Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency updates for October 2024 #3388

Draft
wants to merge 44 commits into
base: master
Choose a base branch
from
Draft

Dependency updates for October 2024 #3388

wants to merge 44 commits into from
+332 −231

Conversation

imnasnainaec
Copy link
Collaborator

@imnasnainaec imnasnainaec commented Oct 1, 2024
edited by jasonleenaylor
Loading

This change is Reviewable

dependabot bot and others added 30 commits September 1, 2024 12:09
@dependabot
Bump node from 20.14.0-bookworm-slim to 20.17.0-bookworm-slim
0e87c42 
Bumps node from 20.14.0-bookworm-slim to 20.17.0-bookworm-slim.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump ansible from 10.3.0 to 10.4.0 in /deploy
eb4b16d 
Bumps [ansible](https://github.com/ansible-community/ansible-build-data) from 10.3.0 to 10.4.0.
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md)
- [Commits](ansible-community/ansible-build-data@10.3.0...10.4.0)

---
updated-dependencies:
- dependency-name: ansible
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump serve-static and express
171c4c9 
Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `serve-static` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `express` from 4.19.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.19.2...4.21.0)

---
updated-dependencies:
- dependency-name: serve-static
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1 in /Backend.Tests
42a58c0 
Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.11.0 to 17.11.1.
- [Release notes](https://github.com/microsoft/vstest/releases)
- [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md)
- [Commits](microsoft/vstest@v17.11.0...v17.11.1)

---
updated-dependencies:
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump body-parser and express
16e8df0 
Bumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `body-parser` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.2...1.20.3)

Updates `express` from 4.19.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.19.2...4.21.0)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump send and express
1880e7a 
Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `send` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `express` from 4.19.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.19.2...4.21.0)

---
updated-dependencies:
- dependency-name: send
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump dset from 3.1.3 to 3.1.4
8a800b2 
Bumps [dset](https://github.com/lukeed/dset) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/lukeed/dset/releases)
- [Commits](lukeed/dset@v3.1.3...v3.1.4)

---
updated-dependencies:
- dependency-name: dset
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump rollup from 2.79.1 to 2.79.2
49d5af5 
Bumps [rollup](https://github.com/rollup/rollup) from 2.79.1 to 2.79.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v2.79.1...v2.79.2)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump dotnet/sdk from 8.0.401-jammy to 8.0.402-jammy in /Backend
35ba8da 
Bumps dotnet/sdk from 8.0.401-jammy to 8.0.402-jammy.

---
updated-dependencies:
- dependency-name: dotnet/sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump kubernetes from 30.1.0 to 31.0.0 in /deploy
4d7d8a4 
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 30.1.0 to 31.0.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](kubernetes-client/python@v30.1.0...v31.0.0)

---
updated-dependencies:
- dependency-name: kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump kubernetes from 30.1.0 to 31.0.0 in /maintenance
c695b75 
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 30.1.0 to 31.0.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](kubernetes-client/python@v30.1.0...v31.0.0)

---
updated-dependencies:
- dependency-name: kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump pymongo from 4.8.0 to 4.10.0 in /maintenance
81f3a77 
Bumps [pymongo](https://github.com/mongodb/mongo-python-driver) from 4.8.0 to 4.10.0.
- [Release notes](https://github.com/mongodb/mongo-python-driver/releases)
- [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst)
- [Commits](mongodb/mongo-python-driver@4.8.0...4.10.0)

---
updated-dependencies:
- dependency-name: pymongo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump MailKit from 4.7.1.1 to 4.8.0 in /Backend
f9dc8ca 
Bumps [MailKit](https://github.com/jstedfast/MailKit) from 4.7.1.1 to 4.8.0.
- [Changelog](https://github.com/jstedfast/MailKit/blob/master/ReleaseNotes.md)
- [Commits](jstedfast/MailKit@4.7.1.1...4.8.0)

---
updated-dependencies:
- dependency-name: MailKit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump Swashbuckle.AspNetCore from 6.7.3 to 6.8.1 in /Backend
ae8ba17 
Bumps [Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore) from 6.7.3 to 6.8.1.
- [Release notes](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases)
- [Commits](domaindrivendev/Swashbuckle.AspNetCore@v6.7.3...v6.8.1)

---
updated-dependencies:
- dependency-name: Swashbuckle.AspNetCore
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump actions/setup-node from 4.0.2 to 4.0.4
bc41e3d 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.0.2 to 4.0.4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@60edb5d...0a44ba7)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump sillsdev/FieldWorks
ce59247 
Bumps [sillsdev/FieldWorks](https://github.com/sillsdev/fieldworks) from 9972c2aa3ad9fa768bd82714208152c4b6ce6b2c to ba50e637df9593a2a972b29bf670226e89c0a21b.
- [Release notes](https://github.com/sillsdev/fieldworks/releases)
- [Commits](sillsdev/FieldWorks@9972c2a...ba50e63)

---
updated-dependencies:
- dependency-name: sillsdev/FieldWorks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump actions/setup-dotnet from 4.0.0 to 4.0.1
937f2e8 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@4d6c8fc...6bd8b7f)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump docker/setup-buildx-action from 3.3.0 to 3.6.1
9c90597 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.3.0 to 3.6.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@d70bba7...988b5a0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump docker/setup-qemu-action from 3.0.0 to 3.2.0
f7e781a 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@6882732...49b3bc8)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump MailKit from 4.7.1.1 to 4.8.0 in /Backend.Tests
4403e9d 
Bumps [MailKit](https://github.com/jstedfast/MailKit) from 4.7.1.1 to 4.8.0.
- [Changelog](https://github.com/jstedfast/MailKit/blob/master/ReleaseNotes.md)
- [Commits](jstedfast/MailKit@4.7.1.1...4.8.0)

---
updated-dependencies:
- dependency-name: MailKit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump Swashbuckle.AspNetCore from 6.7.3 to 6.8.1 in /Backend.Tests
4fdf8bb 
Bumps [Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore) from 6.7.3 to 6.8.1.
- [Release notes](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases)
- [Commits](domaindrivendev/Swashbuckle.AspNetCore@v6.7.3...v6.8.1)

---
updated-dependencies:
- dependency-name: Swashbuckle.AspNetCore
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump MongoDB.Driver from 2.28.0 to 2.29.0 in /Backend.Tests
7f676c2 
Bumps [MongoDB.Driver](https://github.com/mongodb/mongo-csharp-driver) from 2.28.0 to 2.29.0.
- [Release notes](https://github.com/mongodb/mongo-csharp-driver/releases)
- [Commits](mongodb/mongo-csharp-driver@v2.28.0...v2.29.0)

---
updated-dependencies:
- dependency-name: MongoDB.Driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/nuget/Backend.Tests/S…
a170fd5 
…washbuckle.AspNetCore-6.8.1' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/nuget/Backend.Tests/M…
bce395b 
…ailKit-4.8.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/github_actions/docker…
b91f706 
…/setup-qemu-action-3.2.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/github_actions/docker…
488b139 
…/setup-buildx-action-3.6.1' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/github_actions/action…
9ceac8c 
…s/setup-dotnet-4.0.1' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/github_actions/sillsd…
7f08e10 
…ev/FieldWorks-ba50e637df9593a2a972b29bf670226e89c0a21b' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/github_actions/action…
51330d8 
…s/setup-node-4.0.4' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/nuget/Backend/Swashbu…
42def0b 
…ckle.AspNetCore-6.8.1' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/nuget/Backend/MailKit…
2f0adce 
…-4.8.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/pip/maintenance/pymon…
bda0b82 
…go-4.10.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/pip/maintenance/kuber…
a0a0c6e 
…netes-31.0.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/pip/deploy/kubernetes…
ba0a925 
…-31.0.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/docker/Backend/dotnet…
3a470c6 
…/sdk-8.0.402-jammy' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/rollup-2…
7fab5bf 
….79.2' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/nuget/Backend.Tests/M…
89f1f63 
…icrosoft.NET.Test.Sdk-17.11.1' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/pip/deploy/ansible-10…
faeb05b 
….4.0' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-d6…
dc3da58 
…6d039ac5' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-94…
707a4e8 
…23f4c335' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-cf…
f16cc12 
…87d80143' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/dset-3.1…
d513d6c 
….4' into dependabot-2024-10
@imnasnainaec
Merge remote-tracking branch 'origin/dependabot/docker/node-20.17.0-b…
2c54835 
…ookworm-slim' into dependabot-2024-10
@imnasnainaec
Update license reports
9f026c7
@imnasnainaec imnasnainaec added docker python dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code .NET Pull requests that update .net code github_actions Pull requests that update GitHub Actions code labels Oct 1, 2024
@imnasnainaec imnasnainaec self-assigned this Oct 1, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 1, 2024

⚠️ Commit Message Format Issues ⚠️
commit 7f676c2429:
3: B1 Line exceeds max length (93>80): "Bumps MongoDB.Driver from 2.28.0 to 2.29.0."
5: B1 Line exceeds max length (85>80): "- Commits"

commit 4fdf8bbf30:
3: B1 Line exceeds max length (110>80): "Bumps Swashbuckle.AspNetCore from 6.7.3 to 6.8.1."
4: B1 Line exceeds max length (85>80): "- Release notes"
5: B1 Line exceeds max length (94>80): "- Commits"

commit f7e781abdf:
3: B1 Line exceeds max length (98>80): "Bumps docker/setup-qemu-action from 3.0.0 to 3.2.0."
5: B1 Line exceeds max length (148>80): "- Commits"

commit 9c90597ad6:
3: B1 Line exceeds max length (102>80): "Bumps docker/setup-buildx-action from 3.3.0 to 3.6.1."
5: B1 Line exceeds max length (150>80): "- Commits"

commit 937f2e8732:
3: B1 Line exceeds max length (90>80): "Bumps actions/setup-dotnet from 4.0.0 to 4.0.1."
5: B1 Line exceeds max length (144>80): "- Commits"

commit ce592470ce:
3: B1 Line exceeds max length (158>80): "Bumps sillsdev/FieldWorks from 9972c2aa3ad9fa768bd82714208152c4b6ce6b2c to ba50e637df9593a2a972b29bf670226e89c0a21b."
5: B1 Line exceeds max length (143>80): "- Commits"

commit bc41e3de31:
3: B1 Line exceeds max length (86>80): "Bumps actions/setup-node from 4.0.2 to 4.0.4."
5: B1 Line exceeds max length (142>80): "- Commits"

commit ae8ba17105:
3: B1 Line exceeds max length (110>80): "Bumps Swashbuckle.AspNetCore from 6.7.3 to 6.8.1."
4: B1 Line exceeds max length (85>80): "- Release notes"
5: B1 Line exceeds max length (94>80): "- Commits"

commit 81f3a77b78:
3: B1 Line exceeds max length (85>80): "Bumps pymongo from 4.8.0 to 4.10.0."
5: B1 Line exceeds max length (91>80): "- Changelog"
6: B1 Line exceeds max length (82>80): "- Commits"

commit c695b752ff:
3: B1 Line exceeds max length (86>80): "Bumps kubernetes from 30.1.0 to 31.0.0."
5: B1 Line exceeds max length (83>80): "- Changelog"
6: B1 Line exceeds max length (82>80): "- Commits"

commit 4d7d8a4d04:
3: B1 Line exceeds max length (86>80): "Bumps kubernetes from 30.1.0 to 31.0.0."
5: B1 Line exceeds max length (83>80): "- Changelog"
6: B1 Line exceeds max length (82>80): "- Commits"

commit 1880e7ae5d:
3: B1 Line exceeds max length (149>80): "Bumps send and express. These dependencies needed to be updated together."

commit 16e8df0572:
3: B1 Line exceeds max length (164>80): "Bumps body-parser and express. These dependencies needed to be updated together."

commit 42a58c0306:
3: B1 Line exceeds max length (92>80): "Bumps Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1."

commit 171c4c951f:
3: B1 Line exceeds max length (166>80): "Bumps serve-static and express. These dependencies needed to be updated together."

commit eb4b16dcb9:
3: B1 Line exceeds max length (95>80): "Bumps ansible from 10.3.0 to 10.4.0."
4: B1 Line exceeds max length (104>80): "- Changelog"
5: B1 Line exceeds max length (92>80): "- Commits"

@codecov Codecov
Copy link

codecov bot commented Oct 1, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 60.00000% with 14 lines in your changes missing coverage. Please review.

Project coverage is 74.59%. Comparing base (b964bca) to head (9f026c7).
Report is 7 commits behind head on master.

Files with missing lines Patch % Lines
src/components/Project/ProjectReducer.ts 9.09% 10 Missing ⚠️
src/components/Project/ProjectActions.ts 50.00% 2 Missing ⚠️
...c/goals/ReviewEntries/ReviewEntriesTable/index.tsx 88.23% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3388      +/-   ##
==========================================
- Coverage   74.64%   74.59%   -0.06%     
==========================================
  Files         280      280              
  Lines       10744    10773      +29     
  Branches     1298     1299       +1     
==========================================
+ Hits         8020     8036      +16     
- Misses       2357     2370      +13     
  Partials      367      367
Flag Coverage Δ
backend 83.81% <ø> (ø)
frontend 66.61% <60.00%> (-0.06%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@imnasnainaec imnasnainaec

Labels
dependencies Pull requests that update a dependency file docker github_actions Pull requests that update GitHub Actions code javascript Pull requests that update Javascript code .NET Pull requests that update .net code python
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@imnasnainaec