-
-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependabot updates for August 2024 #3289
Conversation
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [requirejs](https://github.com/jrburke/r.js) from 2.3.6 to 2.3.7. - [Commits](requirejs/r.js@2.3.6...2.3.7) --- updated-dependencies: - dependency-name: requirejs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [icu.net](https://github.com/sillsdev/icu-dotnet) from 2.10.1-beta.4 to 2.10.1-beta.5. - [Release notes](https://github.com/sillsdev/icu-dotnet/releases) - [Changelog](https://github.com/sillsdev/icu-dotnet/blob/master/CHANGELOG.md) - [Commits](https://github.com/sillsdev/icu-dotnet/commits) --- updated-dependencies: - dependency-name: icu.net dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 14.3.1 to 16.0.0. - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md) - [Commits](testing-library/react-testing-library@v14.3.1...v16.0.0) --- updated-dependencies: - dependency-name: "@testing-library/react" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 7.14.1 to 7.18.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.18.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore) from 6.6.2 to 6.7.0. - [Release notes](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases) - [Commits](domaindrivendev/Swashbuckle.AspNetCore@v6.6.2...v6.7.0) --- updated-dependencies: - dependency-name: Swashbuckle.AspNetCore dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [MongoDB.Driver](https://github.com/mongodb/mongo-csharp-driver) from 2.27.0 to 2.28.0. - [Release notes](https://github.com/mongodb/mongo-csharp-driver/releases) - [Commits](mongodb/mongo-csharp-driver@v2.27.0...v2.28.0) --- updated-dependencies: - dependency-name: MongoDB.Driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [MailKit](https://github.com/jstedfast/MailKit) from 4.7.0 to 4.7.1.1. - [Changelog](https://github.com/jstedfast/MailKit/blob/master/ReleaseNotes.md) - [Commits](jstedfast/MailKit@4.7.0...4.7.1.1) --- updated-dependencies: - dependency-name: MailKit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 24.1.0 to 24.2.1. - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@24.1.0...24.2.1) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ansible](https://github.com/ansible-community/ansible-build-data) from 10.1.0 to 10.2.0. - [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md) - [Commits](ansible-community/ansible-build-data@10.1.0...10.2.0) --- updated-dependencies: - dependency-name: ansible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 24.1.0 to 24.2.1. - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@24.1.0...24.2.1) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps node from 20.14.0-bookworm-slim to 22.5.1-bookworm-slim. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps dotnet/sdk from 8.0.302-1-jammy-amd64 to 8.0.303-jammy-amd64. --- updated-dependencies: - dependency-name: dotnet/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps dotnet/aspnet from 8.0.6-jammy-amd64 to 8.0.7-jammy-amd64. --- updated-dependencies: - dependency-name: dotnet/aspnet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@72eb03d...5a2ce3f) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...0b2256b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sillsdev/FieldWorks](https://github.com/sillsdev/fieldworks) from 53b16bd9d629a65054d424cb059e4e2ce943ba97 to 1841598026f41661ed53c3072589dbfed5c14a12. - [Release notes](https://github.com/sillsdev/fieldworks/releases) - [Commits](sillsdev/FieldWorks@53b16bd...1841598) --- updated-dependencies: - dependency-name: sillsdev/FieldWorks dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@82c7e63...39cd149) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.5.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@8450866...e28ff12) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…/sdk-8.0.303-jammy-amd64' into dependabot-2024-08
…okworm-slim' into dependabot-2024-08
…s/dependency-review-action-4.3.4' into dependabot-2024-08
…s/setup-python-5.1.1' into dependabot-2024-08
…s/upload-artifact-4.3.4' into dependabot-2024-08
…v/codecov-action-4.5.0' into dependabot-2024-08
…ev/FieldWorks-1841598026f41661ed53c3072589dbfed5c14a12' into dependabot-2024-08
…library/react-16.0.0' into dependabot-2024-08
…pt-eslint/parser-7.18.0' into dependabot-2024-08
….2.0' into dependabot-2024-08
…24.2.1' into dependabot-2024-08
…nssl-24.2.1' into dependabot-2024-08
…s-2.3.7' into dependabot-2024-08
… into dependabot-2024-08
…24.7.4' into dependabot-2024-08
…fi-2024.7.4' into dependabot-2024-08
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #3289 +/- ##
==========================================
- Coverage 74.63% 74.58% -0.05%
==========================================
Files 279 279
Lines 10683 10683
Branches 1289 1289
==========================================
- Hits 7973 7968 -5
- Misses 2349 2353 +4
- Partials 361 362 +1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
…ombine into dependabot-2024-08
commit 0c9b1fe400: commit bd926d96e1: commit c688262bb6: commit 57aae5b5d1: commit 46a7ae0436: commit 63718b9737: commit 337bee4385: commit c3604e1f1e: commit 28e4910a4e: commit 9d7468c08b: commit 6562b3b654: commit fdc260f116: commit 55797fb56b: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 9 of 14 files at r1, 3 of 4 files at r2, 5 of 5 files at r3, all commit messages.
Reviewable status: all files reviewed, 3 unresolved discussions (waiting on @imnasnainaec)
Dockerfile
line 19 at r3 (raw file):
# Frontend build environment. FROM node:22.5.1-bookworm-slim AS frontend_builder
We should stick with node 20, the latest LTS release. There may be a more recent minor rev that we should consider.
Code quote:
node:22.5.1
package.json
line 164 at r3 (raw file):
}, "volta": { "node": "22.5.1"
This should be reverted as well.
Code quote:
22.5.1"
README.md
line 93 at r3 (raw file):
2. [Chocolatey][chocolatey] (Windows only): a Windows package manager. 3. [Node.js 22 (Current)](https://nodejs.org/en/download/)
This should be reverted as well.
Code quote:
22 (Current
.github/workflows/frontend.yml
line 58 at r3 (raw file):
api.github.com:443 github.com:443 objects.githubusercontent.com:443
Why are these endpoints changed? Has the GitHub api changed? I presume that this is for the update of the User Guide, correct?
Code quote:
objects.githubusercontent.com:443
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 12 of 17 files reviewed, 3 unresolved discussions (waiting on @jmgrady)
package.json
line 164 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
This should be reverted as well.
Done.
.github/workflows/frontend.yml
line 58 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
Why are these endpoints changed? Has the GitHub api changed? I presume that this is for the update of the User Guide, correct?
The node fetching failed (see https://github.com/sillsdev/TheCombine/actions/runs/10200380752), so I updated to match the newer StepSecurity recommendation.
Dockerfile
line 19 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
We should stick with node 20, the latest LTS release. There may be a more recent minor rev that we should consider.
Done.
README.md
line 93 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
This should be reverted as well.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 5 of 5 files at r4, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @imnasnainaec)
This change is