From c434a15d1c7e76dc5838649ec068793c7f3d3861 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 29 Nov 2025 10:05:52 +0000 Subject: [PATCH 01/22] Bump docker/metadata-action from 5.9.0 to 5.10.0 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.9.0 to 5.10.0. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/318604b99e75e41977312d83839a89be02ca4893...c299e40c65443455700f0fdfc63efafe5b349051) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 00949d4..abbcf64 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -55,7 +55,7 @@ jobs: - &docker-meta name: Docker meta id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 #v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 #v5.10.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} images: | From a794146540729e2c257bc3b190d91785d21879b9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Dec 2025 19:47:10 +0000 Subject: [PATCH 02/22] Bump actions/setup-python from 6.0.0 to 6.1.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/e797f83bcb11b83ae66e0230d6156d7c80228e7c...83679a892e2d95755f2dac6acb0bfd1e9ac5d548) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index c3e54a7..c1b8736 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -31,7 +31,7 @@ jobs: uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 #v3.7.0 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c #v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 #v6.1.0 with: python-version: "3.13" From 8f761bab020027e8bcdb8adcd02e0e2d389d231f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Dec 2025 10:03:12 +0000 Subject: [PATCH 03/22] Bump alpine from 3.22 to 3.23 in /src Bumps alpine from 3.22 to 3.23. --- updated-dependencies: - dependency-name: alpine dependency-version: '3.23' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index cb7a061..132c824 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 ARG FTL_SOURCE=remote # Pull Stable images -FROM alpine:3.22 AS base +FROM alpine:3.23 AS base ARG TARGETPLATFORM ARG WEB_BRANCH="development" From 43eb0ca20e1e2f6fcc5890bca067dffcea194a0f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Dec 2025 10:04:38 +0000 Subject: [PATCH 04/22] Bump actions/checkout from 6.0.0 to 6.0.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 4 ++-- .github/workflows/build-and-test.yml | 2 +- .github/workflows/codespell.yml | 2 +- .github/workflows/dockerhub-description.yml | 2 +- .github/workflows/editorconfig.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/sync-back-to-dev.yml | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index abbcf64..f12bee1 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -43,12 +43,12 @@ jobs: - &checkout-repo name: Checkout Repo if: github.event_name != 'schedule' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - &checkout-dev name: Checkout dev branch if scheduled if: github.event_name == 'schedule' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 with: ref: development diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index c1b8736..9503ff0 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -25,7 +25,7 @@ jobs: CI_ARCH: ${{ matrix.platform }} steps: - name: Checkout Repo - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 #v3.7.0 diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 7a9c781..8a95357 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - name: Spell-Checking uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 #v2.2 diff --git a/.github/workflows/dockerhub-description.yml b/.github/workflows/dockerhub-description.yml index d434fc4..6cd15e9 100644 --- a/.github/workflows/dockerhub-description.yml +++ b/.github/workflows/dockerhub-description.yml @@ -12,7 +12,7 @@ jobs: dockerHubDescription: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - name: Docker Hub Description uses: peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa #v5 diff --git a/.github/workflows/editorconfig.yml b/.github/workflows/editorconfig.yml index 30736e5..5a59ddc 100644 --- a/.github/workflows/editorconfig.yml +++ b/.github/workflows/editorconfig.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - name: Get editorconfig-checker uses: editorconfig-checker/action-editorconfig-checker@4b6cd6190d435e7e084fb35e36a096e98506f7b9 #v2.1.0 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3505cb7..60e4afe 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -41,7 +41,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - name: Remove 'stale' label run: gh issue edit ${{ github.event.issue.number }} --remove-label ${{ env.stale_label }} env: diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index bacf3ef..44996d1 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -11,7 +11,7 @@ jobs: name: Syncing branches steps: - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 - name: Opening pull request run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal' env: From a27f8a6943cae550bede92650f82fca8c1a492de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Dec 2025 10:04:42 +0000 Subject: [PATCH 05/22] Bump actions/stale from 10.1.0 to 10.1.1 Bumps [actions/stale](https://github.com/actions/stale) from 10.1.0 to 10.1.1. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/5f858e3efba33a5ca4407a664cc011ad407f2008...997185467fa4f803885201cee163a9f38240193d) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/stale.yml | 2 +- .github/workflows/stale_pr.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3505cb7..b740188 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -17,7 +17,7 @@ jobs: issues: write steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 #v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d #v10.1.1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30 diff --git a/.github/workflows/stale_pr.yml b/.github/workflows/stale_pr.yml index bb13d67..e15e3c9 100644 --- a/.github/workflows/stale_pr.yml +++ b/.github/workflows/stale_pr.yml @@ -17,7 +17,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 #v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d #v10.1.1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Do not automatically mark PR/issue as stale From b1d55bd3ecd42516f4b39f3fc10dd7743c8d7f75 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Mon, 8 Dec 2025 22:57:06 +0100 Subject: [PATCH 06/22] Pin base image by sha to catch silent rebuilds Signed-off-by: yubiuser --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index 132c824..2299d7a 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 ARG FTL_SOURCE=remote # Pull Stable images -FROM alpine:3.23 AS base +FROM alpine:3.23.0@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 AS base ARG TARGETPLATFORM ARG WEB_BRANCH="development" From 50a6b009c69ad3f2fd489e46fe6cd5e659a7a52e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Dec 2025 10:03:54 +0000 Subject: [PATCH 07/22] Bump pytest from 9.0.1 to 9.0.2 in /test Bumps [pytest](https://github.com/pytest-dev/pytest) from 9.0.1 to 9.0.2. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/9.0.1...9.0.2) --- updated-dependencies: - dependency-name: pytest dependency-version: 9.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index cf6a1aa..45ad0ce 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -1,4 +1,4 @@ -pytest == 9.0.1 +pytest == 9.0.2 pytest-testinfra == 10.2.2 pytest-clarity == 1.0.1 tox == 4.32.0 From c245faa49e37fc918a825a62969aafa62267589e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Dec 2025 15:53:05 +0000 Subject: [PATCH 08/22] Bump actions/download-artifact from 6.0.0 to 7.0.0 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...37930b1c2abaa49bbe596cd826c3c89aef350131) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index f12bee1..d7d07ec 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -135,7 +135,7 @@ jobs: - *checkout-dev - name: Download digests - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 #v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 #v7.0.0 with: path: /tmp/digests pattern: digests-* From 8b14ada52b7ef6df212f1e98b4b9f09976a1121c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Dec 2025 15:55:23 +0000 Subject: [PATCH 09/22] Bump actions/upload-artifact from 5.0.0 to 6.0.0 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5.0.0 to 6.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/330a01c490aca151604b8cf639adc76d48f6c5d4...b7c566a772e6b6bfb58ed0dc250532a479d7789f) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index f12bee1..ce6d25a 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -116,7 +116,7 @@ jobs: touch "/tmp/digests/${digest_docker#sha256:}" - name: Upload digest - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 #v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0 with: name: digests-${{ env.PLATFORM_PAIR }} path: /tmp/digests/* From c97651f4b72135324a412b02bf7efb34a5d69b7e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 15 Dec 2025 01:03:43 +0000 Subject: [PATCH 10/22] Add permissions section to workflows for content access Signed-off-by: Adam Warner --- .github/workflows/build-and-publish.yml | 3 +++ .github/workflows/build-and-test.yml | 3 +++ .github/workflows/codespell.yml | 3 +++ .github/workflows/editorconfig.yml | 3 +++ .github/workflows/housekeeping.yml | 3 +++ .github/workflows/merge-conflict.yml | 4 ++++ .github/workflows/stale.yml | 4 ++++ .github/workflows/sync-back-to-dev.yml | 4 ++++ 8 files changed, 27 insertions(+) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 595d63a..83af49e 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -8,6 +8,9 @@ on: release: types: [published] +permissions: + contents: read + packages: write env: dockerhub: ${{ secrets.DOCKERHUB_NAMESPACE }}/pihole diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 9503ff0..f69a4a2 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -2,6 +2,9 @@ name: Build Image and Test on: pull_request: +permissions: + contents: read + jobs: build-and-test: runs-on: ${{ matrix.runner }} diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 8a95357..9903a3f 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -3,6 +3,9 @@ on: pull_request: types: [opened, synchronize, reopened, ready_for_review] +permissions: + contents: read + jobs: spell-check: if: github.event.pull_request.draft == false diff --git a/.github/workflows/editorconfig.yml b/.github/workflows/editorconfig.yml index 5a59ddc..f3acecc 100644 --- a/.github/workflows/editorconfig.yml +++ b/.github/workflows/editorconfig.yml @@ -3,6 +3,9 @@ on: pull_request: types: [opened, synchronize, reopened, ready_for_review] +permissions: + contents: read + jobs: editorconfig-checker: if: github.event.pull_request.draft == false diff --git a/.github/workflows/housekeeping.yml b/.github/workflows/housekeeping.yml index c2acdf7..2dc4933 100644 --- a/.github/workflows/housekeeping.yml +++ b/.github/workflows/housekeeping.yml @@ -4,6 +4,9 @@ on: schedule: - cron: "0 0 * * *" +permissions: + packages: write + jobs: housekeeping: runs-on: ubuntu-latest diff --git a/.github/workflows/merge-conflict.yml b/.github/workflows/merge-conflict.yml index c7ceb93..760e2fe 100644 --- a/.github/workflows/merge-conflict.yml +++ b/.github/workflows/merge-conflict.yml @@ -8,6 +8,10 @@ on: pull_request_target: types: [synchronize] +permissions: + contents: read + pull-requests: write + jobs: main: runs-on: ubuntu-latest diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index a2d2458..61ed2f5 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -6,6 +6,10 @@ on: workflow_dispatch: issue_comment: +permissions: + issues: write + pull-requests: write + env: stale_label: stale diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index 44996d1..19af2a1 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -5,6 +5,10 @@ on: branches: - master +permissions: + contents: write + pull-requests: write + jobs: sync-branches: runs-on: ubuntu-latest From 9227255b4925059c57056b3a564a5ddec5a9b58e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Dec 2025 10:03:05 +0000 Subject: [PATCH 11/22] Bump alpine from 3.23.0 to 3.23.2 in /src Bumps alpine from 3.23.0 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index 2299d7a..01e3962 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 ARG FTL_SOURCE=remote # Pull Stable images -FROM alpine:3.23.0@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 AS base +FROM alpine:3.23.2@sha256:865b95f46d98cf867a156fe4a135ad3fe50d2056aa3f25ed31662dff6da4eb62 AS base ARG TARGETPLATFORM ARG WEB_BRANCH="development" From db354fbab2b0cf3404890405fd704761e339aded Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Dec 2025 10:42:58 +0000 Subject: [PATCH 12/22] Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.11.1 to 3.12.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 83af49e..fbc1e6d 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -94,7 +94,7 @@ jobs: - &setup-buildx name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 #v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f #v3.12.0 - name: Build container and push by digest id: build From 0afebcc0f937946ca86dfbb7f3caf7a06612c73e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jan 2026 10:02:52 +0000 Subject: [PATCH 13/22] Bump tox from 4.32.0 to 4.33.0 in /test Bumps [tox](https://github.com/tox-dev/tox) from 4.32.0 to 4.33.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/4.32.0...4.33.0) --- updated-dependencies: - dependency-name: tox dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index 45ad0ce..89c7738 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -1,6 +1,6 @@ pytest == 9.0.2 pytest-testinfra == 10.2.2 pytest-clarity == 1.0.1 -tox == 4.32.0 +tox == 4.33.0 # Not adding pytest-xdist as using pytest with n > 1 cores # causes random issues with the emulated architectures From 068bf82fc0fdbfbb01494e3b25c630f10d1e6854 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jan 2026 10:01:01 +0000 Subject: [PATCH 14/22] Bump tox from 4.33.0 to 4.34.1 in /test Bumps [tox](https://github.com/tox-dev/tox) from 4.33.0 to 4.34.1. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/4.33.0...4.34.1) --- updated-dependencies: - dependency-name: tox dependency-version: 4.34.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index 89c7738..2d0c6ae 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -1,6 +1,6 @@ pytest == 9.0.2 pytest-testinfra == 10.2.2 pytest-clarity == 1.0.1 -tox == 4.33.0 +tox == 4.34.1 # Not adding pytest-xdist as using pytest with n > 1 cores # causes random issues with the emulated architectures From 42c3d52473ebcd917aeffaf25aafddd259a04f53 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 24 Jan 2026 10:02:35 +0000 Subject: [PATCH 15/22] Bump actions/checkout from 6.0.1 to 6.0.2 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 4 ++-- .github/workflows/build-and-test.yml | 2 +- .github/workflows/codespell.yml | 2 +- .github/workflows/dockerhub-description.yml | 2 +- .github/workflows/editorconfig.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/sync-back-to-dev.yml | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index fbc1e6d..18c9087 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -46,12 +46,12 @@ jobs: - &checkout-repo name: Checkout Repo if: github.event_name != 'schedule' - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - &checkout-dev name: Checkout dev branch if scheduled if: github.event_name == 'schedule' - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 with: ref: development diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index f69a4a2..d0c29dc 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -28,7 +28,7 @@ jobs: CI_ARCH: ${{ matrix.platform }} steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 #v3.7.0 diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 9903a3f..0858ba8 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - name: Spell-Checking uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 #v2.2 diff --git a/.github/workflows/dockerhub-description.yml b/.github/workflows/dockerhub-description.yml index 6cd15e9..6865fe5 100644 --- a/.github/workflows/dockerhub-description.yml +++ b/.github/workflows/dockerhub-description.yml @@ -12,7 +12,7 @@ jobs: dockerHubDescription: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - name: Docker Hub Description uses: peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa #v5 diff --git a/.github/workflows/editorconfig.yml b/.github/workflows/editorconfig.yml index f3acecc..a84e902 100644 --- a/.github/workflows/editorconfig.yml +++ b/.github/workflows/editorconfig.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - name: Get editorconfig-checker uses: editorconfig-checker/action-editorconfig-checker@4b6cd6190d435e7e084fb35e36a096e98506f7b9 #v2.1.0 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 61ed2f5..83a8d0f 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - name: Remove 'stale' label run: gh issue edit ${{ github.event.issue.number }} --remove-label ${{ env.stale_label }} env: diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index 19af2a1..9c7ba41 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -15,7 +15,7 @@ jobs: name: Syncing branches steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 - name: Opening pull request run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal' env: From 403178bf5e882d4fe9c317207228950fa6a82dd7 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 27 Jan 2026 20:02:33 +0100 Subject: [PATCH 16/22] Fix python formatting for new black version Signed-off-by: yubiuser --- test/tests/test_bash_functions.py | 12 ++++-------- test/tests/test_general.py | 18 ++++++------------ 2 files changed, 10 insertions(+), 20 deletions(-) diff --git a/test/tests/test_bash_functions.py b/test/tests/test_bash_functions.py index 596c362..9c86b7f 100644 --- a/test/tests/test_bash_functions.py +++ b/test/tests/test_bash_functions.py @@ -6,12 +6,10 @@ import pytest def test_ftlconf_webserver_port(docker): func = docker.run("echo ${FTLCONF_webserver_port}") assert "999" in func.stdout - func = docker.run( - """ + func = docker.run(""" sleep 5 pihole-FTL --config webserver.port - """ - ) + """) assert "999" in func.stdout @@ -22,12 +20,10 @@ def test_ftlconf_webserver_port(docker): def test_ftlconf_dns_upstreams(docker): func = docker.run("echo ${FTLCONF_dns_upstreams}") assert "1.2.3.4;5.6.7.8#1234" in func.stdout - func = docker.run( - """ + func = docker.run(""" sleep 5 pihole-FTL --config dns.upstreams - """ - ) + """) assert "[ 1.2.3.4, 5.6.7.8#1234 ]" in func.stdout diff --git a/test/tests/test_general.py b/test/tests/test_general.py index c08c3ae..e29bf45 100644 --- a/test/tests/test_general.py +++ b/test/tests/test_general.py @@ -7,12 +7,10 @@ import os def test_pihole_uid_env_var(docker): func = docker.run("echo ${PIHOLE_UID}") assert "456" in func.stdout - func = docker.run( - """ + func = docker.run(""" sleep 5 id -u pihole - """ - ) + """) assert "456" in func.stdout @@ -21,12 +19,10 @@ def test_pihole_uid_env_var(docker): def test_pihole_gid_env_var(docker): func = docker.run("echo ${PIHOLE_GID}") assert "456" in func.stdout - func = docker.run( - """ + func = docker.run(""" sleep 5 id -g pihole - """ - ) + """) assert "456" in func.stdout @@ -90,11 +86,9 @@ def test_pihole_ftl_starts_and_shuts_down_cleanly(docker): def test_cronfile_valid(docker): - func = docker.run( - """ + func = docker.run(""" /usr/bin/crontab /crontab.txt crond -d 8 -L /cron.log grep 'parse error' /cron.log - """ - ) + """) assert "parse error" not in func.stdout From 4db6189148f2937582752319cc3b5f5d5a5076b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 07:57:35 +0000 Subject: [PATCH 17/22] Bump actions/setup-python from 6.1.0 to 6.2.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/83679a892e2d95755f2dac6acb0bfd1e9ac5d548...a309ff8b426b58ec0e2a45f0f869d46889d02405) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index d0c29dc..0521dc9 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -34,7 +34,7 @@ jobs: uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 #v3.7.0 - name: Set up Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 #v6.1.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 #v6.2.0 with: python-version: "3.13" From 9461b730f523e2ab3f65f97c9cca684bbec96e91 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 31 Jan 2026 10:02:30 +0000 Subject: [PATCH 18/22] Bump alpine from 3.23.2 to 3.23.3 in /src Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index 01e3962..cf6a6ac 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 ARG FTL_SOURCE=remote # Pull Stable images -FROM alpine:3.23.2@sha256:865b95f46d98cf867a156fe4a135ad3fe50d2056aa3f25ed31662dff6da4eb62 AS base +FROM alpine:3.23.3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 AS base ARG TARGETPLATFORM ARG WEB_BRANCH="development" From 44a9c64578dcf4697c09a5c8907f40272810a124 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 31 Jan 2026 10:50:05 +0000 Subject: [PATCH 19/22] Bump docker/login-action from 3.6.0 to 3.7.0 Bumps [docker/login-action](https://github.com/docker/login-action) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 18c9087..06e3fec 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -73,7 +73,7 @@ jobs: - &login-dockerhub name: Login to Docker Hub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef #v3.6.0 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 #v3.7.0 with: registry: docker.io username: ${{ secrets.DOCKERHUB_USER }} @@ -81,7 +81,7 @@ jobs: - &login-ghcr name: Login to GitHub Container Registry - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef #v3.6.0 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 #v3.7.0 with: registry: ghcr.io username: ${{ github.repository_owner }} From 48c149f4dfdf98384fdc9a3b1236ad6c0a332365 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Feb 2026 10:02:22 +0000 Subject: [PATCH 20/22] Bump docker/build-push-action from 6.18.0 to 6.19.2 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.18.0 to 6.19.2. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/263435318d21b8e681c14492fe198d362a7d2c83...10e90e3645eae34f1e60eeb005ba3a3d33f178e8) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: 6.19.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 06e3fec..4e21eef 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -98,7 +98,7 @@ jobs: - name: Build container and push by digest id: build - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 #v6.19.2 with: context: ./src/ platforms: ${{ matrix.platform }} From 22da7993a4ffe618ca2406221d816d5bc327997b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Feb 2026 13:34:04 +0000 Subject: [PATCH 21/22] Bump tox from 4.34.1 to 4.35.0 in /test Bumps [tox](https://github.com/tox-dev/tox) from 4.34.1 to 4.35.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/4.34.1...4.35.0) --- updated-dependencies: - dependency-name: tox dependency-version: 4.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index 2d0c6ae..eae6ccc 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -1,6 +1,6 @@ pytest == 9.0.2 pytest-testinfra == 10.2.2 pytest-clarity == 1.0.1 -tox == 4.34.1 +tox == 4.35.0 # Not adding pytest-xdist as using pytest with n > 1 cores # causes random issues with the emulated architectures From b796c9d4a2469b2bacdd8e2838532f174a00f08a Mon Sep 17 00:00:00 2001 From: yubiuser Date: Sat, 14 Feb 2026 15:48:50 +0100 Subject: [PATCH 22/22] Set fixed buildx version to mitigate issues with buildx version 0.31.1 Signed-off-by: yubiuser --- .github/workflows/build-and-publish.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 4e21eef..d7d7e38 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -95,6 +95,10 @@ jobs: - &setup-buildx name: Set up Docker Buildx uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f #v3.12.0 + with: + # Buildx version 0.31.1 broke our publish workflow, this need to be revised when 0.32.0 is released + # https://github.com/docker/buildx/releases/tag/v0.31.1 + version: v0.31.0 - name: Build container and push by digest id: build