chore(deps): bump git2 from 0.19.0 to 0.20.4 in /apps/src-tauri#325
Open
dependabot[bot] wants to merge 1186 commits intonextfrom
Open
chore(deps): bump git2 from 0.19.0 to 0.20.4 in /apps/src-tauri#325dependabot[bot] wants to merge 1186 commits intonextfrom
dependabot[bot] wants to merge 1186 commits intonextfrom
Conversation
…t search with the previous
* refactor<gp>: make gitpod works with tauri * docs: update gitpod instruction
* feat: sort files by name using localeCompare (#196) * refactor: avoid conditional statement on sorting A-Z and Z-A * refactor: make sort inside conditional statement instead of conditional statement inside sort function Co-authored-by: uahnbu <[email protected]> * fix: typescript compiled failed Co-authored-by: uahnbu <[email protected]>
feat: add support for `lnk` files
…ll extension feature
- Fix multi-registration capture (BottomTab + Command in same extension)
- BottomPanel subscribes to extensionHost.onChange() for dynamic updates
- loadInstalledExtensions calls notifyChange() after loading
- Fix selectedFiles type mismatch (Set<string> -> Array<{name,path,is_dir}>)
- Fix install/uninstall ID tracking (use manifest ID, not marketplace CUID)
- Add storage and git APIs to extension API factory
- Add api.backend.call() bridge for WASM extension backends
- Fix mutex deadlock in download_and_install_extension
Remove the single `any` type. Convert all React.memo(function) to arrow style across 26 files. Replace 8 empty .catch() with console.warn. Add .catch() to 2 unhandled promise chains.
Clear inline --xp-* CSS properties when switching to extension themes. MainLayout uses var(--xp-bg-gradient, var(--xp-bg)) fallback chain.
…tension icons Model picker grouped by provider (Anthropic/OpenAI/Google/DeepSeek/ Mistral/Ollama). api.ai.chat() auto-reads model from settings. Removed model picker dropdown from ChatPanel, ChatHeader, ChatFileView. Added 30+ Lucide icons for extension sidebar (message, target, chart, etc).
… bug
History tab: commits grouped by date, graph line, colored avatars,
inline file expand. Fix {branch} literal in commit button. Fix Proxy
invariant violation on non-configurable window properties.
- Redact API keys from get_agent_settings (SafeAgentSettings struct) - Separate update_agent_api_keys command (not exposed to extensions) - validate_file_path on 16 unprotected Rust commands (10 modules) - Block Object.getPrototypeOf sandbox escape (shadow Object/Reflect) - Block execute_command from extension nativeInvoke - 5 P2 fixes: storage isolation, startsWith path matching, cross-ext command gating, database isPathAllowed, gdrive.getSettings permission
- PrismLight with 18 languages (~500KB → ~80KB) - Dynamic import: xlsx (~700KB), mammoth (~200KB), pdfjs (~1.3MB), papaparse (~50KB), DOMPurify (~50KB) - React.memo: FileRow, ColumnFileRow, MessageBubble, ToolCallItem, ToolCallsList - useMemo: filteredEntries, directoryStats, sortedFiles, contextableFiles - Extract Clock from HomePage (1s timer no longer re-renders 917 lines) - Fix mousemove listener cleanup in LeftSidebar - Virtualize GalleryView filmstrip with @tanstack/react-virtual
Search: scope toggle (This Folder/Everywhere) + token syntax (kind:, size:, date:, ext:). Eject volumes (diskutil/umount/IOCTL). File locking toggle with lock badge. Spring-loaded folders (500ms hover). Action menu (gear) in toolbar. High contrast accessibility mode. Copy/Cut/Paste/Delete icon buttons in toolbar. i18n for 4 locales.
- settings.tsx: 1666 → 427 lines (5 tab modules extracted) - LeftSidebar: 1481 → 249 lines (7 sidebar sub-components) - SplitContainer: 55 props → 4 (ExplorerContext eliminates drilling) - New useWindowEvent hook replaces 15+ scattered patterns - 38 localStorage keys centralized in storage-keys.ts - BottomPanel: flex layout for extension tab scrolling - Clipboard actions in ExplorerContext
Git extension dispatches git-branch-changed event on branch switch. StatusBar listens and re-fetches git info. Previously only refreshed on path change, so branch switches were invisible in the status bar.
…nd execution - Block arbitrary command execution via sanitize_command allowlist bypass - Scope WASM host_read_file to safe directories (was reading any file) - Add backend permission check to native_plugin_invoke - Fix open_file Windows cmd.exe injection (use explorer.exe directly) - Validate eject_volume paths against actual mount points - Sanitize markdown preview HTML to prevent XSS - Strengthen Argon2 KDF parameters (64MiB, 3 iterations) - Fix api.rs Mutex guards to recover from poisoning
- Wrap read_directory, is_dir, get_dir_size in spawn_blocking - Wrap get_file_properties, get_detailed_file_properties in spawn_blocking - Wrap get_directory_size, get_directory_item_count, set_file_permissions - Fix O(N*M) search incremental update: use O(1) path_to_id lookup instead of scanning all documents per file (2.5B comparisons at 50K files)
- Remove 6 duplicate formatFileSize implementations, import from utils - Replace 160+ manual lucide-react icon mocks with Proxy-based auto-mock
…templates - Add SECURITY.md with vulnerability disclosure process - Add .env.example documenting optional API keys and config - Add Dependabot for npm, cargo, and GitHub Actions - Add security-audit CI job (pnpm audit + cargo audit) - Add PR template and bug/feature issue templates
…module - Create extension-sandbox-env.ts as single source of truth for sandbox proxy - Remove ~200 lines of duplicated security code from extension-host.ts - Remove ~200 lines of duplicated security code from extension-sandbox.ts - Extension-host now gets stricter security checks it was previously missing
- Merge git_integration.rs into git_history.rs (git_integration re-exports) - Replace standalone watcher.rs with thin facade over file_watcher.rs - Eliminates duplicate git2 repo opening and duplicate notify debouncer setup
…ode version - Replace 1109-line SDK types copy with re-export from tauri-api-types - Replace `any` in git service with proper GitCommit interface - Add SortField discriminated union type for file sorting - Align Node.js version to 20+ across README, CONTRIBUTING, and CI
1802-line monolithic TauriAPI class → 7 domain-specific files: - file-system.ts (498 lines) — file CRUD, compression, encryption - system.ts (448 lines) — terminal, drives, Docker, sync, backup - storage.ts (249 lines) — bookmarks, tags, notes, chat history - search.ts (154 lines) — search, tokenizer, AI indexing - git.ts (144 lines) — history, branches, stash, commits - extensions.ts (138 lines) — install, activate, WASM backends - ai.ts (125 lines) — chat, analysis, agent operations Original tauri-api.ts is now a 3-line re-export shim. All 195 existing import sites unchanged.
…ort bug - Propagate SortField union type to hooks, contexts, components, and tests - Fix latent bug: GDriveFileBrowser used 'modified' instead of 'dateModified' which silently fell through to default name sort - Update package.json engines to Node >=20
Bumps [git2](https://github.com/rust-lang/git2-rs) from 0.19.0 to 0.20.4. - [Changelog](https://github.com/rust-lang/git2-rs/blob/git2-0.20.4/CHANGELOG.md) - [Commits](rust-lang/git2-rs@git2-0.19.0...git2-0.20.4) --- updated-dependencies: - dependency-name: git2 dependency-version: 0.20.4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
dependabot
bot
added
the
dependencies
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps git2 from 0.19.0 to 0.20.4.
Changelog
Sourced from git2's changelog.
... (truncated)
Commits
8852d7dMerge pull request #1214 from weihanglo/backport-from-raw-parts0b274f7Bump to 0.20.473a5d5dAdd test for dereference of an empty Bufce56683fix: check ptr nullity before calling from_raw_parts7cf345cMerge pull request #1197 from ehuss/git2-0.20-brdd41077Bump git2 to 0.20.3a6a58e2Merge pull request #1195 from ehuss/update-libgit21fb5f64Merge pull request #1161 from ehuss/bump-version26bfd30Update version of git2 to 0.20.2eef4592Merge pull request #1160 from ehuss/indexer-initDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)