Skip to content

Release v2026.2#1835

Draft
matthew-white wants to merge 20 commits into
masterfrom
next
Draft

Release v2026.2#1835
matthew-white wants to merge 20 commits into
masterfrom
next

Conversation

@matthew-white
Copy link
Copy Markdown
Member

@matthew-white matthew-white commented Apr 22, 2026

This PR prepares the release of v2026.2. It should only contain changes from other PRs that have already been approved and merged (and possibly merge commits from the master branch).

alxndrsn and others added 20 commits April 18, 2026 08:08
@alxndrsn
ci/test-nginx: show mock-sentry logs (#1816)
6c764ea
@alxndrsn
ci/ghcr: update deprecated docker action versions (#1821)
0379dcf 
Closes #1818
@alxndrsn
test/nginx/csp: rename backend-strict policy (#1823)
ae72624 
Previously called `disallow-all`; rename to `backend-strict` to better reflect its usage rather than current implementation details.
@alxndrsn
ci: only publish containers if tests passed (#1820)
963b9dc 
Closes #1819
@alxndrsn
test/nginx/csp: remove duplicate test (#1860)
94aa904 
Looks like a merge error.
@alxndrsn
nginx/csp: blank.html: allow form-action 'self' (#1857)
1431cb1 
Closes #1856
@alxndrsn
nginx/csp: enforce policy for blank.html (#1858)
e6df530 
Switch from Content-Security-Policy-Report-Only to Content-Security-Policy.
@alxndrsn
csp: allow data: URLs in worker-src for web-forms (#1776)
9122bb2 
Closes #1775
@alxndrsn
nginx/csp: tighten favicon allowance for blank.html (#1855)
711c6ad 
In line with #1854.
@alxndrsn
nginx/csp: allow favicons for backend requests (#1854)
c9b359a 
Closes #1851
@matthew-white
Merge branch 'master' into next
d3eb696
@alxndrsn
nginx/csp: enforce policy for central-backend (#1859)
af64f1d 
Switch from Content-Security-Policy-Report-Only to Content-Security-Policy.
@alxndrsn
nginx: fix escaping in /fonts/ matcher (#1863)
625eb98
@alxndrsn
ci: simplify checkout (#1890)
97b3251 
It looks like the checkout code from the `test-images` job was copy/pasted elsewhere.

Simplifying this config should speed up git checkout in affected jobs.
@sadiqkhoja
Fixes: expected docker context is increased due to WF merge
fe411c8
@sadiqkhoja
Merge pull request #1893 from sadiqkhoja/fixes/docker-context
448b96a 
Fixes: expected docker context is increased due to WF merge
@sadiqkhoja
Fixes: install openssl in service container
1a9c7f9
@sadiqkhoja
Merge pull request #1892 from sadiqkhoja/fixes/install-openssl
b9a1d3f 
Fixes/install openssl
@alxndrsn
service: move DB_SSL check back to runtime (#1889)
e4c7b83 
The `DB_SSL` env var was made illegal in #1647.

The check was then moved from runtime to build time in #1671.

Checking at build-time allows for faster failure and clearer feedback to sysadmins who are upgrading, and previously depended on this env var.  However, the downside is that if container images are pre-built centrally, this check will be skipped.

With this commit, the check will move to container startup.  However, it will now be skipped if the container is started with a non-standard CMD/command/COMMAND.
@alxndrsn
nginx: enable Content Security Policies (#1909)
95717b1 
Switch all headers from `Content-Security-Policy-Report-Only` to `Content-Security-Policy`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@matthew-white @alxndrsn @sadiqkhoja