| Age | Commit message (Collapse) | Author |
|---|
|
- apparently the API now requires a `X-Pinterest-PWS-Handler` in order to
properly function (extracted from their web UI)
- the other `X-Pinterest` headers here are added in case they become mandatory
too
Closes: https://github.com/searxng/searxng/issues/4812
|
|
- uxwing provides attribution-free icons to use for design projects
- svgrepo was my go-to before, but it's ratelimiting a lot recently
|
|
Icons category makes sense because it allows to quickly search for free SVG
icons to use for websites / other designs with a quick `!icons` query
Icons don't seem to fit into the normal images category that well because icons
are quite a special type of images
|
|
|
|
|
|
|
|
ddg-videos (#4809)
The global variable CACHE is not initialized when DDG images or DDG videos
import the get_vqd() function (please remember: the engine modules are imported
using the importlib method and not via the `import` keyword).
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
That entrypoint is prone to screw things up, especially with permission handling. The new script handles initialization better and fixes some issues like delayed settings update via ENVs and timestamp overwriting, also adjusts what should be copied into the container.
Related https://github.com/searxng/searxng/pull/4721#issuecomment-2850272129
|
|
The wolfi-base metapackage includes busybox, ca-certificates-bundle and the package manager. The change is to make the use of base-builder image more flexible.
|
|
Bumps [vite-plugin-static-copy](https://github.com/sapphi-red/vite-plugin-static-copy) from 2.3.1 to 3.0.0.
- [Release notes](https://github.com/sapphi-red/vite-plugin-static-copy/releases)
- [Changelog](https://github.com/sapphi-red/vite-plugin-static-copy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sapphi-red/vite-plugin-static-copy/compare/vite-plugin-static-copy@2.3.1...vite-plugin-static-copy@3.0.0)
|
|
Reported-by: @unifox https://github.com/searxng/searxng/issues/2722#issuecomment-2884993248
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Instead of using Wolfi base images from cgr.dev and making that mess on the Dockerfile, why don't we build the base images ourselves from Wolfi repos with apko? The intention of this is to simplify the main Dockerfile and avoid having to patch the base image every time, it also simplifies some steps like image ownership management and provides extremely fast builds.
|
|
|
|
Bumps the minor group with 1 update: [typer-slim](https://github.com/fastapi/typer).
Updates `typer-slim` from 0.15.3 to 0.15.4
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](https://github.com/fastapi/typer/compare/0.15.3...0.15.4)
---
updated-dependencies:
- dependency-name: typer-slim
dependency-version: 0.15.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Wolfi OS images are specifically designed for container use. Using a specially designed base image for containers not only reduces maintenance burdens, but improves overall experience for developers (fewer packages we have to track) and end users (smaller images).
Discussion here: https://github.com/searxng/searxng/issues/4753
|
|
Allows to push the manifests to other registries, this allows to push both docker.io and ghcr.io registries.
|
|
If the workflow is executed with the "workflow_dispatch" trigger, the user who executed the workflow becomes the author of the commit on the PR, this is not intended.
It also reverts the body param so that the default text of the action does not appear.
|
|
`checker.yml` and `integration.yml` are the only workflows that are currently safe to be executed simultaneously, the others present a risk that the order of completion may not be expected. The ones that are chained from `integration.yml` can be called as many times as `integration.yml` workflows are running at that moment, the same with the trigger "workflow_dispatch".
This can be fatal for workflows like `container.yml` that use a centralized cache to store and load the candidate images in a common tag called "searxng-<arch>".
* For example, a `container.yml` workflow is executed after being chained from `integration.yml` (called "~1"), and seconds later it may be triggered again because another PR merged some breaking changes (called "~2"). While "~1" has already passed the test job successfully and is about to start the release job, "~2" finishes building the container and overwrites the references on the common tag. When "~1" in the release job loads the images using the common tag, it will load the container of "~2" instead of "~1" having skipped the whole test job process.
The example is only set for the container workflow, but the other workflows might occur in a similar way.
|
|
This is a typo, but if there are multiple patterns in hashFiles, they should be separated by commas.
https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#examples-with-multiple-patterns
|
|
Currently, we have 1100~ cache images uploaded to GHCR that weigh more than 300 MB each (most of them are layers from the second phase of the Dockerfile that were uploaded by mistake, read below). To avoid problems, I have set up a new job in a new workflow to be run weekly purging all images older than 1 week, but leaving always the 100 most recent ones.
Only the builder images should be uploaded to cache, the actual behaviour not only slows down the time for building the container, but also wastes lots of space by saving large and useless layers to GHCR that will never be used again.
|
|
Bumps [flask](https://github.com/pallets/flask) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/flask/compare/3.1.0...3.1.1)
|
|
Everyone should have already switched from legacy methods.
|
|
Bumps the minor group with 2 updates: [selenium](https://github.com/SeleniumHQ/Selenium) and [redis](https://github.com/redis/redis-py).
Updates `selenium` from 4.31.0 to 4.32.0
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/compare/selenium-4.31.0...selenium-4.32.0)
Updates `redis` from 5.0.8 to 5.2.1
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v5.0.8...v5.2.1)
|
|
Bumps the minor group in /client/simple with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.25.1` | `9.26.0` |
| [eslint](https://github.com/eslint/eslint) | `9.25.1` | `9.26.0` |
| [globals](https://github.com/sindresorhus/globals) | `16.0.0` | `16.1.0` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.4` | `6.3.5` |
| [webpack](https://github.com/webpack/webpack) | `5.99.7` | `5.99.8` |
Updates `@eslint/js` from 9.25.1 to 9.26.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.26.0/packages/js)
Updates `eslint` from 9.25.1 to 9.26.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.25.1...v9.26.0)
Updates `globals` from 16.0.0 to 16.1.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v16.0.0...v16.1.0)
Updates `vite` from 6.3.4 to 6.3.5
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.5/packages/vite)
Updates `webpack` from 5.99.7 to 5.99.8
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.99.7...v5.99.8)
|
|
Everyone should have already switched from legacy methods
|
|
Of the archlinux wikis only wiki.archlinux.org has a has Anubis challenge.
About Anubis[1]:
> Anubis decides to present a challenge using this logic:
>
> - User-Agent contains "Mozilla"
> ...
> This should ensure that git clients, RSS readers, and other low-harm clients
> can get through without issue ..
[1] https://github.com/TecharoHQ/anubis/blob/6c0ff3f4d5e7a66ea85e5873e6ee4c28692091d7/docs/docs/design/how-anubis-works.mdx#challenge-presentation
Suggested-by: @unixfox https://github.com/searxng/searxng/issues/4646#issuecomment-2855322406
Closes: https://github.com/searxng/searxng/issues/4646
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
When making the container rework, I unknowingly deleted the section where an env with the same name as the secret was defined on the job scope, making it look like it was originally defined as an organization env.
Since we can't validate the secrets in a condition directly, it's better to let docker/login-action take care of failing the entire job if the credentials are invalid.
Reported in: https://github.com/searxng/searxng/issues/4777
|
|
Suggested-by: @return42 https://github.com/searxng/searxng/pull/4764#discussion_r2083571202
|
|
Suggested-by: @return42 https://github.com/searxng/searxng/pull/4764#discussion_r2083564489
|
|
By default, Dependabot opens a new pull request to update each dependency and we
have a very large number of Dependabot pull requests to review and merge, which
can quickly become difficult to manage.
The intention of this patch to dependabot is to have:
- one PR for all minor & patch level updates
- one PR for every dependency with a major update
[1] https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/optimizing-pr-creation-version-updates
[2] https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#groups
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Chapter on the purpose of (git) commits
The commits and their messages are elementary for the traceability of changes
and are unfortunately still too often given too little attention.
It therefore seems necessary to dedicate a chapter to this topic in the context
of development.
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
env.DOCKERHUB_USERNAME shouldn't be an empty string as it's defined and set (I think, I can't see this). Even if wasn't defined, GitHub Org/Repo wide envs/secrets should return an empty string (?)
|
|
container.yml will run after integration.yml COMPLETES successfully and in master branch.
Style changes, cleanup and improved integration with CI by leveraging the use of
shared cache between all workflows.
* Podman is now supported to build the container images (Docker also received a refactor, merging both build and buildx)
* Container images are being built by Buildah instead of Docker BuildKit.
* Container images are tested before release.
* Splitting "modern" (amd64 & arm64) and "legacy" (armv7) arches on different Dockerfiles allowing future optimizations.
|
|
Style changes, cleanup and improved integration with CI by leveraging the use of
shared cache between all workflows.
|
|
l10n.yml will run after integration.yml finishes successfully (will defer anything depending on integration.yml until heavy loads like container building are moved to separate workflows) and in master branch.
* After every integration.yml workflow completes successfully, only the `update` job runs.
* Dispatch and Crontab triggers only the `pr` job.
Style changes, cleanup and improved integration with CI by leveraging the use of shared cache between all workflows (not functional until all workflows have been refactored).
|
|
Instead of executing the workflow after integration.yml completes correctly, let's run this workflow parallel to integration.yml restoring the original behaviour.
|
|
* chore: docker dependabot
* Add github actions too
|
|
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Starting with ionicons-8.0.8 the SVG already contains a class attribute and
instaed of using SVGO plugin ``addAttributesToSVGElement`` we habve to use
``addClassesToSVGElement`` to add out ``__jinja_class_placeholder__``.
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Bumps [ionicons](https://github.com/ionic-team/ionicons) from 7.4.0 to 8.0.8.
- [Release notes](https://github.com/ionic-team/ionicons/releases)
- [Commits](https://github.com/ionic-team/ionicons/compare/v7.4.0...v8.0.8)
---
updated-dependencies:
- dependency-name: ionicons
dependency-version: 8.0.8
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
Bumps [pylint](https://github.com/pylint-dev/pylint) from 3.3.6 to 3.3.7.
- [Release notes](https://github.com/pylint-dev/pylint/releases)
- [Commits](https://github.com/pylint-dev/pylint/compare/v3.3.6...v3.3.7)
---
updated-dependencies:
- dependency-name: pylint
dependency-version: 3.3.7
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [yamllint](https://github.com/adrienverge/yamllint) from 1.37.0 to 1.37.1.
- [Release notes](https://github.com/adrienverge/yamllint/releases)
- [Changelog](https://github.com/adrienverge/yamllint/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/adrienverge/yamllint/compare/v1.37.0...v1.37.1)
---
updated-dependencies:
- dependency-name: yamllint
dependency-version: 1.37.1
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
6f8c520f2 - 2025-05-08 - polskiecus <polskiecus@noreply.codeberg.org>
05dd91d5b - 2025-05-08 - return42 <return42@noreply.codeberg.org>
686b8e5fb - 2025-05-08 - return42 <return42@noreply.codeberg.org>
f40b42bd8 - 2025-05-05 - ehsanrs2 <ehsanrs2@noreply.codeberg.org>
b8013bc99 - 2025-05-03 - polskiecus <polskiecus@noreply.codeberg.org>
5affaa104 - 2025-05-02 - SomeTr <sometr@noreply.codeberg.org>
Co-authored-by: searxng-bot <searxng-bot@users.noreply.github.com>
|
|
|
|
Co-authored-by: inetol <inetol@users.noreply.github.com>
|
|
Co-authored-by: inetol <inetol@users.noreply.github.com>
|
|
Co-authored-by: inetol <inetol@users.noreply.github.com>
|
|
Co-authored-by: inetol <inetol@users.noreply.github.com>
|
|
We actually don't need to keep the token on checkout because `peter-evans/create-pull-request` will read from `github.token`. The obvious `pull-requests` write permission wasn't set in the last fix, so I added it now.
|
