perso/huawei-3G-SMS-API
4
0
Fork 0
Code Issues 1 Pull Requests Actions Releases Wiki Activity

chore(deps): update binwiederhier/ntfy docker tag to v2.25.0 #15

Merged
jcabillot merged 1 commits from renovate/binwiederhier-ntfy-2.x into master 2026-06-26 11:20:41 -04:00
Conversation 0 Commits 1 Files Changed 1
+1 -1
renovate commented 2026-06-24 19:54:30 -04:00
Member
Copy Link
Copy Source

This PR contains the following updates:

Package Type Update Change
binwiederhier/ntfy (source) final minor v2.24.0v2.25.0

⚠️ Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

binwiederhier/ntfy (binwiederhier/ntfy)

v2.25.0

Compare Source

This release adds password reset via email, and reworks email verification to use durable, link-based magic links (replacing the old in-memory 6-digit codes). Email stays optional at signup; a user can reset their password only once they have a verified "primary" (recovery)email.

All of this work is probably not useful for self-hosters, but it hopefully will be useful for me, since I do have to reset accounts on a regular basis.

Security issues:

  • Generate access tokens, IDs, and magic-link tokens with a cryptographically secure RNG (crypto/rand) instead of a clock-seeded PRNG

Features:

  • Add password reset via emailed magic link, with a "Forgot password" link on the login page and a ntfy user reset-pass CLI command for admins
  • Rework email verification to use durable, single-use, expiring magic links instead of in-memory 6-digit codes, and add a "primary" email (used for account recovery and as the X-Email: yes target) with verified/unverified state in the account UI
  • You can now clear/read messages and delete messages with a GET request (#​1771, thanks to @​lemmi for reporting and to @​wunter8 for implementing)
  • Add a reload button to the web app's action bar when running as an installed PWA, which clears the service worker caches and hard-refreshes the app
  • Add a "Back to app" link to the web app's login, signup, and password-reset pages (alongside the existing links), which previously had no way back to the app

Bug fixes + maintenance:

  • X-Email: yes (also true/1) now sends to your primary verified email regardless of the smtp-sender-verify setting (previously it was rejected unless verification was enabled); it requires being logged in with a verified address
  • Grant users full access to their own sync topic (st_...) so cross-device subscription sync works under auth-default-access: deny-all (#​733, #​1795, thanks to @​lmorchard for the contribution)
  • Support HTTP (non-TLS) S3-compatible endpoints by preserving the endpoint scheme, e.g. for a local MinIO instance (#​1794, #​1734, thanks to @​sskender for the contribution, and @​Kernald for reporting)
  • Stop silently stripping spaces from passwords while typing in the web app's login, signup, and password-reset forms (#​1246, thanks to @​aldem for reporting)
  • Update web app dependencies, including major-version upgrades to Vite (6 -> 8, now Rolldown-based), Material UI (5 -> 9), and Dexie (3 -> 4) (#​1800, #​1764, #​1767, #​1762, #​1766, #​1765, thanks Dependabot)
  • Play notification sounds in the web app even when the Notification API is unavailable, e.g. over plain HTTP or in browsers without notification support (#​1772, thanks to @​mitya12342 for the contribution)
  • Stop escaping <, >, and & as \u003c/\u003e/\u0026 in JSON responses (#​1511, #​1512, thanks to @​wunter8 for the contribution)
  • Fix the web app navbar not reflecting a topic reservation (lock icon, and "Reserve topic" -> "Change reservation"/"Remove reservation" menu) until a page reload, by persisting reservation and display-name changes onto already-subscribed topics during account sync
  • Reduce the web app's initial bundle size by ~300 KB (~50 KB gzipped) by lazy-loading the emoji picker dataset and the Markdown renderer, and by importing Material UI icons individually

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [binwiederhier/ntfy](https://ntfy.sh/) ([source](https://github.com/binwiederhier/ntfy)) | final | minor | `v2.24.0` → `v2.25.0` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the [Dependency Dashboard](issues/3) for more information. --- ### Release Notes <details> <summary>binwiederhier/ntfy (binwiederhier/ntfy)</summary> ### [`v2.25.0`](https://github.com/binwiederhier/ntfy/releases/tag/v2.25.0) [Compare Source](https://github.com/binwiederhier/ntfy/compare/v2.24.0...v2.25.0) This release adds **password reset** via email, and reworks email verification to use durable, link-based magic links (replacing the old in-memory 6-digit codes). Email stays optional at signup; a user can reset their password only once they have a verified "primary" (recovery)email. All of this work is probably not useful for self-hosters, but it hopefully will be useful for me, since I do have to reset accounts on a regular basis. **Security issues:** - Generate access tokens, IDs, and magic-link tokens with a cryptographically secure RNG (`crypto/rand`) instead of a clock-seeded PRNG **Features:** - Add password reset via emailed magic link, with a "Forgot password" link on the login page and a `ntfy user reset-pass` CLI command for admins - Rework email verification to use durable, single-use, expiring magic links instead of in-memory 6-digit codes, and add a "primary" email (used for account recovery and as the `X-Email: yes` target) with verified/unverified state in the account UI - You can now clear/read messages and delete messages with a GET request ([#&#8203;1771](https://github.com/binwiederhier/ntfy/issues/1771), thanks to [@&#8203;lemmi](https://github.com/lemmi) for reporting and to [@&#8203;wunter8](https://github.com/wunter8) for implementing) - Add a reload button to the web app's action bar when running as an installed PWA, which clears the service worker caches and hard-refreshes the app - Add a "Back to app" link to the web app's login, signup, and password-reset pages (alongside the existing links), which previously had no way back to the app **Bug fixes + maintenance:** - `X-Email: yes` (also `true`/`1`) now sends to your primary verified email regardless of the `smtp-sender-verify` setting (previously it was rejected unless verification was enabled); it requires being logged in with a verified address - Grant users full access to their own sync topic (`st_...`) so cross-device subscription sync works under `auth-default-access: deny-all` ([#&#8203;733](https://github.com/binwiederhier/ntfy/issues/733), [#&#8203;1795](https://github.com/binwiederhier/ntfy/pull/1795), thanks to [@&#8203;lmorchard](https://github.com/lmorchard) for the contribution) - Support HTTP (non-TLS) S3-compatible endpoints by preserving the endpoint scheme, e.g. for a local MinIO instance ([#&#8203;1794](https://github.com/binwiederhier/ntfy/pull/1794), [#&#8203;1734](https://github.com/binwiederhier/ntfy/issues/1734), thanks to [@&#8203;sskender](https://github.com/sskender) for the contribution, and [@&#8203;Kernald](https://github.com/Kernald) for reporting) - Stop silently stripping spaces from passwords while typing in the web app's login, signup, and password-reset forms ([#&#8203;1246](https://github.com/binwiederhier/ntfy/issues/1246), thanks to [@&#8203;aldem](https://github.com/aldem) for reporting) - Update web app dependencies, including major-version upgrades to Vite (6 -> 8, now Rolldown-based), Material UI (5 -> 9), and Dexie (3 -> 4) ([#&#8203;1800](https://github.com/binwiederhier/ntfy/pull/1800), [#&#8203;1764](https://github.com/binwiederhier/ntfy/pull/1764), [#&#8203;1767](https://github.com/binwiederhier/ntfy/pull/1767), [#&#8203;1762](https://github.com/binwiederhier/ntfy/pull/1762), [#&#8203;1766](https://github.com/binwiederhier/ntfy/pull/1766), [#&#8203;1765](https://github.com/binwiederhier/ntfy/pull/1765), thanks Dependabot) - Play notification sounds in the web app even when the Notification API is unavailable, e.g. over plain HTTP or in browsers without notification support ([#&#8203;1772](https://github.com/binwiederhier/ntfy/pull/1772), thanks to [@&#8203;mitya12342](https://github.com/mitya12342) for the contribution) - Stop escaping `<`, `>`, and `&` as `\u003c`/`\u003e`/`\u0026` in JSON responses ([#&#8203;1511](https://github.com/binwiederhier/ntfy/issues/1511), [#&#8203;1512](https://github.com/binwiederhier/ntfy/pull/1512), thanks to [@&#8203;wunter8](https://github.com/wunter8) for the contribution) - Fix the web app navbar not reflecting a topic reservation (lock icon, and "Reserve topic" -> "Change reservation"/"Remove reservation" menu) until a page reload, by persisting reservation and display-name changes onto already-subscribed topics during account sync - Reduce the web app's initial bundle size by \~300 KB (\~50 KB gzipped) by lazy-loading the emoji picker dataset and the Markdown renderer, and by importing Material UI icons individually </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMzUuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIzNS4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->
renovate added 1 commit 2026-06-24 19:54:32 -04:00
chore(deps): update binwiederhier/ntfy docker tag to v2.25.0
PR - Docker Build / hadolint (pull_request) Successful in 7s
Details
PR - Docker Build / build (pull_request) Successful in 25s
Details
0e606383c2
jcabillot was assigned by renovate 2026-06-24 19:54:34 -04:00
jcabillot merged commit e1f07b548d into master 2026-06-26 11:20:41 -04:00
jcabillot deleted branch renovate/binwiederhier-ntfy-2.x 2026-06-26 11:20:46 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
cloudix_mcp_server jcabillot opencodecabilloteu renovate
No Assignees jcabillot
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: perso/huawei-3G-SMS-API#15
Delete Branch "renovate/binwiederhier-ntfy-2.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?