Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot updates for week of 14 August 2023 #2481

Merged
merged 26 commits into from
Aug 14, 2023
Merged

Dependabot updates for week of 14 August 2023 #2481

merged 26 commits into from
Aug 14, 2023

Conversation

jmgrady
Copy link
Collaborator

@jmgrady jmgrady commented Aug 14, 2023
edited by jasonleenaylor
Loading

This change is Reviewable

dependabot bot and others added 25 commits August 7, 2023 15:32
@dependabot
Bump eslint-plugin-unused-imports from 2.0.0 to 3.0.0
4874edb 
Bumps [eslint-plugin-unused-imports](https://github.com/sweepline/eslint-plugin-unused-imports) from 2.0.0 to 3.0.0.
- [Commits](https://github.com/sweepline/eslint-plugin-unused-imports/commits)

---
updated-dependencies:
- dependency-name: eslint-plugin-unused-imports
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump dotnet/aspnet in /Backend
62d51f7 
Bumps dotnet/aspnet from 6.0.20-focal-amd64 to 6.0.21-focal-amd64.

---
updated-dependencies:
- dependency-name: dotnet/aspnet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump dotnet/sdk in /Backend
f31a9d1 
Bumps dotnet/sdk from 6.0.412-focal-amd64 to 6.0.413-focal-amd64.

---
updated-dependencies:
- dependency-name: dotnet/sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump mui-language-picker from 1.2.7 to 1.2.8
faa9ae2 
Bumps [mui-language-picker](https://github.com/sillsdev/mui-language-picker) from 1.2.7 to 1.2.8.
- [Commits](https://github.com/sillsdev/mui-language-picker/commits)

---
updated-dependencies:
- dependency-name: mui-language-picker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump validator and @types/validator
958b5e4 
Bumps [validator](https://github.com/validatorjs/validator.js) and [@types/validator](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/validator). These dependencies needed to be updated together.

Updates `validator` from 13.9.0 to 13.11.0
- [Release notes](https://github.com/validatorjs/validator.js/releases)
- [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md)
- [Commits](validatorjs/validator.js@13.9.0...13.11.0)

Updates `@types/validator` from 13.7.17 to 13.11.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/validator)

---
updated-dependencies:
- dependency-name: validator
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: "@types/validator"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump @types/node from 20.4.2 to 20.4.10
00ab722 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.4.2 to 20.4.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump make-dir from 3.1.0 to 4.0.0
5aef5a0 
Bumps [make-dir](https://github.com/sindresorhus/make-dir) from 3.1.0 to 4.0.0.
- [Release notes](https://github.com/sindresorhus/make-dir/releases)
- [Commits](sindresorhus/make-dir@v3.1.0...v4.0.0)

---
updated-dependencies:
- dependency-name: make-dir
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump Microsoft.AspNetCore.Authentication.JwtBearer in /Backend
6f3a38a 
Bumps [Microsoft.AspNetCore.Authentication.JwtBearer](https://github.com/dotnet/aspnetcore) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/dotnet/aspnetcore/releases)
- [Changelog](https://github.com/dotnet/aspnetcore/blob/main/docs/ReleasePlanning.md)
- [Commits](dotnet/aspnetcore@v6.0.20...v6.0.21)

---
updated-dependencies:
- dependency-name: Microsoft.AspNetCore.Authentication.JwtBearer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump MongoDB.Driver from 2.20.0 to 2.21.0 in /Backend
cb567ef 
Bumps [MongoDB.Driver](https://github.com/mongodb/mongo-csharp-driver) from 2.20.0 to 2.21.0.
- [Release notes](https://github.com/mongodb/mongo-csharp-driver/releases)
- [Commits](mongodb/mongo-csharp-driver@v2.20.0...v2.21.0)

---
updated-dependencies:
- dependency-name: MongoDB.Driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump step-security/harden-runner from 2.5.0 to 2.5.1
fd93dfc 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@cba0d00...8ca2b8b)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump github/codeql-action from 2.21.2 to 2.21.3
405b0a2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.2 to 2.21.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@0ba4244...5b6282e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@jmgrady
Bump cert-manager version to v1.12.3
40b7728
@jmgrady
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/eslint-p…
2b6e94c 
…lugin-unused-imports-3.0.0' into dependabot-2023-08-14
@jmgrady
Update typescript-eslint due to eslint-plugin-unused-imports requirement
4534964
@jmgrady
Merge remote-tracking branch 'origin/dependabot/docker/Backend/dotnet…
2e7fb81 
…/aspnet-6.0.21-focal-amd64' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/docker/Backend/dotnet…
6c1040b 
…/sdk-6.0.413-focal-amd64' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/nuget/Backend/Microso…
da23f53 
…ft.AspNetCore.Authentication.JwtBearer-6.0.21' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/nuget/Backend/MongoDB…
6665743 
….Driver-2.21.0' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/github_actions/github…
6c7feb2 
…/codeql-action-2.21.3' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/github_actions/step-s…
62ace46 
…ecurity/harden-runner-2.5.1' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/types/no…
fd7a9f3 
…de-20.4.10' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/validato…
fb4c5c3 
…r-and-types/validator-13.11.0' into dependabot-2023-08-14

# Conflicts:
#	package-lock.json
#	package.json
@jmgrady
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/mui-lang…
3306bb5 
…uage-picker-1.2.8' into dependabot-2023-08-14
@jmgrady
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/make-dir…
44c8db7 
…-4.0.0' into dependabot-2023-08-14
@jmgrady
Update license reports
f53e31b
@jmgrady jmgrady added docker dependencies Pull requests that update a dependency file kubernetes javascript Pull requests that update Javascript code .NET Pull requests that update .net code labels Aug 14, 2023
@jmgrady jmgrady added the github_actions Pull requests that update GitHub Actions code label Aug 14, 2023
@jmgrady jmgrady self-assigned this Aug 14, 2023
@codecov-commenter
Copy link

Codecov Report

Patch coverage has no change and project coverage change: +11.67% 🎉

Comparison is base (938cc65) 67.95% compared to head (f53e31b) 79.63%.

Additional details and impacted files 
@@             Coverage Diff             @@
##           master    #2481       +/-   ##
===========================================
+ Coverage   67.95%   79.63%   +11.67%     
===========================================
  Files         240       45      -195     
  Lines        8273     4458     -3815     
  Branches      504        0      -504     
===========================================
- Hits         5622     3550     -2072     
+ Misses       2295      908     -1387     
+ Partials      356        0      -356
Flag Coverage Δ
backend 79.63% <ø> (ø)
frontend ?

Flags with carried forward coverage won't be shown. Click here to find out more.

see 195 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@jmgrady jmgrady marked this pull request as ready for review August 14, 2023 13:27
@jmgrady jmgrady enabled auto-merge (squash) August 14, 2023 13:29
@imnasnainaec imnasnainaec requested review from Apoktieno and removed request for imnasnainaec August 14, 2023 15:23
Apoktieno
Apoktieno approved these changes Aug 14, 2023
View reviewed changes
Copy link
Contributor

@Apoktieno Apoktieno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 18 of 18 files at r2, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @jmgrady)

imnasnainaec
imnasnainaec approved these changes Aug 14, 2023
View reviewed changes
Copy link
Collaborator

@imnasnainaec imnasnainaec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 2 of 2 files at r3, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @jmgrady)

@jmgrady jmgrady merged commit a7e7fbf into master Aug 14, 2023
14 checks passed
@jmgrady jmgrady deleted the dependabot-2023-08-14 branch August 14, 2023 21:54
jmgrady added a commit that referenced this pull request Aug 15, 2023
@jmgrady @dependabot
Dependabot updates for week of 14 August 2023 (#2481)
5e82928 
* Bump eslint-plugin-unused-imports from 2.0.0 to 3.0.0
* Bump dotnet/aspnet in /Backend
* Bump dotnet/sdk in /Backend
* Bump mui-language-picker from 1.2.7 to 1.2.8
* Bump validator and @types/validator
* Bump @types/node from 20.4.2 to 20.4.10
* Bump make-dir from 3.1.0 to 4.0.0
* Bump Microsoft.AspNetCore.Authentication.JwtBearer in /Backend
* Bump MongoDB.Driver from 2.20.0 to 2.21.0 in /Backend
* Bump step-security/harden-runner from 2.5.0 to 2.5.1
* Bump github/codeql-action from 2.21.2 to 2.21.3
* Bump cert-manager version to v1.12.3
* Update typescript-eslint due to eslint-plugin-unused-imports requirement
* Update license reports

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Aug 21, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imnasnainaec imnasnainaec imnasnainaec approved these changes

@Apoktieno Apoktieno Apoktieno approved these changes

Assignees

@jmgrady jmgrady

Labels
dependencies Pull requests that update a dependency file docker github_actions Pull requests that update GitHub Actions code javascript Pull requests that update Javascript code kubernetes .NET Pull requests that update .net code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jmgrady @codecov-commenter @imnasnainaec @Apoktieno