Dependabot updates for August 2024 #3289
Conversation
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [requirejs](https://github.com/jrburke/r.js) from 2.3.6 to 2.3.7. - [Commits](requirejs/r.js@2.3.6...2.3.7) --- updated-dependencies: - dependency-name: requirejs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [icu.net](https://github.com/sillsdev/icu-dotnet) from 2.10.1-beta.4 to 2.10.1-beta.5. - [Release notes](https://github.com/sillsdev/icu-dotnet/releases) - [Changelog](https://github.com/sillsdev/icu-dotnet/blob/master/CHANGELOG.md) - [Commits](https://github.com/sillsdev/icu-dotnet/commits) --- updated-dependencies: - dependency-name: icu.net dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 14.3.1 to 16.0.0. - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md) - [Commits](testing-library/react-testing-library@v14.3.1...v16.0.0) --- updated-dependencies: - dependency-name: "@testing-library/react" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 7.14.1 to 7.18.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.18.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore) from 6.6.2 to 6.7.0. - [Release notes](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases) - [Commits](domaindrivendev/Swashbuckle.AspNetCore@v6.6.2...v6.7.0) --- updated-dependencies: - dependency-name: Swashbuckle.AspNetCore dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [MongoDB.Driver](https://github.com/mongodb/mongo-csharp-driver) from 2.27.0 to 2.28.0. - [Release notes](https://github.com/mongodb/mongo-csharp-driver/releases) - [Commits](mongodb/mongo-csharp-driver@v2.27.0...v2.28.0) --- updated-dependencies: - dependency-name: MongoDB.Driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [MailKit](https://github.com/jstedfast/MailKit) from 4.7.0 to 4.7.1.1. - [Changelog](https://github.com/jstedfast/MailKit/blob/master/ReleaseNotes.md) - [Commits](jstedfast/MailKit@4.7.0...4.7.1.1) --- updated-dependencies: - dependency-name: MailKit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 24.1.0 to 24.2.1. - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@24.1.0...24.2.1) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ansible](https://github.com/ansible-community/ansible-build-data) from 10.1.0 to 10.2.0. - [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md) - [Commits](ansible-community/ansible-build-data@10.1.0...10.2.0) --- updated-dependencies: - dependency-name: ansible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 24.1.0 to 24.2.1. - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@24.1.0...24.2.1) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps node from 20.14.0-bookworm-slim to 22.5.1-bookworm-slim. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps dotnet/sdk from 8.0.302-1-jammy-amd64 to 8.0.303-jammy-amd64. --- updated-dependencies: - dependency-name: dotnet/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps dotnet/aspnet from 8.0.6-jammy-amd64 to 8.0.7-jammy-amd64. --- updated-dependencies: - dependency-name: dotnet/aspnet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@72eb03d...5a2ce3f) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...0b2256b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sillsdev/FieldWorks](https://github.com/sillsdev/fieldworks) from 53b16bd9d629a65054d424cb059e4e2ce943ba97 to 1841598026f41661ed53c3072589dbfed5c14a12. - [Release notes](https://github.com/sillsdev/fieldworks/releases) - [Commits](sillsdev/FieldWorks@53b16bd...1841598) --- updated-dependencies: - dependency-name: sillsdev/FieldWorks dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@82c7e63...39cd149) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.5.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@8450866...e28ff12) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…/sdk-8.0.303-jammy-amd64' into dependabot-2024-08
…okworm-slim' into dependabot-2024-08
…s/dependency-review-action-4.3.4' into dependabot-2024-08
…s/setup-python-5.1.1' into dependabot-2024-08
…s/upload-artifact-4.3.4' into dependabot-2024-08
…v/codecov-action-4.5.0' into dependabot-2024-08
…ev/FieldWorks-1841598026f41661ed53c3072589dbfed5c14a12' into dependabot-2024-08
…library/react-16.0.0' into dependabot-2024-08
…pt-eslint/parser-7.18.0' into dependabot-2024-08
….2.0' into dependabot-2024-08
…24.2.1' into dependabot-2024-08
…nssl-24.2.1' into dependabot-2024-08
…s-2.3.7' into dependabot-2024-08
… into dependabot-2024-08
…24.7.4' into dependabot-2024-08
…fi-2024.7.4' into dependabot-2024-08
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #3289 +/- ##
==========================================
- Coverage 74.63% 74.58% -0.05%
==========================================
Files 279 279
Lines 10683 10683
Branches 1289 1289
==========================================
- Hits 7973 7968 -5
- Misses 2349 2353 +4
- Partials 361 362 +1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
…ombine into dependabot-2024-08
|
commit 0c9b1fe400: commit bd926d96e1: commit c688262bb6: commit 57aae5b5d1: commit 46a7ae0436: commit 63718b9737: commit 337bee4385: commit c3604e1f1e: commit 28e4910a4e: commit 9d7468c08b: commit 6562b3b654: commit fdc260f116: commit 55797fb56b: |
There was a problem hiding this comment.
Reviewed 9 of 14 files at r1, 3 of 4 files at r2, 5 of 5 files at r3, all commit messages.
Reviewable status: all files reviewed, 3 unresolved discussions (waiting on @imnasnainaec)
Dockerfile line 19 at r3 (raw file):
# Frontend build environment. FROM node:22.5.1-bookworm-slim AS frontend_builder
We should stick with node 20, the latest LTS release. There may be a more recent minor rev that we should consider.
Code quote:
node:22.5.1package.json line 164 at r3 (raw file):
}, "volta": { "node": "22.5.1"
This should be reverted as well.
Code quote:
22.5.1"README.md line 93 at r3 (raw file):
2. [Chocolatey][chocolatey] (Windows only): a Windows package manager. 3. [Node.js 22 (Current)](https://nodejs.org/en/download/)
This should be reverted as well.
Code quote:
22 (Current.github/workflows/frontend.yml line 58 at r3 (raw file):
api.github.com:443 github.com:443 objects.githubusercontent.com:443
Why are these endpoints changed? Has the GitHub api changed? I presume that this is for the update of the User Guide, correct?
Code quote:
objects.githubusercontent.com:443
There was a problem hiding this comment.
Reviewable status: 12 of 17 files reviewed, 3 unresolved discussions (waiting on @jmgrady)
package.json line 164 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
This should be reverted as well.
Done.
.github/workflows/frontend.yml line 58 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
Why are these endpoints changed? Has the GitHub api changed? I presume that this is for the update of the User Guide, correct?
The node fetching failed (see https://github.com/sillsdev/TheCombine/actions/runs/10200380752), so I updated to match the newer StepSecurity recommendation.
Dockerfile line 19 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
We should stick with node 20, the latest LTS release. There may be a more recent minor rev that we should consider.
Done.
README.md line 93 at r3 (raw file):
Previously, jmgrady (Jim Grady) wrote…
This should be reverted as well.
Done.
There was a problem hiding this comment.
Reviewed 5 of 5 files at r4, all commit messages.
Reviewable status:complete! all files reviewed, all discussions resolved (waiting on @imnasnainaec)
This change is