peter/homelab-docker-config
1
0
Fork 0
Code Issues Pull Requests 10 Packages Projects Releases Wiki Activity

Update docker.io/gotenberg/gotenberg Docker tag to v8.29.1 #301

Merged
peter merged 1 commits from renovate/paperless-ngx into master 2026-04-04 09:49:29 +02:00
Conversation 0 Commits 1 Files Changed 1 +1 -1
renovate-bot commented 2026-03-29 01:03:11 +01:00
Collaborator
Copy Link

This PR contains the following updates:

Package Update Change
docker.io/gotenberg/gotenberg minor 8.28.08.29.1

Release Notes

gotenberg/gotenberg (docker.io/gotenberg/gotenberg)

v8.29.1: 8.29.1

Compare Source

Bug Fix (Chromium)

Assets were no longer being correctly loaded in HTML files. This is now fixed. Thanks @​ARawles-GFSC for the heads up!

v8.29.0: 8.29.0

Compare Source

Security Fixes ⚠️

  • ExifTool Arbitrary File Write: The /forms/pdfengines/metadata/write endpoint allowed users to pass FileName and Directory pseudo-tags in the metadata JSON, enabling file rename/move to arbitrary paths. User-supplied metadata is now filtered through a blocklist before being passed to ExifTool.
  • Chromium file:// Sub-Resource Restriction: When converting HTML/Markdown via file://, sub-resources are now restricted to the request's working directory, preventing cross-request file access in /tmp.

New Features

OpenTelemetry
  • Full OpenTelemetry Support: Distributed tracing, metrics export, and structured logging: all configurable via standard OTEL environment variables (OTEL_TRACES_EXPORTER, OTEL_METRICS_EXPORTER, OTEL_LOGS_EXPORTER, OTEL_EXPORTER_OTLP_ENDPOINT, etc.). Every HTTP request gets a span. External tool calls (Chromium, LibreOffice, QPDF, pdfcpu, pdftk, ExifTool, webhook delivery, download-from) create child spans. Trace context is propagated to outbound HTTP calls via W3C headers.
  • Structured Logging Migration: Migrated from custom logging module to slog-based structured logging with OTEL log bridge. Supports auto/JSON/text formats with optional GCP-compatible field names.
  • Binary Path as Peer Service: server.address span attribute uses the actual binary path (e.g., /usr/bin/qpdf) instead of the software name.
  • Telemetry Control for System Routes: New flags to disable telemetry for noisy system routes, all defaulting to disabled: --api-disable-root-route-telemetry, --api-disable-debug-route-telemetry, --api-disable-version-route-telemetry, --prometheus-disable-route-telemetry. The existing --api-disable-health-check-route-telemetry default changed from false to true.
Chromium
  • Idle Shutdown: New --chromium-idle-shutdown-timeout flag (default: 0s, disabled) to automatically stop Chromium after a configurable idle period, reclaiming memory on low-traffic servers. The process re-launches lazily on the next request.
  • Network Almost Idle Event: New skipNetworkAlmostIdleEvent form field (default: true). When set to false, Gotenberg waits for a "network almost idle" event (at most 2 open connections for 500ms) before conversion. This provides a middle ground between the existing skipNetworkIdleEvent (strict, 0 connections) and no wait at all — useful for pages with long-polling or analytics connections that never fully close.
LibreOffice
  • PDF Viewer Preferences (#​1316): 15 new form fields for controlling PDF viewer behavior: initialView, initialPage, magnification, zoom, pageLayout, firstPageOnLeft, resizeWindowToInitialPage, centerWindow, openInFullScreenMode, displayPDFDocumentTitle, hideViewerMenubar, hideViewerToolbar, hideViewerWindowControls, useTransitionEffects, openBookmarkLevels.
  • Idle Shutdown: New --libreoffice-idle-shutdown-timeout flag (default: 0s, disabled), same behavior as Chromium.
Webhook
  • Event Callbacks (#​1473): New optional Gotenberg-Webhook-Events-Url header. When set, structured JSON events (webhook.success, webhook.error) are POSTed after each webhook operation, with correlationId and timestamp. Additive: existing Gotenberg-Webhook-Url and Gotenberg-Webhook-Error-Url continue to work unchanged.
Security & Networking
  • Multiple URL Patterns: All allow/deny list flags (--chromium-allow-list, --chromium-deny-list, --webhook-allow-list, --webhook-deny-list, --webhook-error-allow-list, --webhook-error-deny-list, --api-download-from-allow-list, --api-download-from-deny-list) now accept multiple regex patterns via string slices. Existing single-value configurations continue to work.

Bug Fixes

  • Chromium singlePage Margin Accounting (#​1046): The singlePage option now correctly accounts for top/bottom margins when calculating page height, fixing content overflow on tall pages.
  • Long Filename Support (#​1500): Files with long names (166+ chars, especially with multi-byte UTF-8) no longer cause "File name too long" errors. Files are now stored on disk with UUID-based names while preserving original filenames for HTTP responses, archive entries, and JSON keys.

Deprecated Flags

Old New
--log-format --log-std-format
--log-enable-gcp-fields --log-std-enable-gcp-fields
--api-trace-header --api-correlation-id-header
--api-disable-health-check-logging --api-disable-health-check-route-telemetry
--prometheus-disable-route-logging --prometheus-disable-route-telemetry

All deprecated flags continue to work.

Chore

  • Replaced go.uber.org/multierr with stdlib errors.Join.
  • Added integration tests for Chromium screenshot routes (HTML, URL, Markdown).
  • Added long filename integration tests across all PDF engine and conversion routes.
  • Integration test retry mechanism: failed scenarios are automatically retried up to 3 times.
  • Bumped actions/checkout to v6 in all GitHub Actions.

Thanks

Thanks to @​dkrizic (#​814) and @​jbdelhommeau (#​1489) for requesting OpenTelemetry/tracing support, @​eht16 (#​1316), @​nh2 (#​1023), @​Frozen666 (#​1046), @​vofflan (#​1500), @​danxmoran (#​1394), and @​janaka (#​1473) for their issue reports and feature requests!

This release represents a significant amount of work: OpenTelemetry integration, security fixes, new features, and hundreds of integration tests. If Gotenberg is useful to you or your team, please consider sponsoring the project. Your support helps keep development going.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/gotenberg/gotenberg](https://github.com/gotenberg/gotenberg) | minor | `8.28.0` → `8.29.1` | --- ### Release Notes <details> <summary>gotenberg/gotenberg (docker.io/gotenberg/gotenberg)</summary> ### [`v8.29.1`](https://github.com/gotenberg/gotenberg/releases/tag/v8.29.1): 8.29.1 [Compare Source](https://github.com/gotenberg/gotenberg/compare/v8.29.0...v8.29.1) #### Bug Fix (Chromium) Assets were no longer being correctly loaded in HTML files. This is now fixed. Thanks [@&#8203;ARawles-GFSC](https://github.com/ARawles-GFSC) for the heads up! ### [`v8.29.0`](https://github.com/gotenberg/gotenberg/releases/tag/v8.29.0): 8.29.0 [Compare Source](https://github.com/gotenberg/gotenberg/compare/v8.28.0...v8.29.0) #### Security Fixes ⚠️ - **ExifTool Arbitrary File Write**: The `/forms/pdfengines/metadata/write` endpoint allowed users to pass `FileName` and `Directory` pseudo-tags in the metadata JSON, enabling file rename/move to arbitrary paths. User-supplied metadata is now filtered through a blocklist before being passed to ExifTool. - **Chromium `file://` Sub-Resource Restriction**: When converting HTML/Markdown via `file://`, sub-resources are now restricted to the request's working directory, preventing cross-request file access in `/tmp`. #### New Features ##### OpenTelemetry - **Full OpenTelemetry Support**: Distributed tracing, metrics export, and structured logging: all configurable via standard OTEL environment variables (`OTEL_TRACES_EXPORTER`, `OTEL_METRICS_EXPORTER`, `OTEL_LOGS_EXPORTER`, `OTEL_EXPORTER_OTLP_ENDPOINT`, etc.). Every HTTP request gets a span. External tool calls (Chromium, LibreOffice, QPDF, pdfcpu, pdftk, ExifTool, webhook delivery, download-from) create child spans. Trace context is propagated to outbound HTTP calls via W3C headers. - **Structured Logging Migration**: Migrated from custom logging module to `slog`-based structured logging with OTEL log bridge. Supports auto/JSON/text formats with optional GCP-compatible field names. - **Binary Path as Peer Service**: `server.address` span attribute uses the actual binary path (e.g., `/usr/bin/qpdf`) instead of the software name. - **Telemetry Control for System Routes**: New flags to disable telemetry for noisy system routes, all defaulting to disabled: `--api-disable-root-route-telemetry`, `--api-disable-debug-route-telemetry`, `--api-disable-version-route-telemetry`, `--prometheus-disable-route-telemetry`. The existing `--api-disable-health-check-route-telemetry` default changed from `false` to `true`. ##### Chromium - **Idle Shutdown**: New `--chromium-idle-shutdown-timeout` flag (default: `0s`, disabled) to automatically stop Chromium after a configurable idle period, reclaiming memory on low-traffic servers. The process re-launches lazily on the next request. - **Network Almost Idle Event**: New `skipNetworkAlmostIdleEvent` form field (default: `true`). When set to `false`, Gotenberg waits for a "network almost idle" event (at most 2 open connections for 500ms) before conversion. This provides a middle ground between the existing `skipNetworkIdleEvent` (strict, 0 connections) and no wait at all — useful for pages with long-polling or analytics connections that never fully close. ##### LibreOffice - **PDF Viewer Preferences** ([#&#8203;1316](https://github.com/gotenberg/gotenberg/issues/1316)): 15 new form fields for controlling PDF viewer behavior: `initialView`, `initialPage`, `magnification`, `zoom`, `pageLayout`, `firstPageOnLeft`, `resizeWindowToInitialPage`, `centerWindow`, `openInFullScreenMode`, `displayPDFDocumentTitle`, `hideViewerMenubar`, `hideViewerToolbar`, `hideViewerWindowControls`, `useTransitionEffects`, `openBookmarkLevels`. - **Idle Shutdown**: New `--libreoffice-idle-shutdown-timeout` flag (default: `0s`, disabled), same behavior as Chromium. ##### Webhook - **Event Callbacks** ([#&#8203;1473](https://github.com/gotenberg/gotenberg/issues/1473)): New optional `Gotenberg-Webhook-Events-Url` header. When set, structured JSON events (`webhook.success`, `webhook.error`) are POSTed after each webhook operation, with `correlationId` and `timestamp`. Additive: existing `Gotenberg-Webhook-Url` and `Gotenberg-Webhook-Error-Url` continue to work unchanged. ##### Security & Networking - **Multiple URL Patterns**: All allow/deny list flags (`--chromium-allow-list`, `--chromium-deny-list`, `--webhook-allow-list`, `--webhook-deny-list`, `--webhook-error-allow-list`, `--webhook-error-deny-list`, `--api-download-from-allow-list`, `--api-download-from-deny-list`) now accept multiple regex patterns via string slices. Existing single-value configurations continue to work. #### Bug Fixes - **Chromium `singlePage` Margin Accounting** ([#&#8203;1046](https://github.com/gotenberg/gotenberg/issues/1046)): The `singlePage` option now correctly accounts for top/bottom margins when calculating page height, fixing content overflow on tall pages. - **Long Filename Support** ([#&#8203;1500](https://github.com/gotenberg/gotenberg/issues/1500)): Files with long names (166+ chars, especially with multi-byte UTF-8) no longer cause "File name too long" errors. Files are now stored on disk with UUID-based names while preserving original filenames for HTTP responses, archive entries, and JSON keys. #### Deprecated Flags | Old | New | | ------------------------------------ | -------------------------------------------- | | `--log-format` | `--log-std-format` | | `--log-enable-gcp-fields` | `--log-std-enable-gcp-fields` | | `--api-trace-header` | `--api-correlation-id-header` | | `--api-disable-health-check-logging` | `--api-disable-health-check-route-telemetry` | | `--prometheus-disable-route-logging` | `--prometheus-disable-route-telemetry` | All deprecated flags continue to work. #### Chore - Replaced `go.uber.org/multierr` with stdlib `errors.Join`. - Added integration tests for Chromium screenshot routes (HTML, URL, Markdown). - Added long filename integration tests across all PDF engine and conversion routes. - Integration test retry mechanism: failed scenarios are automatically retried up to 3 times. - Bumped `actions/checkout` to v6 in all GitHub Actions. #### Thanks Thanks to [@&#8203;dkrizic](https://github.com/dkrizic) ([#&#8203;814](https://github.com/gotenberg/gotenberg/issues/814)) and [@&#8203;jbdelhommeau](https://github.com/jbdelhommeau) ([#&#8203;1489](https://github.com/gotenberg/gotenberg/issues/669)) for requesting OpenTelemetry/tracing support, [@&#8203;eht16](https://github.com/eht16) ([#&#8203;1316](https://github.com/gotenberg/gotenberg/issues/1316)), [@&#8203;nh2](https://github.com/nh2) ([#&#8203;1023](https://github.com/gotenberg/gotenberg/issues/1023)), [@&#8203;Frozen666](https://github.com/Frozen666) ([#&#8203;1046](https://github.com/gotenberg/gotenberg/issues/1046)), [@&#8203;vofflan](https://github.com/vofflan) ([#&#8203;1500](https://github.com/gotenberg/gotenberg/issues/1500)), [@&#8203;danxmoran](https://github.com/danxmoran) ([#&#8203;1394](https://github.com/gotenberg/gotenberg/issues/1394)), and [@&#8203;janaka](https://github.com/janaka) ([#&#8203;1473](https://github.com/gotenberg/gotenberg/issues/1473)) for their issue reports and feature requests! *** This release represents a significant amount of work: OpenTelemetry integration, security fixes, new features, and hundreds of integration tests. If Gotenberg is useful to you or your team, please consider [sponsoring the project](https://github.com/sponsors/gulien). Your support helps keep development going. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40LjIiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDQuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6W119-->
renovate-bot added 1 commit 2026-03-29 01:03:11 +01:00
Update docker.io/gotenberg/gotenberg Docker tag to v8.29.0 9bd399bf30
renovate-bot force-pushed renovate/paperless-ngx from 9bd399bf30 to 80fcd1103f 2026-03-31 02:03:21 +02:00 Compare
renovate-bot changed title from Update docker.io/gotenberg/gotenberg Docker tag to v8.29.0 to Update docker.io/gotenberg/gotenberg Docker tag to v8.29.1 2026-03-31 02:03:22 +02:00
peter merged commit ecb7afa10a into master 2026-04-04 09:49:29 +02:00
peter deleted branch renovate/paperless-ngx 2026-04-04 09:49:29 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
renovate-bot peter
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: peter/homelab-docker-config#301
Delete Branch "renovate/paperless-ngx"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?