From 57297f60ac6a5f89aa78845c700601d4ce171727 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 19:36:39 +0000 Subject: [PATCH 1/6] chore: bump transformers from 4.47.0 to 4.47.1 Bumps [transformers](https://github.com/huggingface/transformers) from 4.47.0 to 4.47.1. - [Release notes](https://github.com/huggingface/transformers/releases) - [Commits](https://github.com/huggingface/transformers/compare/v4.47.0...v4.47.1) --- updated-dependencies: - dependency-name: transformers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 37e15dc..59de58a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -transformers==4.47.0 +transformers==4.47.1 prometheus-client==0.21.1 requests==2.32.3 torch==2.5.1 From ca207f8e3e5198ae4d2d0372974e6419273a8086 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 19:36:45 +0000 Subject: [PATCH 2/6] chore: bump slack-bolt from 1.21.3 to 1.22.0 Bumps [slack-bolt](https://github.com/slackapi/bolt-python) from 1.21.3 to 1.22.0. - [Release notes](https://github.com/slackapi/bolt-python/releases) - [Commits](https://github.com/slackapi/bolt-python/compare/v1.21.3...v1.22.0) --- updated-dependencies: - dependency-name: slack-bolt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 37e15dc..42d2f90 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,7 +5,7 @@ torch==2.5.1 flask==3.1.0 gunicorn==23.0.0 yagmail==0.15.293 -slack-bolt==1.21.3 +slack-bolt==1.22.0 slack-sdk==3.33.5 pytest==8.3.4 pytest-cov==6.0.0 From f6d321ddae0dfb8744461930d6852c0b98b9671f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 19:50:28 +0000 Subject: [PATCH 3/6] chore: bump actions/upload-artifact in /.github/workflows Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.3 to 4.5.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/kubescape-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/kubescape-scan.yml b/.github/workflows/kubescape-scan.yml index 110b27b..c5bc9ed 100644 --- a/.github/workflows/kubescape-scan.yml +++ b/.github/workflows/kubescape-scan.yml @@ -51,7 +51,7 @@ jobs: # Upload Kubescape JSON report as an artifact - name: Upload Kubescape JSON Report as Artifact - uses: actions/upload-artifact@v4.4.3 + uses: actions/upload-artifact@v4.5.0 with: name: kubescape-json-report path: kubescape-report.json From 056355d38b44294a1de82f605e47590db04a4838 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 19:50:30 +0000 Subject: [PATCH 4/6] chore: bump sonarsource/sonarqube-scan-action in /.github/workflows Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 4.1.0 to 4.2.1. - [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases) - [Commits](https://github.com/sonarsource/sonarqube-scan-action/compare/v4.1.0...v4.2.1) --- updated-dependencies: - dependency-name: sonarsource/sonarqube-scan-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/sonarcloud.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 7393439..1714ba3 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -36,6 +36,6 @@ jobs: pytest --cov=my_app --cov=my_app/start_app --cov-report=xml - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@v4.1.0 # Ex: v4.1.0, See the latest version at + uses: sonarsource/sonarqube-scan-action@v4.2.1 # Ex: v4.1.0, See the latest version at env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 2331283c795f5482bcd5c61bf1dd8d6cff24fea8 Mon Sep 17 00:00:00 2001 From: meleksabit Date: Mon, 23 Dec 2024 23:03:50 +0200 Subject: [PATCH 5/6] edit dependabot workflow --- .github/dependabot.yml | 155 ++--------------------------------------- 1 file changed, 5 insertions(+), 150 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8bab153..f1a06f7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,7 +1,7 @@ version: 2 updates: # Define update settings for GitHub Actions dependencies - # Configure for main branch + # Configure for development branch - package-ecosystem: "github-actions" # Checks for updates to GitHub Actions in workflows directory: ".github/workflows" # Root directory for GitHub Actions workflows schedule: @@ -9,151 +9,7 @@ updates: reviewers: - "meleksabit" commit-message: - prefix: "chore" - target-branch: "main" - labels: ["dependencies", "weekly-update"] - - # Define update settings for Docker dependencies - - package-ecosystem: "docker" # Checks for updates to Docker images - directory: "/my_app" # Path to the first Dockerfile's directory - schedule: - interval: "weekly" # Set frequency for Docker image updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "main" - labels: ["dependencies", "weekly-update"] - - - package-ecosystem: "docker" # Checks for updates to Docker images - directory: "/prometheus-grafana" # Path to the second Dockerfile's directory - schedule: - interval: "weekly" # Set frequency for Docker image updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "main" - labels: ["dependencies", "weekly-update"] - - # Define update settings for Python dependencies - - package-ecosystem: "pip" # Checks for updates to Python packages in requirements.txt - directory: "/" # Location of the requirements.txt file - schedule: - interval: "weekly" # Choose the frequency for Python dependency updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "main" - labels: ["dependencies", "weekly-update"] - open-pull-requests-limit: 5 # Limits the number of open Dependabot PRs - - # Configure for stage branch - - package-ecosystem: "github-actions" # Checks for updates to GitHub Actions in workflows - directory: ".github/workflows" # Root directory for GitHub Actions workflows - schedule: - interval: "weekly" # Choose the update frequency: daily, weekly, or monthly - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "stage" - labels: ["dependencies", "stage-update"] - - # Define update settings for Docker dependencies - - package-ecosystem: "docker" # Checks for updates to Docker images - directory: "/my_app" # Path to the first Dockerfile's directory - schedule: - interval: "weekly" # Set frequency for Docker image updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "stage" - labels: ["dependencies", "weekly-update"] - - - package-ecosystem: "docker" # Checks for updates to Docker images - directory: "/prometheus-grafana" # Path to the second Dockerfile's directory - schedule: - interval: "weekly" # Set frequency for Docker image updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "stage" - labels: ["dependencies", "weekly-update"] - - # Define update settings for Python dependencies - - package-ecosystem: "pip" # Checks for updates to Python packages in requirements.txt - directory: "/" # Location of the requirements.txt file - schedule: - interval: "weekly" # Choose the frequency for Python dependency updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "stage" - labels: ["dependencies", "stage-update"] - open-pull-requests-limit: 5 # Limits the number of open Dependabot PRs - - # Configure for test branch - - package-ecosystem: "github-actions" # Checks for updates to GitHub Actions in workflows - directory: ".github/workflows" # Root directory for GitHub Actions workflows - schedule: - interval: "weekly" # Choose the update frequency: daily, weekly, or monthly - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "test" - labels: ["dependencies", "test-update"] - - # Define update settings for Docker dependencies - - package-ecosystem: "docker" # Checks for updates to Docker images - directory: "/my_app" # Path to the first Dockerfile's directory - schedule: - interval: "weekly" # Set frequency for Docker image updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "test" - labels: ["dependencies", "weekly-update"] - - - package-ecosystem: "docker" # Checks for updates to Docker images - directory: "/prometheus-grafana" # Path to the second Dockerfile's directory - schedule: - interval: "weekly" # Set frequency for Docker image updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "test" - labels: ["dependencies", "weekly-update"] - - # Define update settings for Python dependencies - - package-ecosystem: "pip" # Checks for updates to Python packages in requirements.txt - directory: "/" # Location of the requirements.txt file - schedule: - interval: "weekly" # Choose the frequency for Python dependency updates - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" - target-branch: "test" - labels: ["dependencies", "test-update"] - open-pull-requests-limit: 5 # Limits the number of open Dependabot PRs - - # Configure for development branch - - package-ecosystem: "github-actions" # Checks for updates to GitHub Actions in workflows - directory: ".github/workflows" # Root directory for GitHub Actions workflows - schedule: - interval: "weekly" # Choose the update frequency: daily, weekly, or monthly - reviewers: - - "meleksabit" - commit-message: - prefix: "chore" + prefix: "deps" target-branch: "development" labels: ["dependencies", "development-update"] @@ -165,7 +21,7 @@ updates: reviewers: - "meleksabit" commit-message: - prefix: "chore" + prefix: "deps" target-branch: "development" labels: ["dependencies", "weekly-update"] @@ -176,7 +32,7 @@ updates: reviewers: - "meleksabit" commit-message: - prefix: "chore" + prefix: "deps" target-branch: "development" labels: ["dependencies", "weekly-update"] @@ -188,7 +44,6 @@ updates: reviewers: - "meleksabit" commit-message: - prefix: "chore" + prefix: "deps" target-branch: "development" labels: ["dependencies", "development-update"] - open-pull-requests-limit: 5 # Limits the number of open Dependabot PRs From 59f0b0013c511dd3917123a3c06f9689976bebf5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 21:13:51 +0000 Subject: [PATCH 6/6] chore: bump slack-sdk from 3.33.5 to 3.34.0 Bumps [slack-sdk](https://github.com/slackapi/python-slack-sdk) from 3.33.5 to 3.34.0. - [Release notes](https://github.com/slackapi/python-slack-sdk/releases) - [Commits](https://github.com/slackapi/python-slack-sdk/compare/v3.33.5...v3.34.0) --- updated-dependencies: - dependency-name: slack-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 42d2f90..e256afc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ flask==3.1.0 gunicorn==23.0.0 yagmail==0.15.293 slack-bolt==1.22.0 -slack-sdk==3.33.5 +slack-sdk==3.34.0 pytest==8.3.4 pytest-cov==6.0.0 Flask-WTF==1.2.2