Jan Čermák
a2ee2223fa
Instruct agents to use relative imports within supervisor package ( #6522 )
...
It seems that agents like Claude like to do absolute imports despite it's a
pattern we're trying to avoid. Adjust the instructions to avoid them doing it.
2026-02-03 13:36:12 +01:00
dependabot[bot]
72003346f4
Bump actions/cache from 5.0.2 to 5.0.3 ( #6507 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](8b402f58fb...cdf6c1fa76support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-30 08:38:54 +01:00
dependabot[bot]
a3f5675c96
Bump docker/login-action from 3.6.0 to 3.7.0 ( #6502 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](5e57cd1181...c94ce9fb46support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-29 09:29:56 +01:00
Stefan Agner
515114fa69
Improve CI workflow wait logic and reduce duplication ( #6496 )
...
* Improve Supervisor startup wait logic in CI workflow
The 'Wait for Supervisor to come up' step was failing intermittently when
the Supervisor API wasn't immediately available. The original script relied
on bash's lenient error handling in command substitution, which could fail
unpredictably.
Changes:
- Use curl -f flag to properly handle HTTP errors
- Use jq -e for robust JSON validation and exit code handling
- Add explicit 5-minute timeout with elapsed time tracking
- Reduce log noise by only reporting progress every 15 seconds
- Add comprehensive error diagnostics on timeout:
* Show last API response received
* Dump last 50 lines of Supervisor logs
- Show startup time on success for performance monitoring
This makes the CI workflow more reliable and easier to debug when the
Supervisor fails to start.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
* Use YAML anchor to deduplicate wait step in CI workflow
The 'Wait for Supervisor to come up' step appears twice in the
run_supervisor job - once after starting and once after restarting.
Use a YAML anchor to define the step once and reference it on the
second occurrence.
This reduces duplication by 28 lines and makes future maintenance
easier by ensuring both wait steps remain identical.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
---------
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-01-27 09:31:45 +01:00
dependabot[bot]
d58d5769d4
Bump release-drafter/release-drafter from 6.1.1 to 6.2.0 ( #6490 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-23 17:23:13 +01:00
dependabot[bot]
07a8350c40
Bump actions/checkout from 6.0.1 to 6.0.2 ( #6491 )
2026-01-23 09:28:51 +01:00
dependabot[bot]
16cde8365f
Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 ( #6487 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](98357b18bf...c0f553fe54support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-22 08:28:53 +01:00
dependabot[bot]
afc0f37fef
Bump actions/setup-python from 6.1.0 to 6.2.0 ( #6486 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](83679a892e...a309ff8b42support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-22 08:28:22 +01:00
dependabot[bot]
94daaf4e52
Bump release-drafter/release-drafter from 6.1.0 to 6.1.1 ( #6482 )
...
Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter ) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/release-drafter/release-drafter/releases )
- [Commits](b1476f6e6e...267d2e0268support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-21 12:27:11 +01:00
dependabot[bot]
2edd8d0407
Bump actions/cache from 5.0.1 to 5.0.2 ( #6481 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-19 10:13:01 +01:00
dependabot[bot]
61052f78df
Bump getsentry/action-release from 3.4.0 to 3.5.0 ( #6458 )
...
Bumps [getsentry/action-release](https://github.com/getsentry/action-release ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/getsentry/action-release/releases )
- [Changelog](https://github.com/getsentry/action-release/blob/master/CHANGELOG.md )
- [Commits](128c5058bb...dab6548b3csupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-05 10:16:51 +01:00
dependabot[bot]
29fdce5d79
Bump actions/download-artifact from 6.0.0 to 7.0.0 ( #6429 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](018cc2cf5b...37930b1c2asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-15 10:00:35 +01:00
dependabot[bot]
50542f526c
Bump actions/upload-artifact from 5.0.0 to 6.0.0 ( #6428 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](330a01c490...b7c566a772support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-15 10:00:26 +01:00
dependabot[bot]
f48f2fa21b
Bump actions/cache from 4.3.0 to 5.0.1 ( #6427 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.3.0 to 5.0.1.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](0057852bfa...9255dc7a25support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-15 10:00:03 +01:00
dependabot[bot]
ba8b8a5a26
Bump dessant/lock-threads from 5.0.1 to 6.0.0 ( #6426 )
...
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads ) from 5.0.1 to 6.0.0.
- [Release notes](https://github.com/dessant/lock-threads/releases )
- [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md )
- [Commits](1bf7ec2505...7266a7ce5csupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-15 09:59:55 +01:00
dependabot[bot]
27c53048f6
Bump codecov/codecov-action from 5.5.1 to 5.5.2 ( #6416 )
2025-12-10 09:06:35 +01:00
dependabot[bot]
88ab5e9196
Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 ( #6417 )
2025-12-10 07:46:19 +01:00
dependabot[bot]
054c6d0365
Bump peter-evans/create-pull-request from 7.0.9 to 7.0.11 ( #6406 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.9 to 7.0.11.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](84ae59a2cd...22a9089034support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-08 08:21:33 +01:00
Jan Čermák
aeb8e59da4
Move wheels build to the build job, use ARM runner for aarch64 build ( #6384 )
...
* Move wheels build to the build job, use ARM runner for aarch64 build
There is problem that when wheels are not built, the depending jobs are
skipped. This will require to explicitly use `!cancelled() && !failure()` for
all jobs that depend on the build job. To avoid that, move the wheels build to
the build job. This means tha we need to run it on native ARM runner for
aarch64, but this isn't an issue as we'd like to do that anyway. Also renamed
the rather cryptic "requirements" output to "build_wheels", as that's what it
signalizes.
* Remove explicit "shell: bash"
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2025-12-03 14:36:48 +01:00
dependabot[bot]
bee0a4482e
Bump actions/checkout from 6.0.0 to 6.0.1 ( #6382 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-03 10:40:03 +01:00
dependabot[bot]
37cc078144
Bump actions/stale from 10.1.0 to 10.1.1 ( #6383 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-03 10:37:24 +01:00
Stefan Agner
20f993e891
Avoid getting changed files for releases ( #6381 )
...
The changed files GitHub Action is not available for release events, so
we skip that step and directly set the output to false for releases.
This restores how releases worked before #6374 .
2025-12-02 20:23:37 +01:00
Jan Čermák
bac072a985
Use unpublished local wheels during PR builds ( #6374 )
...
* Use unpublished local wheels during PR builds
Refactor wheel building to use the new `local-wheels-repo-path` and move wheels
building into a separate CI job. Wheels are only published on published (i.e.
release or merged dev), for PR builds they are passed as artifacts to the build
job instead.
* Address review comments
* Add trailing slash for wheels folder
* Always run the changed_files check to ensure build_wheels runs on publish
* Use full path for workflow and escape dots in changed files regexp
2025-12-02 14:08:07 +01:00
dependabot[bot]
2dc1f9224e
Bump home-assistant/builder from 2025.09.0 to 2025.11.0 ( #6363 )
...
Bumps [home-assistant/builder](https://github.com/home-assistant/builder ) from 2025.09.0 to 2025.11.0.
- [Release notes](https://github.com/home-assistant/builder/releases )
- [Commits](https://github.com/home-assistant/builder/compare/2025.09.0...2025.11.0 )
---
updated-dependencies:
- dependency-name: home-assistant/builder
dependency-version: 2025.11.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 08:40:38 +01:00
dependabot[bot]
5f55ab8de4
Bump home-assistant/wheels from 2025.10.0 to 2025.11.0 ( #6352 )
2025-11-26 07:56:32 +01:00
Jan Čermák
4b4afd081b
Drop build for deprecated architectures and re-tag legacy build instead ( #6347 )
...
To ensure that e.g. airgapped devices running on deprecated archs can still
update the Supervisor when they become online, the version of Supervisor in the
version file must stay available for all architectures. Since the base images
will no longer exist for those archs and to avoid the need for building it from
current source, add job that pulls the last available image, changes the label
in the metadata and publishes it under the new tag. That way we'll get a new
image with a different SHA (compared to a plain re-tag), so the GHCR metrics
should reflect how many devices still pull these old images.
2025-11-25 12:42:01 +01:00
dependabot[bot]
7244e447ab
Bump actions/setup-python from 6.0.0 to 6.1.0 ( #6341 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 07:20:29 +01:00
dependabot[bot]
bb450cad4f
Bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 ( #6332 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.8 to 7.0.9.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](271a8d0340...84ae59a2cdsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 08:52:46 +01:00
dependabot[bot]
6af6c3157f
Bump actions/checkout from 5.0.1 to 6.0.0 ( #6327 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.1 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93cb6efe18...1af3b93b68support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-21 09:29:32 +01:00
dependabot[bot]
95c106d502
Bump actions/checkout from 5.0.0 to 5.0.1 ( #6318 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...93cb6efe18support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-18 08:45:19 +01:00
dependabot[bot]
c9ceb4a4e3
Bump getsentry/action-release from 3.3.0 to 3.4.0 ( #6284 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-05 12:17:51 +01:00
Stefan Agner
1448a33dbf
Remove Codenotary integrity check ( #6236 )
...
* Formally deprecate CodeNotary build config
* Remove CodeNotary specific integrity checking
The current code is specific to how CodeNotary was doing integrity
checking. A future integrity checking mechanism likely will work
differently (e.g. through EROFS based containers). Remove the current
code to make way for a future implementation.
* Drop CodeNotary integrity fixups
* Drop unused tests
* Fix pytest
* Fix pytest
* Remove CodeNotary related exceptions and handling
Remove CodeNotary related exceptions and handling from the Docker
interface.
* Drop unnecessary comment
* Remove Codenotary specific IssueType/SuggestionType
* Drop Codenotary specific environment and secret reference
* Remove unused constants
* Introduce APIGone exception for removed APIs
Introduce a new exception class APIGone to indicate that certain API
features have been removed and are no longer available. Update the
security integrity check endpoint to raise this new exception instead
of a generic APIError, providing clearer communication to clients that
the feature has been intentionally removed.
* Drop content trust
A cosign based signature verification will likely be named differently
to avoid confusion with existing implementations. For now, remove the
content trust option entirely.
* Drop code sign test
* Remove source_mods/content_trust evaluations
* Remove content_trust reference in bootstrap.py
* Fix security tests
* Drop unused tests
* Drop codenotary from schema
Since we have "remove extra" in voluptuous, we can remove the
codenotary field from the addon schema.
* Remove content_trust from tests
* Remove content_trust unsupported reason
* Remove unnecessary comment
* Remove unrelated pytest
* Remove unrelated fixtures
2025-11-03 20:13:15 +01:00
dependabot[bot]
9c0174f1fd
Bump actions/upload-artifact from 4.6.2 to 5.0.0 ( #6269 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.6.2 to 5.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](ea165f8d65...330a01c490support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-27 12:28:43 +01:00
dependabot[bot]
dc3d8b9266
Bump actions/download-artifact from 5.0.0 to 6.0.0 ( #6270 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](634f93cb29...018cc2cf5bsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-27 12:28:13 +01:00
dependabot[bot]
b903e1196f
Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 ( #6256 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.10.0 to 4.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d7543c93d8...faadad0ccesupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-23 08:37:59 +02:00
dependabot[bot]
9f8e8ab15a
Bump home-assistant/wheels from 2025.09.1 to 2025.10.0 ( #6260 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-22 23:17:38 +02:00
Stefan Agner
337731a55a
Let only bugs go stale ( #6239 )
...
Let's apply the stale label only to issues which are bugs. Tasks are
more long lived and should not be marked as stale automatically.
2025-10-08 15:56:35 +02:00
dependabot[bot]
e4bb415e30
Bump actions/stale from 10.0.0 to 10.1.0 ( #6229 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 10.0.0 to 10.1.0.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](3a9db7e6a4...5f858e3efbsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-06 11:35:49 +02:00
dependabot[bot]
ab3b147876
Bump docker/login-action from 3.5.0 to 3.6.0 ( #6219 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](184bdaa072...5e57cd1181support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-30 09:56:29 +02:00
dependabot[bot]
9f6b154097
Bump home-assistant/wheels from 2025.09.0 to 2025.09.1 ( #6216 )
...
Bumps [home-assistant/wheels](https://github.com/home-assistant/wheels ) from 2025.09.0 to 2025.09.1.
- [Release notes](https://github.com/home-assistant/wheels/releases )
- [Commits](https://github.com/home-assistant/wheels/compare/2025.09.0...2025.09.1 )
---
updated-dependencies:
- dependency-name: home-assistant/wheels
dependency-version: 2025.09.1
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-26 11:03:51 +02:00
dependabot[bot]
092013e457
Bump home-assistant/wheels from 2025.07.0 to 2025.09.0 ( #6209 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-25 10:43:28 +02:00
dependabot[bot]
e13f216b2e
Bump actions/cache from 4.2.4 to 4.3.0 ( #6208 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-25 10:42:51 +02:00
Stefan Agner
595e33ac68
Bump cosign to v2.5.3 ( #6204 )
...
Follow the builder bump of 2025.09.0 and use cosign v2.5.3 for
Supervisor too.
2025-09-23 16:43:03 +02:00
dependabot[bot]
ae70ffd1b2
Bump getsentry/action-release from 3.2.0 to 3.3.0 ( #6201 )
...
Bumps [getsentry/action-release](https://github.com/getsentry/action-release ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/getsentry/action-release/releases )
- [Changelog](https://github.com/getsentry/action-release/blob/master/CHANGELOG.md )
- [Commits](526942b682...4f502acc1dsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-23 15:40:58 +02:00
dependabot[bot]
4e882f7c76
Bump home-assistant/builder from 2025.03.0 to 2025.09.0 ( #6190 )
2025-09-16 09:06:10 +02:00
dependabot[bot]
3891df5266
Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 ( #6188 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 09:44:35 +02:00
Simon Lamon
4a40490af7
Pin SHA for all Github Actions ( #6186 )
2025-09-14 17:54:02 +02:00
dependabot[bot]
3397def8b9
Bump actions/github-script from 7 to 8 ( #6158 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 7 to 8.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-version: '8'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-05 09:55:13 +02:00
dependabot[bot]
b832edc10d
Bump codecov/codecov-action from 5.5.0 to 5.5.1 ( #6159 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 5.5.0 to 5.5.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v5.5.0...v5.5.1 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 5.5.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-05 09:54:33 +02:00
dependabot[bot]
38611ad12f
Bump actions/stale from 9.1.0 to 10.0.0 ( #6155 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 9.1.0 to 10.0.0.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v9.1.0...v10.0.0 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-version: 10.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 14:40:56 +02:00
