Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 879dcbb708d40f8b8679d4f7941b938a086e23a7 to 62339db73c56dd749060f65a6ebb93a6e056b755.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/879dcbb708d40f8b8679d4f7941b938a086e23a7...62339db73c56dd749060f65a6ebb93a6e056b755

)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6 to 1f401f745bf57e30b3a2800ad308a87d2ebdf14b.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6...1f401f745bf57e30b3a2800ad308a87d2ebdf14b

)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.4.0 to 2.0.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.4.0...v2.0.0

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4c1b68d83ad20cc1a09620ca477d5bbbb5fa14d0 to fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/4c1b68d83ad20cc1a09620ca477d5bbbb5fa14d0...fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2

)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: David Bauer <mail@david-bauer.net>

gluon-radv-filterd: replace malloc with calloc

Allocation of the router structure for newly detected router
advertisements was done using malloc and selectively clearing some of
the structure fields. However the redirect boolean was never set to 0,
which means that during update_redirect, we would depend on the random
initialization value of the structure.

This means that sometimes ebtables-tiny wouldn't add the correct rules
for the advertised routes.

build: fix duplicate building of host-tools

ci: update branch-pattern matching

Upstream introduced two different methods for determining the state of a
package within the OpenWrt buildsystem. While both are based around the
md5 hash-function, one taks filename & mtime into account while the
other one uses the actual md5 hash of the file-content.

Ever wondered why Gluon suddenly took considerably longer to build?
The messy part is how the build-system chooses which method to use. This
is based around the AUTOREMOVE configuration. Gluon sets this variable
conditionally when built with GLUON_AUTOREMOVE set to 1.

Enter the Gluon build-system. It first compiles Lua, without the
AUTOREMOVE configuration passed to OpenWrt. This compiles the packages
with the old hash-method based around filename & mtime. Afterwards, it
builds with AUTOREMOVE enabled, changing the hash-function and
rebuilding all host-packages.

Fix this by setting AUTOREMOVE for both build-processes according to the
setting of GLUON_AUTOREMOVE.

Link: https://github.com/openwrt/openwrt/commit/53a08e37437972ba0a8fbf953a93a70a6b784ef4



Signed-off-by: David Bauer <mail@david-bauer.net>

Also known in Germany as Gigacube CAT20

It makes sense to run CI build-tests in case the CI itself is altered.

Signed-off-by: David Bauer <mail@david-bauer.net>

docs: fix typos, change letter case and remove whitespace characters

Add a workflow-dispatch trigger to the build-workflow to enable
triggering build-tests on branches not covered from the match
pattern.

Signed-off-by: David Bauer <mail@david-bauer.net>

In #2997 it was pointed out the current branch-trigger matches more
branches than the release-branches. Retrict the match-pattern to only
cover release-branches

Also only trigger builds on the next-branch and not branches prefixed
with this name.

Link: https://github.com/freifunk-gluon/gluon/pull/2997#issuecomment-1771076385



Signed-off-by: David Bauer <mail@david-bauer.net>

actions: improve docker image build-process

Prefer packages from Gluon feeds to upstream feeds

Also build the docker-container whan creating pull-requests. Keep the
pull-request triggered builds from pushing to the container registry.

Signed-off-by: David Bauer <mail@david-bauer.net>

We don't want OpenWrt packages to replace Gluon packages by accident;
the same logic applies to packages from site feeds.

This gives site feeds a higher precedence than gluon/packages, but that
is unlikely to cause any issues. Gluon base packages still have an even
higher precedence.

To avoid getting surprised again by a (possibly incompatible) OpenWrt
package replacing one of ours, move our own feed to the front, so it has
higher precedence than openwrt/{packages,routing}.

Only push the container to ghcr in case the repository is owned by the
freifunk-gluon organization.

THis avoids failing CI on forks.

Signed-off-by: David Bauer <mail@david-bauer.net>

lantiq-xrx200: mark target as broken

CI: Fix target filters, add CI check

modules: update gluon

Cherry-pick v2023.1.1 release notes to master

ce2e6ac1937a simple-tc: fix kmod dependencies

`make update-ci` is very fast, so we can run it unconditionally.

This reverts commit c418b7bb.

Our CI builds do not use the Docker image, so adding the Dockerfile to
the filter does not make sense. In addition, the entry was missing in
generate-target-filters.py, so it would have been removed when the
filters were regenerated.

modules: update to latest HEAD

lantiq-xrx200 is currently marked as source-only in OpenWrt 23.05, as
the switch driver does not work correctly on Linux 5.15. Mark as broken
in Gluon as well until the issue is fixed.

Upstream PR: https://github.com/openwrt/openwrt/pull/13200

Co-authored-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 1e954349)

(cherry picked from commit b313a631)

72efd36 uradvd: remove redundant package

2272106 luci-app-bmx6: drop this because of security vulnerabilities
828e764 bmx6: drop package

0da9f6229 v2ray-geodata: add package v2ray-geosite-ir
277c4cb21 cloudreve: Update to 3.8.3
7eb9fe8a8 dnsproxy: Update to 0.56.0
0525b9b84 dnsproxy: Update to 0.55.0
e3c3b6c09 v2ray-core: Update to 5.8.0
ff0be7c4b curl: Update to version 8.4.0
bec2e7fc8 python3: Update to 3.11.6, refresh patches
0929d16d3 sing-box: update to v1.5.2
9b812d9c0 nextdns: Update to version 1.41.0
292551163 net-snmp: move to PCRE2 library
caf47b755 libvpx: update to 1.13.1
f6ae83622 exim: update to version 4.96.1
da0a243e0 golang: Update to 1.21.2
15cfd52f1 python3: avoid unnecessary rebuilds
0d1b08013 openssh: bump to 9.5p1
2c0657205 tor-fw-helper: remove it
9f6eb89ea python-twisted: Update to 23.8.0, rework patches
4bcfa675f crowdsec-firewall-bouncer: new upstream release version 0.0.28
f611ae00d banip: release 0.9.1-1
40899bca7 yq: Update to 4.35.2
80bc44cb7 adblock-fast: bugfix: properly identify hosts-files
1458dc558 atftp: move to PCRE2
1013bdd5b atftp: bump to release 0.8.0
41e64f8a7 ffmpeg: Add avi muxer
0d95becbc wget: Update to 1.21.4
ba11cad3a syslog-ng: update to version 4.4.0
c5f6b62fd python-cffi: Update to 1.16.0
4c4fa3cd2 python-packaging: Update to 23.2
8620abe6a python-bcrypt: Update to 4.0.1, add myself as maintainer
36a473bf5 python-pyopenssl: Update to 23.2.0
71f226e03 python-charset-normalizer: Update to 3.3.0
35fbb7385 adblock-fast: update to 1.0.0-5
3360cce9f libwebp: bump to version 1.3.2
4c79fddac prometheus-node-exporter-lua: drop bmx6 package
24fdd4ae1 cloudflared: Update to 2023.7.3
cf3390106 adguardhome: update quic-go to v0.37.6
88ef5d0ba python-typing-extensions: Update to 4.8.0
66958cef9 python-trove-classifiers: Update to 2023.9.19
191d367d1 python-setuptools: Update to 68.2.2
4ed41a0cb python-cryptography: Update to 41.0.4
402ebe84f python: Add environment variables to build Rust extensions
f78e60fa8 python-setuptools-rust: Add new host-only package
882ce5ddf python-semantic-version: Add new host-only package
dc38ce57b exim: apply hotfix for some ZDI reported vulnerabilities
e805d653d adblock-fast: update to 1.0.0-5
7d35ac5c1 v2raya: remove go version hack
c38a05741 v2ray-core: backport upstream Go 1.21 updates
0aad4266f frp: update to 0.51.3
70960d4e8 frp: update to 0.51.0
77f62ddb6 kismet: drop the package
55ca07c78 adblock-fast: better error reporting when nothing to do

86e852bcd0 OpenWrt v23.05.0: revert to branch defaults
bd4f415efa OpenWrt v23.05.0: adjust config defaults
6637af95aa bsdiff: Add patches for CVEs
fadbec8857 kernel: bump 5.15 to 5.15.134
6d65f5ea2b kernel: bump 5.15 to 5.15.133
e26947993f toolchain: glibc: Update glibc 2.37 to recent HEAD
4cbfbb2eda realtek: 5.15: rtl93xx: support 2500baseT and 5000baseT on USXGMII links
83e681e69e rtl83xx: fix STP by trapping BPDUs
5b00873f5d uqmi: added timeout to fix hanging qmi.sh
76758a8694 yafut: add missing PKG_MIRROR_HASH
130d5056c1 generic: add patch for GPON-ONU-34-20BI quirk
2a457dcd72 CI: push-containers: refresh containers also on modify cmake options
07e4352d80 CI: push-containers: fix concurrency group
3fff625542 rtl93xx: fix condition intended to only select internal serdes ports
e92cf0c46f ramips: fix Mercusys MR70X LAN port assignments
b742216dc8 OpenWrt v23.05.0-rc4: revert to branch defaults
50690dd5cc OpenWrt v23.05.0-rc4: adjust config defaults
7fe85ce1f2 hostapd: increase PKG_RELEASE to fix builds