Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all minor versions (minor) #666

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update all minor versions (minor) #666

wants to merge 1 commit into from
+45 −38

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 15, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@snyk/fix 1.1294.3 -> 1.1295.2 age adoption passing confidence
codespell 2.3.0 -> 2.4.1 age adoption passing confidence
poetry-dynamic-versioning ==1.4.1 -> ==1.7.1 age adoption passing confidence
poetry-plugin-export ==1.8.0 -> ==1.9.0 age adoption passing confidence
prospector (source) 1.13.3 -> 1.14.0 age adoption passing confidence
prospector-profile-utils 1.14.1 -> 1.17.0 age adoption passing confidence
pygments (changelog) 2.18.0 -> 2.19.1 age adoption passing confidence
sentry-sdk (changelog) 2.19.2 -> 2.20.0 age adoption passing confidence
snyk 1.1294.3 -> 1.1295.2 age adoption passing confidence
types-setuptools (changelog) 75.6.0.20241223 -> 75.8.0.20250110 age adoption passing confidence

Release Notes

snyk/snyk (@​snyk/fix)

v1.1295.2

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes
  • general: revert dependencies upgrade which introduced a regression on a number of Linux installations

v1.1295.1

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes
  • security: Upgrades goproxy to 1.5 to address a high severity vulnerability
  • security: Upgrades dependencies in IaC plugin to address CVE-2025-21614

v1.1295.0

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features
  • iac: include evidence field in json output [IAC-3161] (9487a08)
  • auth: auto detect API Url during OAuth authentication (6884511)
Bug Fixes
  • test: support verbose gradle graphs for sbom generation (600ef50)
  • general: prevent snyk-policy lib from interrupting stdout to ensure valid --json --sarif output (469edf5)
  • general: improved error messages around network requests (f6fc5f7)
  • general: only read SNYK_ prefixed env vars (5bfcbe8)
  • instrumentation: add default oss product for monitor as well (83cabc3)
  • container: optional dependencies are properly connected in the dep-graph (3205e66)
  • container: package-lock v3 missing sub-dependencies 94c9b7f)
  • container: support --exclude-app-vulns with oauth (73a75fa)
  • monitor: use error catalog messages for monitor commands (4e58601)
  • iac: extra error handling and debugging [IAC-3138] (7fbae0f)
  • iac: snyk-iac-test security update [IAC-3171] (fac22bb)
  • iac: update snyk-iac-parsers version [IAC-3138] (5326d9d)
  • iac: use proxy aware snyk-iac-test [INC-1647] (d5d1e2e)
  • test: do not treat warnings as errors on restore (d0113eb)
  • test:fix mismatch/off-by-one on unmanagedDependencyCount in the analytics logs UNIFY-340 (75d8e6d)
  • test: update snyk-nodejs-plugin to fix micromatch vuln (766bd1d)
  • test: upgrade mvn-plugin to handle jar scanning sha-not-found error (060380a)
  • test: fix runtime versions overwriting nuget versions (5e715cf)
  • instrumentation: stop sending CLI args in analytics (6d183fb)
  • policy update policy library to fix valid json output (0bc0aed)
codespell-project/codespell (codespell)

v2.4.1

Compare Source

What's Changed

New Contributors

Full Changelog: codespell-project/codespell@v2.4.0...v2.4.1

v2.4.0

Compare Source

What's Changed

New Contributors

Full Changelog: codespell-project/codespell@v2.3.0...v2.4.0

mtkennerly/poetry-dynamic-versioning (poetry-dynamic-versioning)

v1.7.1

Compare Source

  • Fixed:
    • There was an intermittent ValueError in PEP 621 mode,
      related to trying to remove "version" from project.dynamic
      when it had already been removed.

v1.7.0

Compare Source

  • Added:
    • The enable command now supports the bypass/override environment variables
      to use a different placeholder version than 0.0.0.
  • Fixed:
    • The enable command would add "version" to project.dynamic even if it were already present.
      (Contributed by waketzheng)
    • The enable command would set tool.poetry.version to "0.0.0"
      even if the field were already present with a different value.

v1.6.0

Compare Source

  • Added:
    • CLI: show command to print the version without changing any files.

v1.5.2

Compare Source

  • Fixed:
    • The formatting of project.dynamic and tool.poetry.version
      could be changed when triggering the plugin via poetry dynamic-versioning or pip install
      (but not via poetry build or poetry-dynamic-versioning).

v1.5.1

Compare Source

v1.5.0

Compare Source

  • Added:
    • CLI: When pyproject.toml contains the project section,
      the enable command will add the required fields for Poetry 2.0.0+.
  • Fixed:
    • For compatibility with Poetry 2.0.0,
      adjusted Poetry constraint from ^1.2.0 to >=1.2.0.
    • For compatibility with Poetry 2.0.0,
      when inserting the dynamic version into pyproject.toml with PEP 621 mode activated,
      the plugin ensures not to set project.version and tool.poetry.version at the same time.
    • An UnboundLocalError could happen when pyproject.toml was misconfigured.
python-poetry/poetry-plugin-export (poetry-plugin-export)

v1.9.0

Compare Source

Added
  • Add an --all-groups option to export dependencies from all groups (#​294).
Changed
  • Drop support for Python 3.8 (#​300).
  • Clarify the help text of --with and --only and deprecate --without (#​212).
  • Fail if the poetry.lock file is not consistent with the pyproject.toml file (#​310).
Fixed
  • Fix an issue where the export failed with the message "dependency walk failed".
    This fix requires a poetry.lock file created with Poetry 2.x (#​286).
  • Fix an issue where the pre-commit hook regex matched wrong files (#​285).
PyCQA/prospector (prospector)

v1.14.0

Compare Source

What's Changed

New Contributors

Full Changelog: prospector-dev/prospector@v1.13.3...1.14.0

sbrunner/prospector-profile-utils (prospector-profile-utils)

v1.17.0

Compare Source

1.17.0 (2025-01-24)

Fixed bugs

v1.16.0

Compare Source

1.16.0 (2025-01-20)

New feature

Chore

Changes that shouldn't affect the users like continuous integration updates

v1.15.1

Compare Source

1.15.1 (2025-01-04)

Fixed bugs

v1.15.0

Compare Source

1.15.0 (2025-01-04)

New feature

Dependency update
pygments/pygments (pygments)

v2.19.1

Compare Source

(released January 6th, 2025)

  • Updated lexers:

    • Ini: Fix quoted string regression introduced in 2.19.0
    • Lua: Fix a regression introduced in 2.19.0

v2.19.0

Compare Source

(released January 5th, 2025)

  • Mark file extensions for HTML/XML+Evoque as aliases (#​2743)
  • Add a color for Operator.Word to the rrt style (#​2709)
  • Fix broken link in the documentation (#​2803,

Configuration

📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Update the dependencies label Jan 15, 2025
@renovate renovate bot enabled auto-merge (squash) January 15, 2025 13:14
@renovate renovate bot force-pushed the renovate/all-minor-versions branch 13 times, most recently from 536da5e to a0fcb3b Compare January 22, 2025 08:10
@renovate renovate bot force-pushed the renovate/all-minor-versions branch 14 times, most recently from 36151a6 to 4592970 Compare January 27, 2025 13:20
@renovate renovate bot force-pushed the renovate/all-minor-versions branch 4 times, most recently from 1c0cb8f to 8be51bf Compare January 28, 2025 23:40
@renovate renovate bot force-pushed the renovate/all-minor-versions branch from 8be51bf to c5def4e Compare January 29, 2025 23:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
dependencies Update the dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants