765bd |
chore: bump up actions/setup-node action to v6 (#14555)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-node](https://redirect.github.com/actions/setup-node) | action | major | `v4` → `v6` | --- ### Release Notes <details> <summary>actions/setup-node (actions/setup-node)</summary> ### [`v6`](https://redirect.github.com/actions/setup-node/compare/v5...v6) [Compare Source](https://redirect.github.com/actions/setup-node/compare/v5...v6) ### [`v5`](https://redirect.github.com/actions/setup-node/compare/v4...v5) [Compare Source](https://redirect.github.com/actions/setup-node/compare/v4...v5) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
d3dcdd47ee |
chore: bump up actions/setup-python action to v6 (#14556)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-python](https://redirect.github.com/actions/setup-python) | action | major | `v5` → `v6` | --- ### Release Notes <details> <summary>actions/setup-python (actions/setup-python)</summary> ### [`v6`](https://redirect.github.com/actions/setup-python/compare/v5...v6) [Compare Source](https://redirect.github.com/actions/setup-python/compare/v5...v6) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
DarkSky
|
727c9d6d71 | fix: server build env | ||
|
DarkSky
|
274f491e49 | fix: aarch64 build | ||
|
congzhou09
|
478138493a |
fix(editor): invalid caret in note-edgeless-block on focus (#14229)
### Problem ●In edgeless mode, when starting to edit, `note-block` exhibits two types of invalid caret behavior: (1)**Title Region Misalignment**: Clicking on the title region incorrectly generates the caret in the first line of the note content, rather than in the title itself. (2)**Vanishing Caret at Line End**: When clicking in the empty space beyond the end of a text section, the caret appears momentarily at the line's end but disappears immediately. ●The following video demonstrates these issues: https://github.com/user-attachments/assets/db9c2c50-709f-4d32-912c-0f01841d2024 ### Solution ●**Title Click Interception**: Added a check to determine if the click coordinates fall in the title region. If so, the caret positioning is now handled by a dedicated logic path. Otherwise, it falls back to the existing note-content logic as before. ●**Range Normalization**: When the generated `range.startContainer` is not a `TextNode`, try to find a most appropriate `TextNode` and update the `range` accordingly. ### After ●The video below shows the behavior after this fix. https://github.com/user-attachments/assets/b2f70b64-1fc6-4049-8379-8bcf3a488a05 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Clicking a page block title no longer creates unwanted paragraphs and reliably focuses the title. * Paragraph creation now occurs only when needed and focus is applied only after successful creation. * Click coordinates are clamped to container bounds to prevent misplaced cursors or focus. * **Improvements** * Caret normalization: clicks place the caret at the last meaningful text position for consistent single-cursor behavior. * **Tests** * Added end-to-end coverage for caret placement and focus transitions. * New ratio-based click/double-click test utilities and a helper for double-clicking note bodies. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
renovate[bot]
|
5464d1a9ce |
chore: bump up multer version to v2.1.0 [SECURITY] (#14544)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [multer](https://redirect.github.com/expressjs/multer) | [`2.0.2` → `2.1.0`](https://renovatebot.com/diffs/npm/multer/2.0.2/2.1.0) |  |  | ### GitHub Vulnerability Alerts #### [CVE-2026-2359](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc) ### Impact A vulnerability in Multer versions < 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. ### Patches Users should upgrade to `2.1.0` ### Workarounds None #### [CVE-2026-3304](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p) ### Impact A vulnerability in Multer versions < 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. ### Patches Users should upgrade to `2.1.0` ### Workarounds None --- ### Release Notes <details> <summary>expressjs/multer (multer)</summary> ### [`v2.1.0`](https://redirect.github.com/expressjs/multer/blob/HEAD/CHANGELOG.md#210) [Compare Source](https://redirect.github.com/expressjs/multer/compare/v2.0.2...v2.1.0) - Add `defParamCharset` option for UTF-8 filename support ([#​1210](https://redirect.github.com/expressjs/multer/pull/1210)) - Fix [CVE-2026-2359](https://www.cve.org/CVERecord?id=CVE-2026-2359) ([GHSA-v52c-386h-88mc](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc)) - Fix [CVE-2026-3304](https://www.cve.org/CVERecord?id=CVE-2026-3304) ([GHSA-xf7r-hgr6-v32p](https://redirect.github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>v2026.3.2-canary.917 |
||
|
renovate[bot]
|
4c40dcacd9 |
chore: bump up actions/setup-go action to v6 (#14553)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-go](https://redirect.github.com/actions/setup-go) | action | major | `v5` → `v6` | --- ### Release Notes <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v6`](https://redirect.github.com/actions/setup-go/compare/v5...v6) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v5...v6) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
76d28aaa38 |
chore: bump up @types/supertest version to v7 (#14546)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@types/supertest](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/supertest) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest)) | [`^6.0.2` → `^7.0.0`](https://renovatebot.com/diffs/npm/@types%2fsupertest/6.0.3/7.2.0) |  |  | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
86f48240ce |
chore: bump up actions/github-script action to v8 (#14551)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/github-script](https://redirect.github.com/actions/github-script) | action | major | `v7` → `v8` | --- ### Release Notes <details> <summary>actions/github-script (actions/github-script)</summary> ### [`v8`](https://redirect.github.com/actions/github-script/releases/tag/v8): .0.0 [Compare Source](https://redirect.github.com/actions/github-script/compare/v7...v8) ##### What's Changed - Update Node.js version support to 24.x by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​637](https://redirect.github.com/actions/github-script/pull/637) - README for updating actions/github-script from v7 to v8 by [@​sneha-krip](https://redirect.github.com/sneha-krip) in [#​653](https://redirect.github.com/actions/github-script/pull/653) ##### ⚠️ Minimum Compatible Runner Version **v2.327.1**\ [Release Notes](https://redirect.github.com/actions/runner/releases/tag/v2.327.1) Make sure your runner is updated to this version or newer to use this release. ##### New Contributors - [@​salmanmkc](https://redirect.github.com/salmanmkc) made their first contribution in [#​637](https://redirect.github.com/actions/github-script/pull/637) - [@​sneha-krip](https://redirect.github.com/sneha-krip) made their first contribution in [#​653](https://redirect.github.com/actions/github-script/pull/653) **Full Changelog**: <https://github.com/actions/github-script/compare/v7.1.0...v8.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
DarkSky
|
c5d622531c | feat: refactor copilot module (#14537) | ||
|
renovate[bot]
|
60acd81d4b |
chore: bump up actions/labeler action to v6 (#14552)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/labeler](https://redirect.github.com/actions/labeler) | action | major | `v5` → `v6` | --- ### Release Notes <details> <summary>actions/labeler (actions/labeler)</summary> ### [`v6`](https://redirect.github.com/actions/labeler/compare/v5...v6) [Compare Source](https://redirect.github.com/actions/labeler/compare/v5...v6) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
78f567a178 |
chore: bump up actions/checkout action to v6 (#14550)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | `v4` → `v6` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6`](https://redirect.github.com/actions/checkout/compare/v5...v6) [Compare Source](https://redirect.github.com/actions/checkout/compare/v5...v6) ### [`v5`](https://redirect.github.com/actions/checkout/compare/v4...v5) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4...v5) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
784382cfb1 |
chore: bump up actions/cache action to v5 (#14549)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/cache](https://redirect.github.com/actions/cache) | action | major | `v4` → `v5` | --- ### Release Notes <details> <summary>actions/cache (actions/cache)</summary> ### [`v5`](https://redirect.github.com/actions/cache/compare/v4...v5) [Compare Source](https://redirect.github.com/actions/cache/compare/v4...v5) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
342451be1b |
chore: bump up actions/attest-build-provenance action to v4 (#14547)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/attest-build-provenance](https://redirect.github.com/actions/attest-build-provenance) | action | major | `v2` → `v4` | --- ### Release Notes <details> <summary>actions/attest-build-provenance (actions/attest-build-provenance)</summary> ### [`v4`](https://redirect.github.com/actions/attest-build-provenance/compare/v3...v4) [Compare Source](https://redirect.github.com/actions/attest-build-provenance/compare/v3...v4) ### [`v3`](https://redirect.github.com/actions/attest-build-provenance/compare/v2...v3) [Compare Source](https://redirect.github.com/actions/attest-build-provenance/compare/v2...v3) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
2b6146727b | chore: bump up RevenueCat/purchases-ios-spm version to from: "5.60.0" (#14545) | ||
|
renovate[bot]
|
d5245a3273 |
chore: bump up Recouse/EventSource version to from: "0.1.7" (#14541)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Recouse/EventSource](https://redirect.github.com/Recouse/EventSource) | patch | `from: "0.1.5"` → `from: "0.1.7"` | --- ### Release Notes <details> <summary>Recouse/EventSource (Recouse/EventSource)</summary> ### [`v0.1.7`](https://redirect.github.com/Recouse/EventSource/releases/tag/0.1.7) [Compare Source](https://redirect.github.com/Recouse/EventSource/compare/0.1.6...0.1.7) #### What's Changed - Separate timeout interval values for request and resource by [@​Recouse](https://redirect.github.com/Recouse) in [#​46](https://redirect.github.com/Recouse/EventSource/pull/46) **Full Changelog**: <https://github.com/Recouse/EventSource/compare/0.1.6...0.1.7> ### [`v0.1.6`](https://redirect.github.com/Recouse/EventSource/releases/tag/0.1.6) [Compare Source](https://redirect.github.com/Recouse/EventSource/compare/0.1.5...0.1.6) #### What's Changed - Fix visionOS availability error for split(by:) method by [@​danielseidl](https://redirect.github.com/danielseidl) in [#​45](https://redirect.github.com/Recouse/EventSource/pull/45) #### New Contributors - [@​danielseidl](https://redirect.github.com/danielseidl) made their first contribution in [#​45](https://redirect.github.com/Recouse/EventSource/pull/45) **Full Changelog**: <https://github.com/Recouse/EventSource/compare/0.1.5...0.1.6> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
fff63562b1 |
chore: bump up Lakr233/MarkdownView version to from: "3.6.3" (#14540)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Lakr233/MarkdownView](https://redirect.github.com/Lakr233/MarkdownView) | patch | `from: "3.6.2"` → `from: "3.6.3"` | --- ### Release Notes <details> <summary>Lakr233/MarkdownView (Lakr233/MarkdownView)</summary> ### [`v3.6.3`](https://redirect.github.com/Lakr233/MarkdownView/compare/3.6.2...3.6.3) [Compare Source](https://redirect.github.com/Lakr233/MarkdownView/compare/3.6.2...3.6.3) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
4136abdd97 |
chore: bump up rustc version to v1.93.1 (#14542)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [rustc](https://redirect.github.com/rust-lang/rust) | patch | `1.93.0` → `1.93.1` | --- ### Release Notes <details> <summary>rust-lang/rust (rustc)</summary> ### [`v1.93.1`](https://redirect.github.com/rust-lang/rust/blob/HEAD/RELEASES.md#Version-1931-2026-02-12) [Compare Source](https://redirect.github.com/rust-lang/rust/compare/1.93.0...1.93.1) \=========================== <a id="1.93.1"></a> - [Don't try to recover keyword as non-keyword identifier](https://redirect.github.com/rust-lang/rust/pull/150590), fixing an ICE that especially [affected rustfmt](https://redirect.github.com/rust-lang/rustfmt/issues/6739). - [Fix `clippy::panicking_unwrap` false-positive on field access with implicit deref](https://redirect.github.com/rust-lang/rust-clippy/pull/16196). - [Revert "Update wasm-related dependencies in CI"](https://redirect.github.com/rust-lang/rust/pull/152259), fixing file descriptor leaks on the `wasm32-wasip2` target. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40My4yIiwidXBkYXRlZEluVmVyIjoiNDMuNDMuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
e249e2e884 |
chore: bump up opentelemetry (#14543)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@opentelemetry/exporter-prometheus](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-exporter-prometheus) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.211.0` → `^0.212.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fexporter-prometheus/0.211.0/0.212.0) |  |  | | [@opentelemetry/exporter-zipkin](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/opentelemetry-exporter-zipkin) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.5.0` → `2.5.1`](https://renovatebot.com/diffs/npm/@opentelemetry%2fexporter-zipkin/2.5.0/2.5.1) |  |  | | [@opentelemetry/host-metrics](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/host-metrics#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/host-metrics)) | [`0.38.2` → `0.38.3`](https://renovatebot.com/diffs/npm/@opentelemetry%2fhost-metrics/0.38.2/0.38.3) |  |  | | [@opentelemetry/instrumentation](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-instrumentation) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.211.0` → `^0.212.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation/0.211.0/0.212.0) |  |  | | [@opentelemetry/instrumentation-graphql](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-graphql#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-graphql)) | [`^0.58.0` → `^0.60.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-graphql/0.58.0/0.60.0) |  |  | | [@opentelemetry/instrumentation-http](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-instrumentation-http) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.211.0` → `^0.212.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-http/0.211.0/0.212.0) |  |  | | [@opentelemetry/instrumentation-ioredis](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-ioredis#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-ioredis)) | [`^0.59.0` → `^0.60.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-ioredis/0.59.0/0.60.0) |  |  | | [@opentelemetry/instrumentation-nestjs-core](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-nestjs-core#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-nestjs-core)) | [`^0.57.0` → `^0.58.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-nestjs-core/0.57.0/0.58.0) |  |  | | [@opentelemetry/instrumentation-socket.io](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-socket.io#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-socket.io)) | [`^0.57.0` → `^0.59.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-socket.io/0.57.0/0.59.0) |  |  | | [@opentelemetry/sdk-metrics](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/sdk-metrics) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.5.0` → `2.5.1`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-metrics/2.5.0/2.5.1) |  |  | | [@opentelemetry/sdk-node](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-sdk-node) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.211.0` → `^0.212.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-node/0.211.0/0.212.0) |  |  | | [@opentelemetry/sdk-trace-node](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/opentelemetry-sdk-trace-node) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.5.0` → `2.5.1`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-trace-node/2.5.0/2.5.1) |  |  | --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-js (@​opentelemetry/exporter-prometheus)</summary> ### [`v0.212.0`]( |
||
|
GyeongSu Han
|
2e95d91093 |
fix: restore Accept header and prevent encoded response in GitHub OAuth token request (regression from #14061) (#14538)
## 📝 Summary This PR fixes a regression that caused the following error during GitHub OAuth login: > Unable to parse JSON response from [https://github.com/login/oauth/access_token](https://github.com/login/oauth/access_token) Related issue: [https://github.com/toeverything/AFFiNE/issues/14334](https://github.com/toeverything/AFFiNE/issues/14334) Regression introduced in: [https://github.com/toeverything/AFFiNE/pull/14061](https://github.com/toeverything/AFFiNE/pull/14061) --- ## 🎯 Background GitHub’s OAuth access token endpoint returns different response formats depending on the request headers. To receive a JSON response, the request must include: ``` Accept: application/json ``` If the `Accept` header is missing, GitHub responds with: ``` application/x-www-form-urlencoded ``` The current implementation assumes a JSON response and parses it directly. When a non-JSON response is returned, JSON parsing fails, breaking the OAuth login flow. --- ## 🔍 Traffic Analysis (tcpdump) Network path: affine-graphql → (HTTPS) → envoy → (HTTP, tcpdump) → envoy → GitHub ### Observed Request ``` POST /login/oauth/access_token HTTP/1.1 host: github-proxy.com content-type: application/x-www-form-urlencoded accept: */* ... ``` ### Observed Response ``` HTTP/1.1 200 OK date: Sat, 28 Feb 2026 14:47:43 GMT content-type: application/x-www-form-urlencoded; charset=utf-8 ... ``` The `Accept` header was `*/*` instead of `application/json`, causing GitHub to return a form-urlencoded response. --- ## 🐛 Root Cause PR #14061 introduced a side effect in the request configuration. Although the `Accept` header was initially defined, the request options were later overwritten by the `init` parameter. Because `init.headers` replaced the previously defined headers object, the required header was lost. Resulting in: * Missing `Accept: application/json` * GitHub returning `application/x-www-form-urlencoded` * JSON parsing failure * OAuth login failure --- ## 🔧 Changes ### 1️⃣ Fix header overwrite order * Process the incoming `init` parameter first * Explicitly overwrite required headers afterward * Ensure `Accept: application/json` is always enforced --- ## 💥 Breaking Changes None. --- ## 🧪 How to Test 1. Configure GitHub OAuth. 2. Attempt login via GitHub. 3. Verify that: * The request contains `Accept: application/json` * The response content-type is `application/json` * No JSON parsing error occurs * OAuth login completes successfully --- ## 📌 Notes This change restores correct OAuth behavior and prevents regression caused by header overwriting introduced in #14061. The same header overwrite pattern identified in this issue was also found in the calendar module and has been corrected there as well. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Improved backend HTTP header handling for external integrations to avoid unintended header overrides, ensuring content-type and encoding hints are applied consistently and improving reliability of service requests. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> |
||
|
DarkSky
|
2cb171f553 |
feat: cleanup webpack deps (#14530)
#### PR Dependency Tree * **PR #14530** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Breaking Changes** * Webpack bundler support removed from the build system * Bundler selection parameter removed from build and development commands * **Refactor** * Build configuration consolidated to a single bundler approach * Webpack-specific build paths and workflows removed; development server simplified * **Chores** * Removed webpack-related dev dependencies and tooling * Updated package build scripts for a unified bundle command * **Dependencies** * Upgraded Sentry packages across frontend packages (react/electron/esbuild plugin) <!-- end of auto-generated comment: release notes by coderabbit.ai -->v2026.3.1-canary.906 |
||
|
DarkSky
|
a4e2242b8d |
chore: bump playwright (#13947)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated Playwright test tooling to 1.58.2 across the repository and test packages. * **Tests** * Improved end-to-end robustness: replaced fragile timing/coordinate logic with element-based interactions, added polling/retry checks for flaky asserts and async state, and simplified input/rename flows to reduce test flakiness. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
c90f173821 |
chore: bump deps (#14526)
#### PR Dependency Tree * **PR #14526** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated Storybook component development tooling to version 10.2.13 for improved stability and performance * Removed Chromatic integration from the component preview system <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
e1e0ac2345 |
chore: cleanup deps (#14525)
#### PR Dependency Tree * **PR #14525** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Removed an unused development dependency. * Updated dotLottie/Lottie-related dependency versions across packages and replaced a removed player dependency with the new package. * **Refactor** * AI animated icons now re-export from a shared component and are loaded only in the browser, reducing upfront bundle weight and centralizing icon assets. <!-- end of auto-generated comment: release notes by coderabbit.ai -->v0.26.4-beta.0 |
||
|
DarkSky
|
bdccf4e9fd | fix: typo | ||
|
DarkSky
|
11cf1928b5 |
fix(server): transaction error (#14518)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Events can be dispatched in a detached context to avoid inheriting the current transaction. * **Bug Fixes** * Improved resilience and error handling for event processing (graceful handling of deleted workspaces and ignorable DB errors). * More reliable owner assignment flow when changing document owners. * **Tests** * Added tests for doc content staleness with deleted workspaces. * Added permission event tests for missing workspace/editor scenarios. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
donqu1xotevincent
|
5215c73166 | chore(ios): update description (#14522) | ||
|
DarkSky
|
895e774569 | fix: static file handle & ws connect | ||
|
DarkSky
|
79460072bb | fix: old client compatibility v0.26.3 v0.26.3-beta.4 | ||
|
DarkSky
|
41b3b0e82e |
feat: handle calendar sync failed (#14510)
#### PR Dependency Tree * **PR #14510** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved calendar sync reliability with exponential backoff for repeated failures. * Better handling of token refresh failures with automatic account invalidation and cleanup when needed. * Subscriptions are now automatically disabled and related events removed when the calendar provider reports missing resources. * **Tests** * Added comprehensive tests covering sync failures, backoff behavior, token refresh handling, skipping retries during backoff, and recovery. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |