fix(deps): update rust crate globset to v0.4.18

chore: replace Dependabot with Renovate (#1486 )
chore(deps): lock file maintenance (#1481 )
2025-11-15 07:29:42 +00:00 · 2025-11-15 08:22:27 +01:00 · 2025-11-14 19:52:50 +01:00 · 2025-11-14 19:33:56 +01:00 · 2025-11-14 19:20:12 +01:00 · 2025-11-14 18:35:35 +01:00
22 changed files with 1139 additions and 1056 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,24 +0,0 @@
-# Set update schedule for GitHub Actions
-
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-
-  - package-ecosystem: cargo
-    directory: "/"
-    schedule:
-      interval: "weekly"
-      day: "monday"
-      time: "06:00"
-      timezone: "UTC"
-    versioning-strategy: increase
-    labels: ["dependencies", "cargo"]
-    commit-message:
-      prefix: "deps(cargo)"
-      include: "scope"
-    groups:
-      cargo-minor-patch:
-        update-types: ["minor", "patch"]
--- a/.github/workflows/check_config_creation_if_not_exists.yml
+++ b/.github/workflows/check_config_creation_if_not_exists.yml
@@ -15,7 +15,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

--- a/.github/workflows/check_i18n.yml
+++ b/.github/workflows/check_i18n.yml
@@ -14,7 +14,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

--- a/.github/workflows/check_security_vulnerability.yml
+++ b/.github/workflows/check_security_vulnerability.yml
@@ -24,7 +24,7 @@ jobs:
      security-events: write
    steps:
      - name: Checkout code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -32,6 +32,6 @@ jobs:
        uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16

      - name: Upload DevSkim scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4.31.2
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
        with:
          sarif_file: devskim-results.sarif
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -23,7 +23,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -39,7 +39,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -135,7 +135,7 @@ jobs:
      matrix_target: ${{ matrix.target }}
    steps:
      - name: Checkout code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

--- a/.github/workflows/create_release_assets.yml
+++ b/.github/workflows/create_release_assets.yml
@@ -33,7 +33,7 @@ jobs:
    env:
      tag: ${{ github.event.client_payload.tag }}
    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -137,7 +137,7 @@ jobs:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Generate artifact attestations
-        uses: actions/attest-build-provenance@v3.0.0
+        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
        with:
          subject-path: assets/*

@@ -169,7 +169,7 @@ jobs:
      matrix_target: ${{ matrix.target }}
      tag: ${{ github.event.client_payload.tag }}
    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -284,7 +284,7 @@ jobs:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Generate artifact attestations
-        uses: actions/attest-build-provenance@v3.0.0
+        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
        with:
          subject-path: assets/*

--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -17,9 +17,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1
+        uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
--- a/.github/workflows/lint_pr.yml
+++ b/.github/workflows/lint_pr.yml
@@ -14,6 +14,6 @@ jobs:
    permissions:
      pull-requests: read
    steps:
-      - uses: amannn/action-semantic-pull-request@v6.1.1
+      - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6.1.1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/release-plz.yml
+++ b/.github/workflows/release-plz.yml
@@ -17,7 +17,7 @@ jobs:
      id-token: write  # For trusted publishing
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
        with:
          fetch-depth: 0
          persist-credentials: false
@@ -25,7 +25,7 @@ jobs:
        uses: dtolnay/rust-toolchain@stable
      - name: Run release-plz
        id: release-plz
-        uses: release-plz/action@v0.5
+        uses: release-plz/action@d529f731ae3e89610ada96eda34e5c6ba3b12214 # v0.5
        with:
          command: release
        env:
@@ -53,14 +53,14 @@ jobs:
      cancel-in-progress: false
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
        with:
          fetch-depth: 0
          persist-credentials: false
      - name: Install Rust toolchain
        uses: dtolnay/rust-toolchain@stable
      - name: Run release-plz
-        uses: release-plz/action@v0.5
+        uses: release-plz/action@d529f731ae3e89610ada96eda34e5c6ba3b12214 # v0.5
        with:
          command: release-pr
        env:
--- a/.github/workflows/release_to_homebrew.yml
+++ b/.github/workflows/release_to_homebrew.yml
@@ -18,4 +18,5 @@ jobs:
        token: ${{secrets.HOMEBREW_ACCESS_TOKEN}}
        formula: topgrade
        tag: ${{ github.event.client_payload.tag }}
-        org: topgrade-rs
+        # We cannot use an org because org forks cannot give push access to maintainers, which Homebrew requires.
+        # org: topgrade-rs
--- a/.github/workflows/release_to_pypi.yml
+++ b/.github/workflows/release_to_pypi.yml
@@ -15,7 +15,7 @@ jobs:
      matrix:
        target: [x86_64, x86, aarch64]
    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -26,7 +26,7 @@ jobs:
          args: --release --out dist
          manylinux: auto
      - name: Upload wheels
-        uses: actions/upload-artifact@v5.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          name: wheels-linux-${{ matrix.target }}
          path: dist
@@ -37,7 +37,7 @@ jobs:
      matrix:
        target: [x64, x86]
    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -47,7 +47,7 @@ jobs:
          target: ${{ matrix.target }}
          args: --release --out dist
      - name: Upload wheels
-        uses: actions/upload-artifact@v5.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          name: wheels-windows-${{ matrix.target }}
          path: dist
@@ -58,7 +58,7 @@ jobs:
      matrix:
        target: [x86_64, aarch64]
    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -68,7 +68,7 @@ jobs:
          target: ${{ matrix.target }}
          args: --release --out dist
      - name: Upload wheels
-        uses: actions/upload-artifact@v5.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          name: wheels-macos-${{ matrix.target }}
          path: dist
@@ -76,7 +76,7 @@ jobs:
  sdist:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -86,7 +86,7 @@ jobs:
          command: sdist
          args: --out dist
      - name: Upload sdist
-        uses: actions/upload-artifact@v5.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          name: wheels-sdist
          path: dist
@@ -103,10 +103,10 @@ jobs:
      # Used to generate artifact attestation
      attestations: write
    steps:
-      - uses: actions/download-artifact@v6.0.0
+      - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0

      - name: Generate artifact attestation
-        uses: actions/attest-build-provenance@v3.0.0
+        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
        with:
          subject-path: 'wheels-*/*'

--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -36,7 +36,7 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

@@ -63,7 +63,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@v5.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          name: SARIF file
          path: results.sarif
@@ -71,6 +71,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v4.31.2
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
        with:
          sarif_file: results.sarif
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -14,7 +14,7 @@ edition = "2021"
 readme = "README.md"

 [dependencies]
-home = "~0.5"
+home = "~0.5,<0.5.11"
 etcetera = "~0.8"
 serde = { version = "~1.0", features = ["derive"] }
 toml = "0.8"
@@ -48,6 +48,10 @@ sys-locale = "0.3.1"
 jetbrains-toolbox-updater = "5.0.0"
 indexmap = { version = "2.9.0", features = ["serde"] }
 serde_json = "1.0.145"
+# Temporary transitive dependency pins
+ignore = "=0.4.23"
+globset = "=0.4.18"
+base64ct = "<1.8.0"

 [package.metadata.generate-rpm]
 assets = [{ source = "target/release/topgrade", dest = "/usr/bin/topgrade" }]
--- a/config.example.toml
+++ b/config.example.toml
@@ -286,6 +286,11 @@
 # winget_use_sudo = true


+[chezmoi]
+# Exclude encrypted files from update
+# (default: false)
+# exclude_encrypted = false
+
 [npm]
 # Use sudo if the NPM directory isn't owned by the current user
 # use_sudo = true
--- a/locales/app.yml
+++ b/locales/app.yml
@@ -1306,14 +1306,6 @@ _version: 2
  zh_CN: "Windows 更新"
  zh_TW: "Windows 更新"
  de: "Windows-Update"
-"Checking if /etc/motd contains -current or -beta":
-  en: "Checking if /etc/motd contains -current or -beta"
-  lt: "Tikrinimas, jei /etc/motd yra -current arba -beta"
-  es: "Comprobación de si /etc/motd contiene -current o -beta"
-  fr: "Vérification si /etc/motd contient -current ou -beta"
-  zh_CN: "检查 /etc/motd 是否包含 -current 或 -beta"
-  zh_TW: "檢查 /etc/motd 是否包含 -current 或 -beta"
-  de: "Überprüfen, ob /etc/motd -current oder -beta enthält"
 "Microsoft Store":
  en: "Microsoft Store"
  lt: "Microsoft parduotuvė"
--- a/renovate.json
+++ b/renovate.json
@@ -0,0 +1,10 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "extends": [
+        "config:best-practices",
+        ":semanticCommits"
+    ],
+    "lockFileMaintenance": {
+        "enabled": true
+    }
+}
--- a/src/config.rs
+++ b/src/config.rs
@@ -165,6 +165,13 @@ pub struct Deno {
    version: Option<String>,
 }

+#[derive(Deserialize, Default, Debug, Merge)]
+#[serde(deny_unknown_fields)]
+#[allow(clippy::upper_case_acronyms)]
+pub struct Chezmoi {
+    exclude_encrypted: Option<bool>,
+}
+
 #[derive(Deserialize, Default, Debug, Merge)]
 #[serde(deny_unknown_fields)]
 #[allow(clippy::upper_case_acronyms)]
@@ -457,6 +464,9 @@ pub struct ConfigFile {
    #[merge(strategy = crate::utils::merge_strategies::inner_merge_opt)]
    npm: Option<NPM>,

+    #[merge(strategy = crate::utils::merge_strategies::inner_merge_opt)]
+    chezmoi: Option<Chezmoi>,
+
    #[merge(strategy = crate::utils::merge_strategies::inner_merge_opt)]
    yarn: Option<Yarn>,

@@ -1597,8 +1607,7 @@ impl Config {
        self.config_file.misc.as_ref().and_then(|misc| misc.sudo_command)
    }

-    /// If `true`, `sudo` should be called after `pre_commands` in order to elevate at the
-    /// start of the session (and not in the middle).
+    /// If `true`, `sudo -v` should be called to cache credentials at the start of the run
    pub fn pre_sudo(&self) -> bool {
        self.config_file
            .misc
@@ -1774,6 +1783,14 @@ impl Config {
            .unwrap_or(false)
    }

+    pub fn chezmoi_exclude_encrypted(&self) -> bool {
+        self.config_file
+            .chezmoi
+            .as_ref()
+            .and_then(|chezmoi| chezmoi.exclude_encrypted)
+            .unwrap_or(false)
+    }
+
    pub fn vscode_profile(&self) -> Option<&str> {
        let vscode_cfg = self.config_file.vscode.as_ref()?;
        let profile = vscode_cfg.profile.as_ref()?;
--- a/src/main.rs
+++ b/src/main.rs
@@ -187,17 +187,7 @@ fn run() -> Result<()> {
        }
    }

-    // Self-Update step, this will execute only if:
-    // 1. the `self-update` feature is enabled
-    // 2. it is not disabled from configuration (env var/CLI opt/file)
-    #[cfg(feature = "self-update")]
-    {
-        let should_self_update = env::var("TOPGRADE_NO_SELF_UPGRADE").is_err() && !config.no_self_update();
-
-        if should_self_update {
-            runner.execute(step::Step::SelfUpdate, "Self Update", || self_update::self_update(&ctx))?;
-        }
-    }
+    step::Step::SelfUpdate.run(&mut runner, &ctx)?;

    #[cfg(windows)]
    let _self_rename = if config.self_rename() {
@@ -206,18 +196,18 @@ fn run() -> Result<()> {
        None
    };

-    if let Some(commands) = config.pre_commands() {
-        for (name, command) in commands {
-            generic::run_custom_command(name, command, &ctx)?;
-        }
-    }
-
    if config.pre_sudo() {
        if let Some(sudo) = ctx.sudo() {
            sudo.elevate(&ctx)?;
        }
    }

+    if let Some(commands) = config.pre_commands() {
+        for (name, command) in commands {
+            generic::run_custom_command(name, command, &ctx)?;
+        }
+    }
+
    for step in step::default_steps() {
        step.run(&mut runner, &ctx)?
    }
--- a/src/step.rs
+++ b/src/step.rs
@@ -544,6 +544,9 @@ impl Step {
                runner.execute(*self, "SDKMAN!", || unix::run_sdkman(ctx))?
            }
            SelfUpdate => {
+                // Self-Update step, this will execute only if:
+                // 1. the `self-update` feature is enabled
+                // 2. it is not disabled from configuration (env var/CLI opt/file)
                #[cfg(feature = "self-update")]
                {
                    if std::env::var("TOPGRADE_NO_SELF_UPGRADE").is_err() && !ctx.config().no_self_update() {
--- a/src/steps/generic.rs
+++ b/src/steps/generic.rs
@@ -916,9 +916,17 @@ pub fn run_chezmoi_update(ctx: &ExecutionContext) -> Result<()> {
    let chezmoi = require("chezmoi")?;
    HOME_DIR.join(".local/share/chezmoi").require()?;

+    let mut cmd = ctx.execute(chezmoi);
+
    print_separator("chezmoi");

-    ctx.execute(chezmoi).arg("update").status_checked()
+    cmd.arg("update");
+
+    if ctx.config().chezmoi_exclude_encrypted() {
+        cmd.arg("--exclude=encrypted");
+    }
+
+    cmd.status_checked()
 }

 pub fn run_myrepos_update(ctx: &ExecutionContext) -> Result<()> {
@@ -1561,9 +1569,25 @@ pub fn run_zvm(ctx: &ExecutionContext) -> Result<()> {
 pub fn run_bun(ctx: &ExecutionContext) -> Result<()> {
    let bun = require("bun")?;

-    print_separator("Bun");
+    // From the official install script (both install.sh and install.ps1), Bun uses
+    // the path set in this variable as the install root, and its defaults to
+    // `$HOME/.bun`
+    //
+    // UNIX: https://bun.sh/install.sh
+    // Windows: https://bun.sh/install.ps1
+    let bun_install_env = env::var("BUN_INSTALL")
+        .map(PathBuf::from)
+        .unwrap_or(HOME_DIR.join(".bun"));

-    ctx.execute(bun).arg("upgrade").status_checked()
+    // If `bun` is a descendant of `bun_install_env`, then Bun is installed
+    // through the official script
+    if bun.is_descendant_of(&bun_install_env) {
+        print_separator("Bun");
+
+        ctx.execute(bun).arg("upgrade").status_checked()
+    } else {
+        Err(SkipStep("Not installed through the official script".to_string()).into())
+    }
 }

 pub fn run_zigup(ctx: &ExecutionContext) -> Result<()> {
--- a/src/steps/os/openbsd.rs
+++ b/src/steps/os/openbsd.rs
@@ -1,20 +1,17 @@
 use crate::command::CommandExt;
 use crate::execution_context::ExecutionContext;
-use crate::executor::RunType;
 use crate::terminal::print_separator;
 use color_eyre::eyre::Result;
 use rust_i18n::t;
 use std::fs;
+use tracing::debug;

-fn is_openbsd_current(ctx: &ExecutionContext) -> Result<bool> {
+fn is_openbsd_current() -> Result<bool> {
    let motd_content = fs::read_to_string("/etc/motd")?;
    let is_current = ["-current", "-beta"].iter().any(|&s| motd_content.contains(s));
-    match ctx.config.run_type() {
-        RunType::Dry | RunType::Damp => {
-            println!("{}", t!("Checking if /etc/motd contains -current or -beta"));
-        }
-        RunType::Wet => {}
-    }
+
+    debug!("OpenBSD is -current/-beta: {is_current}");
+
    Ok(is_current)
 }

@@ -23,12 +20,7 @@ pub fn upgrade_openbsd(ctx: &ExecutionContext) -> Result<()> {

    let sudo = ctx.require_sudo()?;

-    let is_current = is_openbsd_current(ctx)?;
-
-    if ctx.config().dry_run() {
-        println!("{}", t!("Would upgrade the OpenBSD system"));
-        return Ok(());
-    }
+    let is_current = is_openbsd_current()?;

    if is_current {
        sudo.execute(ctx, "/usr/sbin/sysupgrade")?.arg("-sn").status_checked()
@@ -42,7 +34,7 @@ pub fn upgrade_packages(ctx: &ExecutionContext) -> Result<()> {

    let sudo = ctx.require_sudo()?;

-    let is_current = is_openbsd_current(ctx)?;
+    let is_current = is_openbsd_current()?;

    if ctx.config().cleanup() {
        sudo.execute(ctx, "/usr/sbin/pkg_delete")?.arg("-ac").status_checked()?;
Author	SHA1	Message	Date
renovate[bot]	7a038ad9eb	fix(deps): update rust crate globset to v0.4.18	2025-11-15 07:29:42 +00:00
Gideon	84a50afa83	chore: replace Dependabot with Renovate (#1486 )	2025-11-15 08:22:27 +01:00
renovate[bot]	b13c1bd2d7	chore(deps): lock file maintenance (#1481 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: GideonBear <87426140+GideonBear@users.noreply.github.com>	2025-11-14 19:52:50 +01:00
Gideon	7749f41d56	fix(deps): Fix non-locked install on older version of Rust (#1485 )	2025-11-14 19:33:56 +01:00
Gideon	593a2a33d9	fix(deps): Fix non-locked install on older version of Rust (#1482 )	2025-11-14 19:20:12 +01:00
renovate[bot]	4f693aeaf3	chore(deps): pin dependencies (#1478 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-14 18:35:35 +01:00
renovate[bot]	c3d34184d0	chore(deps): update actions/dependency-review-action action to v4.8.2 (#1479 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-14 18:34:49 +01:00
Gideon	4aa224de87	chore: Add Renovate (#1477 )	2025-11-14 18:23:17 +01:00
Andre Toerien	320b13c06b	fix(bun): skip self-update if not installed via official script (#1476 ) Co-authored-by: Steve Lau <stevelauc@outlook.com> Co-authored-by: Gideon <87426140+GideonBear@users.noreply.github.com>	2025-11-14 08:51:31 +01:00
Izzy Meyer	907d778c55	fix(openbsd): fix compilation on OpenBSD (#1473 ) Co-authored-by: Gideon <87426140+GideonBear@users.noreply.github.com>	2025-11-12 18:38:41 +01:00
Stuart Reilly	f3fccb86c0	refactor: Replace main's self update with a proper step call (#1470 ) Co-authored-by: Stuart Reilly <sreilly@scottlogic.com>	2025-11-11 17:31:04 +01:00
Andre Toerien	bb4afb71e9	feat: run pre_sudo before pre_commands (#1469 )	2025-11-11 16:17:00 +01:00
Gideon	ec8d30f634	ci(release): Fix homebrew releases (#1468 )	2025-11-11 16:12:50 +01:00
Rubin Bhandari	50d318641a	feat(chezmoi): add `exclude_encrypted` config (#1453 ) Co-authored-by: Gideon <87426140+GideonBear@users.noreply.github.com>	2025-11-10 21:12:40 +01:00