Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update returntocorp/semgrep docker digest to 875ea8c - abandoned #2003

Open
wants to merge 588 commits into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 30, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change
returntocorp/semgrep container digest 4614ec5 -> 875ea8c

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate bot and others added 30 commits April 6, 2024 01:19
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Add .npmrc file with node-options="--openssl-legacy-provider"
Delete .eslintignore file
Add tsconfig.eslint.json file with specific compiler options
Update vite.config.ts file to include "pool: forks"
Add eslint.config.js file with eslint and typescript-eslint configurations
Delete .eslintrc.json file
Update .github/workflows/node.yml file to use "pnpm build" and "npm test"
Update packages/gateway/test/web.test.ts file to use double quotes
Update package.json file with lint, start, format, and test scripts

* Update eslint.config.js file with eslint and typescript-eslint configurations

* Update eslint.config.js with eslint and typescript-eslint configurations

* Update .gitattributes file to prevent merging changes to generated files

* Update codecovcli command in .github/workflows/node.yml
)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* add logging to triage 1902

Related Error: Error handling packet: error: relation "vehicle" does not exist #1902

* Add TServerLogger type to mockLogger function

* Fix unused import and remove eslint-disable-next-line in State.ts
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot added 8 commits August 2, 2024 18:51
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [black](https://togithub.com/psf/black)
([changelog](https://togithub.com/psf/black/blob/main/CHANGES.md)) |
`==24.4.2` -> `==24.8.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/black/24.8.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/black/24.8.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/black/24.4.2/24.8.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/black/24.4.2/24.8.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>psf/black (black)</summary>

###
[`v24.8.0`](https://togithub.com/psf/black/blob/HEAD/CHANGES.md#2480)

[Compare Source](https://togithub.com/psf/black/compare/24.4.2...24.8.0)

##### Stable style

- Fix crash when `# fmt: off` is used before a closing parenthesis or
bracket. ([#&#8203;4363](https://togithub.com/psf/black/issues/4363))

##### Packaging

- Packaging metadata updated: docs are explictly linked, the issue
tracker is now also
linked. This improves the PyPI listing for Black.
([#&#8203;4345](https://togithub.com/psf/black/issues/4345))

##### Parser

- Fix regression where Black failed to parse a multiline f-string
containing another
multiline string
([#&#8203;4339](https://togithub.com/psf/black/issues/4339))
- Fix regression where Black failed to parse an escaped single quote
inside an f-string
    ([#&#8203;4401](https://togithub.com/psf/black/issues/4401))
- Fix bug with Black incorrectly parsing empty lines with a backslash
([#&#8203;4343](https://togithub.com/psf/black/issues/4343))
- Fix bugs with Black's tokenizer not handling `\{` inside f-strings
very well ([#&#8203;4422](https://togithub.com/psf/black/issues/4422))
- Fix incorrect line numbers in the tokenizer for certain tokens within
f-strings
    ([#&#8203;4423](https://togithub.com/psf/black/issues/4423))

##### Performance

- Improve performance when a large directory is listed in `.gitignore`
([#&#8203;4415](https://togithub.com/psf/black/issues/4415))

##### *Blackd*

- Fix blackd (and all extras installs) for docker container
([#&#8203;4357](https://togithub.com/psf/black/issues/4357))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [coverage](https://togithub.com/nedbat/coveragepy) | `==7.6.0` ->
`==7.6.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/coverage/7.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/coverage/7.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/coverage/7.6.0/7.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/coverage/7.6.0/7.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>nedbat/coveragepy (coverage)</summary>

###
[`v7.6.1`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-761--2024-08-04)

[Compare
Source](https://togithub.com/nedbat/coveragepy/compare/7.6.0...7.6.1)

- Fix: coverage used to fail when measuring code using
:func:`runpy.run_path <python:runpy.run_path>` with a :class:`Path
<python:pathlib.Path>` argument.
    This is now fixed, thanks to `Ask Hjorth Larsen <pull 1819_>`\_.

- Fix: backslashes preceding a multi-line backslashed string could
confuse the
HTML report. This is now fixed, thanks to `LiuYinCarl <pull 1828_>`\_.

- Now we publish wheels for Python 3.13, both regular and free-threaded.

.. \_pull
1819:[https://github.com/nedbat/coveragepy/pull/1819](https://togithub.com/nedbat/coveragepy/pull/1819)9
.. \_pull
1828[https://github.com/nedbat/coveragepy/pull/1828](https://togithub.com/nedbat/coveragepy/pull/1828)28

.. \_changes\_7-6-0:

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [flake8](https://togithub.com/pycqa/flake8)
([changelog](https://flake8.pycqa.org/en/latest/release-notes/index.html))
| `==7.1.0` -> `==7.1.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/flake8/7.1.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/flake8/7.1.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/flake8/7.1.0/7.1.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/flake8/7.1.0/7.1.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>pycqa/flake8 (flake8)</summary>

### [`v7.1.1`](https://togithub.com/pycqa/flake8/compare/7.1.0...7.1.1)

[Compare
Source](https://togithub.com/pycqa/flake8/compare/7.1.0...7.1.1)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [pycodestyle](https://pycodestyle.pycqa.org/)
([changelog](https://pycodestyle.pycqa.org/en/latest/developer.html#changes))
| `==2.12.0` -> `==2.12.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pycodestyle/2.12.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pycodestyle/2.12.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pycodestyle/2.12.0/2.12.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pycodestyle/2.12.0/2.12.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
@renovate renovate bot changed the title chore(deps): update returntocorp/semgrep docker digest to aca826e chore(deps): update returntocorp/semgrep docker digest to c98edb0 Aug 6, 2024
@renovate renovate bot force-pushed the renovate/returntocorp-semgrep branch from 408bf1e to 4e534bc Compare August 6, 2024 19:09
Copy link

@codecov codecov bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodecovAI submitted a new review for 4e534bc

@@ -16,7 +16,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54
image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like the image used for the Semgrep tool has been updated to a different SHA-tagged version. Although this is fine, please ensure the new image version has been thoroughly tested for compatibility and doesn't introduce unexpected behaviour or degrades performance. Also, ideally, the reason for the version change should be provided in the commit message for better traceability.

@@ -16,7 +16,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54
image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that the checkout action is using a specific tag (here the commit hash 692973e3d937129bcbf40652eb9f2f61becf3332). Be sure the commit hash is correct and does exactly what is expected for this workflow. Additionally, always using a tagged release is beneficial for stability reasons and is highly recommended.

Copy link

@codecov codecov bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodecovAI submitted a new review for 4e534bc

@@ -16,7 +16,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54
image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have updated the image of the Semgrep. This assumes that the newer image is backward compatible, and all the steps will pass as expected. While this could be the case, it would idyllic to add checks ensuring this. Moreover, one should always state the reason for such changes in the commit messages to improve tracing and understanding of the project history.

@@ -16,7 +16,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54
image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 'actions/checkout' action being is checked out at a particular commit. While this does ensure that a specific, known version of the action is being used for the job, consider using a released version, especially if the commit used does not correspond to a release. This will make the version being used clearer and ensure that good practices associated with releases, such as additional testing, have been followed.

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [node](https://nodejs.org)
([source](https://togithub.com/nodejs/node)) | minor | `22.5.1` ->
`22.6.0` |

---

### Release Notes

<details>
<summary>nodejs/node (node)</summary>

###
[`v22.6.0`](https://togithub.com/nodejs/node/compare/v22.5.1...v22.6.0)

[Compare
Source](https://togithub.com/nodejs/node/compare/v22.5.1...v22.6.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xOC4xNyIsInVwZGF0ZWRJblZlciI6IjM4LjE4LjE3IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Chores**
- Updated Node.js version to 22.6.0 for improved performance and
potential new features.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (1)
.github/workflows/semgrep.yml (1)

19-19: Provide traceability for the Docker image update.

It is good practice to explain why the container image has been changed, for traceability and troubleshooting purposes. In the future, please leave a comment stating why you are making this change.

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 87d1683 and 4e534bc.

Files selected for processing (1)
  • .github/workflows/semgrep.yml (1 hunks)
Additional comments not posted (1)
.github/workflows/semgrep.yml (1)

19-19: Test the impact of the Docker image update.

Ensure to test the impact of this change on the functioning of the system, especially if there are any breaking changes introduced in this new version.

renovate bot added 5 commits August 6, 2024 23:20
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [pyyaml](https://pyyaml.org/)
([source](https://togithub.com/yaml/pyyaml)) | `==6.0.1` -> `==6.0.2` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pyyaml/6.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pyyaml/6.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pyyaml/6.0.1/6.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pyyaml/6.0.1/6.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>yaml/pyyaml (pyyaml)</summary>

### [`v6.0.2`](https://togithub.com/yaml/pyyaml/releases/tag/6.0.2)

[Compare Source](https://togithub.com/yaml/pyyaml/compare/6.0.1...6.0.2)

#### What's Changed

-   Support for Cython 3.x and Python 3.13.

**Full Changelog**: yaml/pyyaml@6.0.1...6.0.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xOC4xNyIsInVwZGF0ZWRJblZlciI6IjM4LjE4LjE3IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Chores**
- Updated the `pyyaml` package to version `6.0.2` for improved stability
and potential bug fixes.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [sentry-sdk](https://togithub.com/getsentry/sentry-python)
([changelog](https://togithub.com/getsentry/sentry-python/blob/master/CHANGELOG.md))
| `==2.12.0` -> `==2.13.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/sentry-sdk/2.13.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/sentry-sdk/2.13.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/sentry-sdk/2.12.0/2.13.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/sentry-sdk/2.12.0/2.13.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>getsentry/sentry-python (sentry-sdk)</summary>

###
[`v2.13.0`](https://togithub.com/getsentry/sentry-python/blob/HEAD/CHANGELOG.md#2130)

[Compare
Source](https://togithub.com/getsentry/sentry-python/compare/2.12.0...2.13.0)

##### Various fixes & improvements

- **New integration:**
[Ray](https://docs.sentry.io/platforms/python/integrations/ray/)
([#&#8203;2400](https://togithub.com/getsentry/sentry-python/issues/2400))
([#&#8203;2444](https://togithub.com/getsentry/sentry-python/issues/2444))
by [@&#8203;glowskir](https://togithub.com/glowskir)

Usage: (add the RayIntegration to your `sentry_sdk.init()` call and make
sure it is called in the worker processes)

    ```python
    import ray

    import sentry_sdk
    from sentry_sdk.integrations.ray import RayIntegration

    def init_sentry():
        sentry_sdk.init(
            dsn="...",
            traces_sample_rate=1.0,
            integrations=[RayIntegration()],
        )

    init_sentry()

    ray.init(
        runtime_env=dict(worker_process_setup_hook=init_sentry),
    )
    ```

For more information, see the documentation for the [Ray
integration](https://docs.sentry.io/platforms/python/integrations/ray/).

- **New integration:**
[Litestar](https://docs.sentry.io/platforms/python/integrations/litestar/)
([#&#8203;2413](https://togithub.com/getsentry/sentry-python/issues/2413))
([#&#8203;3358](https://togithub.com/getsentry/sentry-python/issues/3358))
by [@&#8203;KellyWalker](https://togithub.com/KellyWalker)

    Usage: (add the LitestarIntegration to your `sentry_sdk.init()`)

    ```python
    from litestar import Litestar, get

    import sentry_sdk
    from sentry_sdk.integrations.litestar import LitestarIntegration

    sentry_sdk.init(
        dsn="...",
        traces_sample_rate=1.0,
        integrations=[LitestarIntegration()],
    )

    @&#8203;get("/")
    async def index() -> str:
        return "Hello, world!"

    app = Litestar(...)
    ```

For more information, see the documentation for the [Litestar
integration](https://docs.sentry.io/platforms/python/integrations/litestar/).

- **New integration:**
[Dramatiq](https://docs.sentry.io/platforms/python/integrations/dramatiq/)
from [@&#8203;jacobsvante](https://togithub.com/jacobsvante)
([#&#8203;3397](https://togithub.com/getsentry/sentry-python/issues/3397))
by [@&#8203;antonpirker](https://togithub.com/antonpirker)
    Usage: (add the DramatiqIntegration to your `sentry_sdk.init()`)

    ```python
    import dramatiq

    import sentry_sdk
    from sentry_sdk.integrations.dramatiq import DramatiqIntegration

    sentry_sdk.init(
        dsn="...",
        traces_sample_rate=1.0,
        integrations=[DramatiqIntegration()],
    )

    @&#8203;dramatiq.actor(max_retries=0)
    def dummy_actor(x, y):
        return x / y

    dummy_actor.send(12, 0)
    ```

For more information, see the documentation for the [Dramatiq
integration](https://docs.sentry.io/platforms/python/integrations/dramatiq/).

- **New config option:** Expose `custom_repr` function that precedes
`safe_repr` invocation in serializer
([#&#8203;3438](https://togithub.com/getsentry/sentry-python/issues/3438))
by [@&#8203;sl0thentr0py](https://togithub.com/sl0thentr0py)

See:
https://docs.sentry.io/platforms/python/configuration/options/#custom-repr

- Profiling: Add client SDK info to profile chunk
([#&#8203;3386](https://togithub.com/getsentry/sentry-python/issues/3386))
by [@&#8203;Zylphrex](https://togithub.com/Zylphrex)

- Serialize vars early to avoid living references
([#&#8203;3409](https://togithub.com/getsentry/sentry-python/issues/3409))
by [@&#8203;sl0thentr0py](https://togithub.com/sl0thentr0py)

- Deprecate hub-based `sessions.py` logic
([#&#8203;3419](https://togithub.com/getsentry/sentry-python/issues/3419))
by [@&#8203;szokeasaurusrex](https://togithub.com/szokeasaurusrex)

- Deprecate `is_auto_session_tracking_enabled`
([#&#8203;3428](https://togithub.com/getsentry/sentry-python/issues/3428))
by [@&#8203;szokeasaurusrex](https://togithub.com/szokeasaurusrex)

- Add note to generated yaml files
([#&#8203;3423](https://togithub.com/getsentry/sentry-python/issues/3423))
by [@&#8203;sentrivana](https://togithub.com/sentrivana)

- Slim down PR template
([#&#8203;3382](https://togithub.com/getsentry/sentry-python/issues/3382))
by [@&#8203;sentrivana](https://togithub.com/sentrivana)

- Use new banner in readme
([#&#8203;3390](https://togithub.com/getsentry/sentry-python/issues/3390))
by [@&#8203;sentrivana](https://togithub.com/sentrivana)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/rustymotors/server-old).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguMjYuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
@renovate renovate bot changed the title chore(deps): update returntocorp/semgrep docker digest to c98edb0 chore(deps): update returntocorp/semgrep docker digest to 875ea8c Aug 14, 2024
@renovate renovate bot force-pushed the renovate/returntocorp-semgrep branch from 4e534bc to 3092cf5 Compare August 14, 2024 20:34
Copy link

sonarcloud bot commented Aug 14, 2024

Copy link

@codecov codecov bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodecovAI submitted a new review for 3092cf5

@@ -16,7 +16,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54
image: returntocorp/semgrep@sha256:875ea8c5200ca5938836fa0c155b2220eca8fc83940da1bfa90caf67d73fb0ed
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Docker image used for semgrep has been updated. Please provide a brief explanation for this update. This should include the reason for the change (like OCI Vulnerabilities, feature updates) and a confirmation that this new Docker image has been tested adequately and successfully. It is always recommended to document such changes in the commit message or PR description, that way it's possible to track reasons for changes and they might be useful for the future references.

Copy link

@codecov codecov bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodecovAI submitted a new review for 3092cf5

@@ -16,7 +16,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54
image: returntocorp/semgrep@sha256:875ea8c5200ca5938836fa0c155b2220eca8fc83940da1bfa90caf67d73fb0ed
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line indicates that the semgrep's container image hash has been updated. Ensure that this new version/image hash has been verified or tested to perform as expected before integrating it into the workflow.

Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 4e534bc and 3092cf5.

Files selected for processing (1)
  • .github/workflows/semgrep.yml (1 hunks)
Files skipped from review due to trivial changes (1)
  • .github/workflows/semgrep.yml

Copy link
Contributor Author

renovate bot commented Aug 19, 2024

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

@renovate renovate bot changed the title chore(deps): update returntocorp/semgrep docker digest to 875ea8c chore(deps): update returntocorp/semgrep docker digest to 875ea8c - abandoned Aug 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant