Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies #253

Merged
merged 26 commits into from
Oct 4, 2024
Merged

Update dependencies #253

merged 26 commits into from
Oct 4, 2024

Conversation

StepanBrychta
Copy link
Contributor

@StepanBrychta StepanBrychta commented Oct 3, 2024
edited
Loading

What does this change?

  • Update dependencies to resolve a few security alerts. This includes the changes from chore(deps): Non-AWS dependency updates #242 and chore(deps): AWS dependency updates #241 so that a new version of scala-libs can be released with the updated dependencies.
  • Add the sierra_typesafe project into all actions (test, report evictions, and release). In the original version this project was left out by accident (project names were copied from the "Test" group of the original Buildkite pipeline, which also omitted this project).

This change should fix all logback-related security alerts across all repos using scala-libs.

@wellcome-collection-scala-steward
Update auth to 2.25.37
3836df1
@wellcome-collection-scala-steward
Update sbt-bloop to 1.6.0
e7e143a
@wellcome-collection-scala-steward
Update logback-access to 1.4.14
83b4650
@wellcome-collection-scala-steward
Update apm-agent-api to 1.51.0
093ad2c
@wellcome-collection-scala-steward
Update fm-sbt-s3-resolver to 0.22.0
04e0ec8
@wellcome-collection-scala-steward
Update sbt-scalafmt to 1.16
e2702aa
@wellcome-collection-scala-steward
Update elastic4s-client-esjava to 8.9.5
85b7dbc
@wellcome-collection-scala-steward
Update sbt-docker-compose to 1.0.35
25eb3e5
@wellcome-collection-scala-steward
Update typesafe:config to 1.4.3
bb0c1c3
@wellcome-collection-scala-steward
Update commons-io to 2.16.1
7737747
@wellcome-collection-scala-steward
Update circe-core to 0.14.9
e235e47
@wellcome-collection-scala-steward
Update circe-generic-extras to 0.14.4
742f22d
@wellcome-collection-scala-steward
Update jna to 5.14.0
8ae5b8c
@wellcome-collection-scala-steward
Update pekko-actor-testkit-typed to 1.1.0
7620127
@wellcome-collection-scala-steward
Update mockito-core to 5.13.0
b057649
@wellcome-collection-scala-steward
Update scala-library to 2.12.19
84030ef
@wellcome-collection-scala-steward
Update sbt to 1.9.9
cc6b3a4
@wellcome-collection-scala-steward
Update scalatest to 3.2.19
363d602
@wellcome-collection-scala-steward
Update scanamo to 1.1.1
76c9b1f
@weco-bot
Apply auto-formatting rules
4b74f02
@StepanBrychta
Include sierra_typesafe in release action #5780
73cbd63
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 3, 2024
edited
Loading

Suspected binary incompatible evictions across all projects (summary)

  • org.scala-lang:scala-library:2.12.20 is selected over {2.12.19, 2.12.19, 2.12.19, 2.12.15, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.8, 2.12.18, 2.12.19, 2.12.15, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19}
  • org.scala-lang:scala-library:2.12.20 is selected over {2.12.19, 2.12.19, 2.12.19, 2.12.15, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.8, 2.12.18, 2.12.19, 2.12.15, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19}
  • org.scala-lang:scala-library:2.12.20 is selected over {2.12.19, 2.12.19, 2.12.19, 2.12.15, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.8, 2.12.18, 2.12.19, 2.12.15, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19, 2.12.19}
  • org.slf4j:slf4j-api:2.0.16 is selected over {2.0.7, 1.7.9, 1.7.30, 1.7.30, 1.7.30, 1.7.30}
  • org.slf4j:slf4j-api:2.0.16 is selected over {2.0.7, 1.7.9, 1.7.30, 1.7.30, 1.7.30}
  • org.slf4j:slf4j-api:2.0.16 is selected over {2.0.7, 2.0.9, 2.0.9, 2.0.9, 2.0.9, 2.0.9, 2.0.9, 2.0.9, 2.0.9, 1.7.9, 1.7.30, 1.7.30, 1.7.30}
  • org.slf4j:slf4j-api:2.0.9 is selected over {1.7.9, 1.7.30, 1.7.30, 1.7.30}

See individual evictions stages for more detail

@StepanBrychta StepanBrychta marked this pull request as ready for review October 3, 2024 09:03
@StepanBrychta StepanBrychta requested a review from a team October 3, 2024 09:04
@StepanBrychta StepanBrychta changed the title Include sierra_typesafe in release action #5780 Update dependencies Oct 3, 2024
@StepanBrychta StepanBrychta force-pushed the Include-sierra_typesafe-in-release-action branch from d9db254 to 0504cf3 Compare October 4, 2024 08:30
@StepanBrychta StepanBrychta force-pushed the Include-sierra_typesafe-in-release-action branch from 0504cf3 to 952cccf Compare October 4, 2024 08:33
@StepanBrychta StepanBrychta force-pushed the Include-sierra_typesafe-in-release-action branch from 952cccf to af7f553 Compare October 4, 2024 08:40
paul-butcher
paul-butcher approved these changes Oct 4, 2024
View reviewed changes
Copy link
Contributor

@paul-butcher paul-butcher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've not tried this out, because I know the the proof of this only really comes when this lib gets updated in the applications that use it, and you are about to sort those out.

@StepanBrychta StepanBrychta merged commit e07c8ce into main Oct 4, 2024
30 checks passed
@StepanBrychta StepanBrychta deleted the Include-sierra_typesafe-in-release-action branch October 4, 2024 09:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paul-butcher paul-butcher paul-butcher approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@StepanBrychta @paul-butcher @weco-bot