sillsdev · jmgrady · Apr 1, 2024 · Mar 1, 2024 · Mar 1, 2024 · Mar 17, 2024
diff --git a/.github/workflows/backend.yml b/.github/workflows/backend.yml
@@ -48,7 +48,7 @@ jobs:
         run: dotnet test Backend.Tests/Backend.Tests.csproj
         shell: bash
       - name: Upload coverage artifact
-        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           if-no-files-found: error
           name: coverage
@@ -85,7 +85,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Download coverage artifact
-        uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3
+        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
         with:
           name: coverage
       - name: Upload coverage report
@@ -135,7 +135,7 @@ jobs:
       - name: Autobuild
         uses: github/codeql-action/autobuild@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
       - name: Upload artifacts if build failed
-        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         if: ${{ failure() }}
         with:
           name: tracer-logs

diff --git a/.github/workflows/combine_deploy_image.yml b/.github/workflows/combine_deploy_image.yml
@@ -40,7 +40,7 @@ jobs:
       - name: Set up QEMU
         uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0
+        uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
         with:
@@ -54,7 +54,7 @@ jobs:
           username: ${{ secrets.AWS_ACCESS_KEY_ID }}
           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       - name: Build combine_deploy
-        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
+        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
         with:
           context: "{{defaultContext}}:deploy"
           push: true

diff --git a/.github/workflows/frontend.yml b/.github/workflows/frontend.yml
@@ -68,7 +68,7 @@ jobs:
         env:
           CI: true
       - name: Upload coverage artifact
-        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           if-no-files-found: error
           name: coverage
@@ -95,7 +95,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Download coverage artifact
-        uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3
+        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
         with:
           name: coverage
       - name: Upload coverage report

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -81,7 +81,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: SARIF file
           path: results.sarif

diff --git a/Backend.Tests/Backend.Tests.csproj b/Backend.Tests/Backend.Tests.csproj
@@ -13,10 +13,10 @@
   </PropertyGroup>
   <ItemGroup>
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
-    <PackageReference Include="NUnit" Version="4.0.1" />
+    <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit3TestAdapter" Version="4.5.0" />
-    <PackageReference Include="coverlet.collector" Version="6.0.1"/>
-    <PackageReference Include="coverlet.msbuild" Version="6.0.1"/>
+    <PackageReference Include="coverlet.collector" Version="6.0.2"/>
+    <PackageReference Include="coverlet.msbuild" Version="6.0.2"/>
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\Backend\BackendFramework.csproj" />

diff --git a/Backend/BackendFramework.csproj b/Backend/BackendFramework.csproj
@@ -13,12 +13,12 @@
     <PackageReference Include="RelaxNG" Version="3.2.3" >
       <NoWarn>NU1701</NoWarn>
     </PackageReference>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.27" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.28" />
     <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.35.0" />
     <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.35.0" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0" />
     <PackageReference Include="MongoDB.Driver" Version="2.24.0" />
-    <PackageReference Include="MailKit" Version="4.3.0" />
+    <PackageReference Include="MailKit" Version="4.4.0" />
     <PackageReference Include="Xabe.FFmpeg" Version="5.2.6"/>
 
     <!-- SIL Maintained Dependencies. -->

diff --git a/Backend/Dockerfile b/Backend/Dockerfile
@@ -1,5 +1,5 @@
 # Docker multi-stage build
-FROM mcr.microsoft.com/dotnet/sdk:6.0.419-focal-amd64 AS builder
+FROM mcr.microsoft.com/dotnet/sdk:6.0.420-focal-amd64 AS builder
 WORKDIR /app
 
 # Copy csproj and restore (fetch dependencies) as distinct layers.
@@ -11,7 +11,7 @@ COPY . ./
 RUN dotnet publish -c Release -o build
 
 # Build runtime image.
-FROM mcr.microsoft.com/dotnet/aspnet:6.0.27-focal-amd64
+FROM mcr.microsoft.com/dotnet/aspnet:6.0.28-focal-amd64
 
 ENV ASPNETCORE_URLS=http://+:5000
 ENV COMBINE_IS_IN_CONTAINER=1

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # User guide build environment
-FROM python:3.10.13-slim-bookworm AS user_guide_builder
+FROM python:3.10.14-slim-bookworm AS user_guide_builder
 
 ENV PYTHONDONTWRITEBYTECODE 1
 ENV PYTHONUNBUFFERED 1
@@ -16,7 +16,7 @@ COPY docs/user_guide docs/user_guide
 RUN tox -e user-guide
 
 # Frontend build environment.
-FROM node:18.19.1-bookworm-slim AS frontend_builder
+FROM node:18.20.0-bookworm-slim AS frontend_builder
 WORKDIR /app
 
 # Install app dependencies.

diff --git a/database/Dockerfile b/database/Dockerfile
@@ -1,4 +1,4 @@
-FROM mongo:7.0.6-jammy
+FROM mongo:7.0.7-jammy
 
 WORKDIR /
 

diff --git a/deploy/requirements.txt b/deploy/requirements.txt
@@ -4,9 +4,9 @@
 #
 #    pip-compile requirements.in
 #
-ansible==9.3.0
+ansible==9.4.0
     # via -r requirements.in
-ansible-core==2.16.4
+ansible-core==2.16.5
     # via ansible
 cachetools==5.3.3
     # via google-auth
@@ -22,7 +22,7 @@ cryptography==42.0.5
     # via
     #   ansible-core
     #   pyopenssl
-google-auth==2.28.1
+google-auth==2.29.0
     # via kubernetes
 idna==3.6
     # via requests
@@ -41,19 +41,19 @@ oauthlib==3.2.2
     # via
     #   kubernetes
     #   requests-oauthlib
-packaging==23.2
+packaging==24.0
     # via ansible-core
-pyasn1==0.5.1
+pyasn1==0.6.0
     # via
     #   pyasn1-modules
     #   rsa
-pyasn1-modules==0.3.0
+pyasn1-modules==0.4.0
     # via google-auth
-pycparser==2.21
+pycparser==2.22
     # via cffi
-pyopenssl==24.0.0
+pyopenssl==24.1.0
     # via -r requirements.in
-python-dateutil==2.9.0
+python-dateutil==2.9.0.post0
     # via kubernetes
 pyyaml==6.0.1
     # via
@@ -64,7 +64,7 @@ requests==2.31.0
     # via
     #   kubernetes
     #   requests-oauthlib
-requests-oauthlib==1.3.1
+requests-oauthlib==2.0.0
     # via kubernetes
 resolvelib==1.0.1
     # via ansible-core

diff --git a/dev-requirements.txt b/dev-requirements.txt
@@ -12,7 +12,7 @@ babel==2.14.0
     # via mkdocs-material
 beautifulsoup4==4.12.3
     # via mkdocs-htmlproofer-plugin
-black==24.2.0
+black==24.3.0
     # via -r dev-requirements.in
 cachetools==5.3.3
     # via
@@ -47,7 +47,7 @@ dnspython==2.6.1
     # via pymongo
 eradicate==2.3.0
     # via flake8-eradicate
-filelock==3.13.1
+filelock==3.13.3
     # via
     #   tox
     #   virtualenv
@@ -69,7 +69,7 @@ flake8-eradicate==1.5.0
     # via -r dev-requirements.in
 ghp-import==2.1.0
     # via mkdocs
-google-auth==2.28.1
+google-auth==2.29.0
     # via kubernetes
 humanfriendly==10.0
     # via -r dev-requirements.in
@@ -87,7 +87,7 @@ jinja2-base64-filters==0.1.4
     # via -r dev-requirements.in
 kubernetes==29.0.0
     # via -r dev-requirements.in
-markdown==3.5.2
+markdown==3.6
     # via
     #   mkdocs
     #   mkdocs-htmlproofer-plugin
@@ -106,15 +106,15 @@ mkdocs==1.5.3
     #   mkdocs-htmlproofer-plugin
     #   mkdocs-material
     #   mkdocs-static-i18n
-mkdocs-htmlproofer-plugin==1.1.0
+mkdocs-htmlproofer-plugin==1.2.0
     # via -r dev-requirements.in
-mkdocs-material==9.5.12
+mkdocs-material==9.5.16
     # via -r dev-requirements.in
 mkdocs-material-extensions==1.3.1
     # via mkdocs-material
 mkdocs-static-i18n==1.2.2
     # via -r dev-requirements.in
-mypy==1.8.0
+mypy==1.9.0
     # via -r dev-requirements.in
 mypy-extensions==1.0.0
     # via
@@ -124,7 +124,7 @@ oauthlib==3.2.2
     # via
     #   kubernetes
     #   requests-oauthlib
-packaging==23.2
+packaging==24.0
     # via
     #   black
     #   mkdocs
@@ -146,31 +146,31 @@ platformdirs==4.2.0
     #   virtualenv
 pluggy==1.4.0
     # via tox
-pyasn1==0.5.1
+pyasn1==0.6.0
     # via
     #   pyasn1-modules
     #   rsa
-pyasn1-modules==0.3.0
+pyasn1-modules==0.4.0
     # via google-auth
 pycodestyle==2.11.1
     # via flake8
-pycparser==2.21
+pycparser==2.22
     # via cffi
 pyflakes==3.2.0
     # via flake8
 pygments==2.17.2
     # via mkdocs-material
-pymdown-extensions==10.7
+pymdown-extensions==10.7.1
     # via mkdocs-material
-pymongo==4.6.2
+pymongo==4.6.3
     # via -r dev-requirements.in
-pyopenssl==24.0.0
+pyopenssl==24.1.0
     # via -r dev-requirements.in
 pyproject-api==1.6.1
     # via tox
 pyreadline3==3.4.1
     # via -r dev-requirements.in
-python-dateutil==2.9.0
+python-dateutil==2.9.0.post0
     # via
     #   ghp-import
     #   kubernetes
@@ -191,7 +191,7 @@ requests==2.31.0
     #   mkdocs-htmlproofer-plugin
     #   mkdocs-material
     #   requests-oauthlib
-requests-oauthlib==1.3.1
+requests-oauthlib==2.0.0
     # via kubernetes
 rsa==4.9
     # via google-auth
@@ -207,15 +207,15 @@ tomli==2.0.1
     #   mypy
     #   pyproject-api
     #   tox
-tox==4.13.0
+tox==4.14.2
     # via -r dev-requirements.in
-types-pyopenssl==24.0.0.20240228
+types-pyopenssl==24.0.0.20240311
     # via -r dev-requirements.in
-types-python-dateutil==2.8.19.20240106
+types-python-dateutil==2.9.0.20240316
     # via -r dev-requirements.in
-types-pyyaml==6.0.12.12
+types-pyyaml==6.0.12.20240311
     # via -r dev-requirements.in
-types-requests==2.31.0.20240218
+types-requests==2.31.0.20240311
     # via -r dev-requirements.in
 typing-extensions==4.10.0
     # via