diff --git a/cc-ci-plan/upstream/hedgedoc.md b/cc-ci-plan/upstream/hedgedoc.md index 28816c5..ef952f9 100644 --- a/cc-ci-plan/upstream/hedgedoc.md +++ b/cc-ci-plan/upstream/hedgedoc.md @@ -3,7 +3,7 @@ | service | image | source repo | releases / changelog | |---------|-------|-------------|----------------------| | app | quay.io/hedgedoc/hedgedoc | https://github.com/hedgedoc/hedgedoc | https://github.com/hedgedoc/hedgedoc/releases | -| db | pgautoupgrade/pgautoupgrade | https://github.com/pgautoupgrade/pgautoupgrade | https://github.com/pgautoupgrade/pgautoupgrade/releases | +| db | pgautoupgrade/pgautoupgrade | https://github.com/pgautoupgrade/docker-pgautoupgrade | https://github.com/pgautoupgrade/docker-pgautoupgrade/commits/main (no GitHub releases; tag-only) | ## Standing notes - hedgedoc 1.11.0 (2026): 4 security CVEs fixed (HTML injection, YAML DoS, CSRF via Gist export, rate-limit bypass). No breaking changes, no migrations, no schema changes. Optional new env var `CMD_RATE_LIMIT_USING_CLOUDFLARE` only needed if running behind Cloudflare — not required for standard deployments.