Skip to content

chore(deps): update semaphoreui/semaphore docker tag to v2.18.27#21

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/semaphoreui-semaphore-2.x
Open

chore(deps): update semaphoreui/semaphore docker tag to v2.18.27#21
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/semaphoreui-semaphore-2.x

Conversation

@renovate

@renovate renovate Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Update Change
semaphoreui/semaphore patch v2.18.12v2.18.27

Release Notes

semaphoreui/semaphore (semaphoreui/semaphore)

v2.18.27

Compare Source

Changelog

  • 240e595 fix(templates): validate app

v2.18.26

Compare Source

Changelog

  • ee781a0 feat(auth): verify current password to fix CWE-620

v2.18.25

Compare Source

Changelog
  • 7c3789c fix(runners): close connections

v2.18.24

Compare Source

v2.18.23

Compare Source

Changelog

  • 74d8dd5 feat(ui): placeholder for enterprise storages

v2.18.22

Compare Source

Changelog

  • debf7a0 feat(ui): return extra vars for secrets

v2.18.21

Compare Source

Changelog

  • 2d6e2e3 feat: secure flag for session when https enabled

v2.18.20

Compare Source

Bugfixes

  • Validate playbook path

v2.18.19

Compare Source

v2.18.19 Release Summary

This patch release includes several important security and validation fixes.

Security fixes
  • Added validation for Git repository URLs to prevent Git option injection.
  • Added --end-of-options to Git commands to make repository URL and branch handling safer.
  • Fixed branch override handling: task-level Git branch override is now applied only when the template explicitly allows it.
  • Prevented custom roles from shadowing built-in role slugs such as owner or manager.
  • Fixed permission resolution so built-in roles always use their built-in permissions instead of database-defined custom roles.
  • Added validation to prevent access keys from being updated with a different ID or moved to another project.
Reliability and tests
  • Added tests for Git URL validation and Git command injection protection.
  • Added tests for access key update validation.
  • Added tests for custom role validation and reserved role slugs.
  • Refactored Git branch resolution into a dedicated helper to make task behavior more consistent.

v2.18.18

Compare Source

v2.18.17

Compare Source

v2.18.16

Compare Source

Bugfixes

  • Fix variable groups sync functionality

v2.18.15

Compare Source

v2.18.14

Compare Source


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants