Welcome to [Renovate](https://github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.
🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.
---
### Detected Package Files
* `Dockerfile` (dockerfile)
* `helm/kestrelos/values.yaml` (helm-values)
* `package.json` (npm)
* `.woodpecker/pr.yml` (woodpecker)
* `.woodpecker/push.yml` (woodpecker)
### Configuration Summary
Based on the default config's presets, Renovate will:
- Start dependency updates only once this onboarding PR is merged
- Enable Renovate Dependency Dashboard creation.
- Use semantic commit type `fix` for dependencies and `chore` for all others if semantic commits are in use.
- Ignore `node_modules`, `bower_components`, `vendor` and various test/tests (except for nuget) directories.
- Group known monorepo packages together.
- Use curated list of recommended non-monorepo package groupings.
- Show only the Age and Confidence Merge Confidence badges for pull requests.
- Apply crowd-sourced package replacement rules.
- Apply crowd-sourced workarounds for known problems with packages.
- Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
- Correctly link to the source code for golang.org/x packages
- Link to pkg.go.dev/... for golang.org/x packages' title
- Pin Docker digests.
- Pin `github-action` digests.
- Enable Renovate configuration migration PRs when needed.
- Pin dependency versions for development dependencies.
- Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
- Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
- Run lock file maintenance (updates) early Monday mornings.
- Group all `minor` and `patch` updates together.
🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to `renovate.json` in this branch. Renovate will update the Pull Request description the next time it runs.
---
### What to Expect
With your current configuration, Renovate will create 5 Pull Requests:
<details>
<summary>chore(deps): pin dependencies</summary>
- Schedule: ["at any time"]
- Branch name: `renovate/pin-dependencies`
- Merge into: `main`
- Pin @iconify-json/tabler to `1.2.26`
- Pin [@nuxt/eslint](https://github.com/nuxt/eslint) to `1.15.1`
- Pin [@nuxt/test-utils](https://github.com/nuxt/test-utils) to `4.0.0`
- Pin [@playwright/test](https://github.com/microsoft/playwright) to `1.58.2`
- Pin [@vitest/coverage-v8](https://github.com/vitest-dev/vitest) to `4.0.18`
- Pin [@vue/test-utils](https://github.com/vuejs/test-utils) to `2.4.6`
- Upgrade alpine to `sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659`
- Upgrade alpine/helm to `sha256:b5c85b997d83e89d9e8ff9215a14b03864274143981af45eb3fe729cdf782c73`
- Pin [eslint](https://github.com/eslint/eslint) to `9.39.2`
- Upgrade [git.keligrubb.com/keligrubb/kestrelos](https://github.com/nodejs/docker-node) to `sha256:a7e93276f5090e2c23792b4eedfb9228bfca182f651989551796356b365205e8`
- Pin [happy-dom](https://github.com/capricorn86/happy-dom) to `20.6.1`
- Upgrade mcr.microsoft.com/playwright to `sha256:6446946a1d9fd62d9ae501312a2d76a43ee688542b21622056a372959b65d63d`
- Upgrade [node](https://github.com/nodejs/node) to `sha256:a81a03dd965b4052269a57fac857004022b522a4bf06e7a739e25e18bce45af2`
- Pin [vitest](https://github.com/vitest-dev/vitest) to `4.0.18`
- Upgrade woodpeckerci/plugin-kaniko to `sha256:b88802ba66af95ee28a8ffde08715631ec2892e024b2c74e90e19f73a5c2c602`
</details>
<details>
<summary>chore(deps): update all non-major dependencies</summary>
- Schedule: ["at any time"]
- Branch name: `renovate/all-minor-patch`
- Merge into: `main`
- Upgrade [mediasoup-client](https://github.com/versatica/mediasoup-client) to `3.18.7`
- Upgrade [tar](https://github.com/isaacs/node-tar) to `7.5.9`
</details>
<details>
<summary>chore(deps): update dependency eslint to v10</summary>
- Schedule: ["at any time"]
- Branch name: `renovate/major-eslint-monorepo`
- Merge into: `main`
- Upgrade [eslint](https://github.com/eslint/eslint) to `^10.0.0`
</details>
<details>
<summary>fix(deps): update dependency vue-router to v5</summary>
- Schedule: ["at any time"]
- Branch name: `renovate/vue-router-5.x`
- Merge into: `main`
- Upgrade [vue-router](https://github.com/vuejs/router) to `^5.0.0`
</details>
<details>
<summary>chore(deps): lock file maintenance</summary>
- Schedule: ["* 0-3 * * 1"]
- Branch name: `renovate/lock-file-maintenance`
- Merge into: `main`
- Regenerate lock files to use latest dependency versions
</details>
🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for `prHourlyLimit` for details.
---
❓ Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section.
If you need any further assistance then you can also [request help here](https://github.com/renovatebot/renovate/discussions).
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-config-hash:94693a990c975907e7f13da3309b9d56ba02b3983519b41786edf5cf031e457c-->
Reviewed-on: #7
Co-authored-by: Renovate Bot <renovate@keligrubb.com>
Co-committed-by: Renovate Bot <renovate@keligrubb.com>
## Added
- CoT (Cursor on Target) server on port 8089 enabling ATAK/iTAK device connectivity
- Support for TAK stream protocol and traditional XML CoT messages
- TLS/SSL support with automatic fallback to plain TCP
- Username/password authentication for CoT connections
- Real-time device position tracking with TTL-based expiration (90s default)
- API endpoints: `/api/cot/config`, `/api/cot/server-package`, `/api/cot/truststore`, `/api/me/cot-password`
- TAK Server section in Settings with QR code for iTAK setup
- ATAK password management in Account page for OIDC users
- CoT device markers on map showing real-time positions
- Comprehensive documentation in `docs/` directory
- Environment variables: `COT_PORT`, `COT_TTL_MS`, `COT_REQUIRE_AUTH`, `COT_SSL_CERT`, `COT_SSL_KEY`, `COT_DEBUG`
- Dependencies: `fast-xml-parser`, `jszip`, `qrcode`
## Changed
- Authentication system supports CoT password management for OIDC users
- Database schema includes `cot_password_hash` field
- Test suite refactored to follow functional design principles
## Removed
- Consolidated utility modules: `authConfig.js`, `authSkipPaths.js`, `bootstrap.js`, `poiConstants.js`, `session.js`
## Security
- XML entity expansion protection in CoT parser
- Enhanced input validation and SQL injection prevention
- Authentication timeout to prevent hanging connections
## Breaking Changes
- Port 8089 must be exposed for CoT server. Update firewall rules and Docker/Kubernetes configurations.
## Migration Notes
- OIDC users must set ATAK password via Account settings before connecting
- Docker: expose port 8089 (`-p 8089:8089`)
- Kubernetes: update Helm values to expose port 8089
Co-authored-by: Madison Grubb <madison@elastiflow.com>
Reviewed-on: #6
# Changes
* package and release helm charts for the project
* configure a new release system based of semver
* add changelog entries via keep-a-changelog formatting
* add gitea releases
Co-authored-by: Madison Grubb <madison@elastiflow.com>
Reviewed-on: #3
