Dependency updates for October 2024#3388

imnasnainaec · 2024-10-01T20:12:38Z

This change is

Bumps node from 20.14.0-bookworm-slim to 20.17.0-bookworm-slim. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [ansible](https://github.com/ansible-community/ansible-build-data) from 10.3.0 to 10.4.0. - [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md) - [Commits](ansible-community/ansible-build-data@10.3.0...10.4.0) --- updated-dependencies: - dependency-name: ansible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: serve-static dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.11.0 to 17.11.1. - [Release notes](https://github.com/microsoft/vstest/releases) - [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md) - [Commits](microsoft/vstest@v17.11.0...v17.11.1) --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: body-parser dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: send dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [dset](https://github.com/lukeed/dset) from 3.1.3 to 3.1.4. - [Release notes](https://github.com/lukeed/dset/releases) - [Commits](lukeed/dset@v3.1.3...v3.1.4) --- updated-dependencies: - dependency-name: dset dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [rollup](https://github.com/rollup/rollup) from 2.79.1 to 2.79.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.79.2) --- updated-dependencies: - dependency-name: rollup dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps dotnet/sdk from 8.0.401-jammy to 8.0.402-jammy. --- updated-dependencies: - dependency-name: dotnet/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [kubernetes](https://github.com/kubernetes-client/python) from 30.1.0 to 31.0.0. - [Release notes](https://github.com/kubernetes-client/python/releases) - [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md) - [Commits](kubernetes-client/python@v30.1.0...v31.0.0) --- updated-dependencies: - dependency-name: kubernetes dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [pymongo](https://github.com/mongodb/mongo-python-driver) from 4.8.0 to 4.10.0. - [Release notes](https://github.com/mongodb/mongo-python-driver/releases) - [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst) - [Commits](mongodb/mongo-python-driver@4.8.0...4.10.0) --- updated-dependencies: - dependency-name: pymongo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [MailKit](https://github.com/jstedfast/MailKit) from 4.7.1.1 to 4.8.0. - [Changelog](https://github.com/jstedfast/MailKit/blob/master/ReleaseNotes.md) - [Commits](jstedfast/MailKit@4.7.1.1...4.8.0) --- updated-dependencies: - dependency-name: MailKit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore) from 6.7.3 to 6.8.1. - [Release notes](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases) - [Commits](domaindrivendev/Swashbuckle.AspNetCore@v6.7.3...v6.8.1) --- updated-dependencies: - dependency-name: Swashbuckle.AspNetCore dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.0.2 to 4.0.4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@60edb5d...0a44ba7) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [sillsdev/FieldWorks](https://github.com/sillsdev/fieldworks) from 9972c2aa3ad9fa768bd82714208152c4b6ce6b2c to ba50e637df9593a2a972b29bf670226e89c0a21b. - [Release notes](https://github.com/sillsdev/fieldworks/releases) - [Commits](sillsdev/FieldWorks@9972c2a...ba50e63) --- updated-dependencies: - dependency-name: sillsdev/FieldWorks dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@4d6c8fc...6bd8b7f) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.3.0 to 3.6.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@d70bba7...988b5a0) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.0.0 to 3.2.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@6882732...49b3bc8) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [MailKit](https://github.com/jstedfast/MailKit) from 4.7.1.1 to 4.8.0. - [Changelog](https://github.com/jstedfast/MailKit/blob/master/ReleaseNotes.md) - [Commits](jstedfast/MailKit@4.7.1.1...4.8.0) --- updated-dependencies: - dependency-name: MailKit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore) from 6.7.3 to 6.8.1. - [Release notes](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases) - [Commits](domaindrivendev/Swashbuckle.AspNetCore@v6.7.3...v6.8.1) --- updated-dependencies: - dependency-name: Swashbuckle.AspNetCore dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [MongoDB.Driver](https://github.com/mongodb/mongo-csharp-driver) from 2.28.0 to 2.29.0. - [Release notes](https://github.com/mongodb/mongo-csharp-driver/releases) - [Commits](mongodb/mongo-csharp-driver@v2.28.0...v2.29.0) --- updated-dependencies: - dependency-name: MongoDB.Driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…washbuckle.AspNetCore-6.8.1' into dependabot-2024-10

…ailKit-4.8.0' into dependabot-2024-10

…/setup-qemu-action-3.2.0' into dependabot-2024-10

…/setup-buildx-action-3.6.1' into dependabot-2024-10

…s/setup-dotnet-4.0.1' into dependabot-2024-10

…ev/FieldWorks-ba50e637df9593a2a972b29bf670226e89c0a21b' into dependabot-2024-10

…s/setup-node-4.0.4' into dependabot-2024-10

…ckle.AspNetCore-6.8.1' into dependabot-2024-10

…icrosoft.NET.Test.Sdk-17.11.1' into dependabot-2024-10

….4.0' into dependabot-2024-10

…6d039ac5' into dependabot-2024-10

…23f4c335' into dependabot-2024-10

…87d80143' into dependabot-2024-10

….4' into dependabot-2024-10

…ookworm-slim' into dependabot-2024-10

github-actions · 2024-10-01T20:13:01Z

⚠️ Commit Message Format Issues ⚠️
commit a64008b3b1:
3: B1 Line exceeds max length (164>80): "Bumps body-parser and express. These dependencies needed to be updated together."

commit 2eea49fafa:
3: B1 Line exceeds max length (149>80): "Bumps send and express. These dependencies needed to be updated together."

commit 7f676c2429:
3: B1 Line exceeds max length (93>80): "Bumps MongoDB.Driver from 2.28.0 to 2.29.0."
5: B1 Line exceeds max length (85>80): "- Commits"

commit 4fdf8bbf30:
3: B1 Line exceeds max length (110>80): "Bumps Swashbuckle.AspNetCore from 6.7.3 to 6.8.1."
4: B1 Line exceeds max length (85>80): "- Release notes"
5: B1 Line exceeds max length (94>80): "- Commits"

commit f7e781abdf:
3: B1 Line exceeds max length (98>80): "Bumps docker/setup-qemu-action from 3.0.0 to 3.2.0."
5: B1 Line exceeds max length (148>80): "- Commits"

commit 9c90597ad6:
3: B1 Line exceeds max length (102>80): "Bumps docker/setup-buildx-action from 3.3.0 to 3.6.1."
5: B1 Line exceeds max length (150>80): "- Commits"

commit 937f2e8732:
3: B1 Line exceeds max length (90>80): "Bumps actions/setup-dotnet from 4.0.0 to 4.0.1."
5: B1 Line exceeds max length (144>80): "- Commits"

commit ce592470ce:
3: B1 Line exceeds max length (158>80): "Bumps sillsdev/FieldWorks from 9972c2aa3ad9fa768bd82714208152c4b6ce6b2c to ba50e637df9593a2a972b29bf670226e89c0a21b."
5: B1 Line exceeds max length (143>80): "- Commits"

commit bc41e3de31:
3: B1 Line exceeds max length (86>80): "Bumps actions/setup-node from 4.0.2 to 4.0.4."
5: B1 Line exceeds max length (142>80): "- Commits"

commit ae8ba17105:
3: B1 Line exceeds max length (110>80): "Bumps Swashbuckle.AspNetCore from 6.7.3 to 6.8.1."
4: B1 Line exceeds max length (85>80): "- Release notes"
5: B1 Line exceeds max length (94>80): "- Commits"

commit 81f3a77b78:
3: B1 Line exceeds max length (85>80): "Bumps pymongo from 4.8.0 to 4.10.0."
5: B1 Line exceeds max length (91>80): "- Changelog"
6: B1 Line exceeds max length (82>80): "- Commits"

commit c695b752ff:
3: B1 Line exceeds max length (86>80): "Bumps kubernetes from 30.1.0 to 31.0.0."
5: B1 Line exceeds max length (83>80): "- Changelog"
6: B1 Line exceeds max length (82>80): "- Commits"

commit 4d7d8a4d04:
3: B1 Line exceeds max length (86>80): "Bumps kubernetes from 30.1.0 to 31.0.0."
5: B1 Line exceeds max length (83>80): "- Changelog"
6: B1 Line exceeds max length (82>80): "- Commits"

commit 1880e7ae5d:
3: B1 Line exceeds max length (149>80): "Bumps send and express. These dependencies needed to be updated together."

commit 16e8df0572:
3: B1 Line exceeds max length (164>80): "Bumps body-parser and express. These dependencies needed to be updated together."

commit 42a58c0306:
3: B1 Line exceeds max length (92>80): "Bumps Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1."

commit 171c4c951f:
3: B1 Line exceeds max length (166>80): "Bumps serve-static and express. These dependencies needed to be updated together."

commit eb4b16dcb9:
3: B1 Line exceeds max length (95>80): "Bumps ansible from 10.3.0 to 10.4.0."
4: B1 Line exceeds max length (104>80): "- Changelog"
5: B1 Line exceeds max length (92>80): "- Commits"

codecov · 2024-10-01T20:15:42Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 66.63%. Comparing base (508758a) to head (2190a84).
Report is 17 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3388      +/-   ##
==========================================
- Coverage   74.70%   66.63%   -8.07%     
==========================================
  Files         280      233      -47     
  Lines       10856     5791    -5065     
  Branches     1317      702     -615     
==========================================
- Hits         8110     3859    -4251     
+ Misses       2374     1709     -665     
+ Partials      372      223     -149

Flag	Coverage Δ
backend	`?`
frontend	`66.63% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: send dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: body-parser dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [dset](https://github.com/lukeed/dset) from 3.1.3 to 3.1.4. - [Release notes](https://github.com/lukeed/dset/releases) - [Commits](lukeed/dset@v3.1.3...v3.1.4) --- updated-dependencies: - dependency-name: dset dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

…23f4c335' into dependabot-2024-10

…87d80143' into dependabot-2024-10

….4' into dependabot-2024-10

jasonleenaylor

Reviewed 11 of 12 files at r1, 1 of 1 files at r2, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @imnasnainaec)

dependabot bot and others added 30 commits September 1, 2024 12:09

Merge remote-tracking branch 'origin/dependabot/nuget/Backend.Tests/S…

a170fd5

…washbuckle.AspNetCore-6.8.1' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/nuget/Backend.Tests/M…

bce395b

…ailKit-4.8.0' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/github_actions/docker…

b91f706

…/setup-qemu-action-3.2.0' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/github_actions/docker…

488b139

…/setup-buildx-action-3.6.1' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/github_actions/action…

9ceac8c

…s/setup-dotnet-4.0.1' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/github_actions/sillsd…

7f08e10

…ev/FieldWorks-ba50e637df9593a2a972b29bf670226e89c0a21b' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/github_actions/action…

51330d8

…s/setup-node-4.0.4' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/nuget/Backend/Swashbu…

42def0b

…ckle.AspNetCore-6.8.1' into dependabot-2024-10

imnasnainaec added 8 commits October 1, 2024 16:00

Merge remote-tracking branch 'origin/dependabot/nuget/Backend.Tests/M…

89f1f63

…icrosoft.NET.Test.Sdk-17.11.1' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/pip/deploy/ansible-10…

faeb05b

….4.0' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-d6…

dc3da58

…6d039ac5' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-94…

707a4e8

…23f4c335' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-cf…

f16cc12

…87d80143' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/dset-3.1…

d513d6c

….4' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/docker/node-20.17.0-b…

2c54835

…ookworm-slim' into dependabot-2024-10

Update license reports

9f026c7

imnasnainaec added docker python dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code .NET Pull requests that update .net code github_actions Pull requests that update GitHub Actions code labels Oct 1, 2024

imnasnainaec self-assigned this Oct 1, 2024

dependabot bot and others added 7 commits October 7, 2024 18:39

Merge branch 'master' into dependabot-2024-10

8b4a623

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-94…

637b0f2

…23f4c335' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-cf…

849551a

…87d80143' into dependabot-2024-10

Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/dset-3.1…

7eee32a

….4' into dependabot-2024-10

imnasnainaec marked this pull request as ready for review October 7, 2024 18:58

imnasnainaec added 2 commits October 7, 2024 16:56

Merge branch 'master' into dependabot-2024-10

480bd5d

Merge branch 'master' into dependabot-2024-10

2190a84

jasonleenaylor approved these changes Oct 8, 2024

View reviewed changes

imnasnainaec merged commit 0dc83d0 into master Oct 8, 2024

imnasnainaec deleted the dependabot-2024-10 branch October 8, 2024 21:13

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Dependency updates for October 2024#3388