Bump the mix-patching group with 4 updates

[dependabot]

Bumps the mix-patching group with 4 updates: credo, gettext, ueberauth and ueberauth_github.

Updates credo from 1.6.7 to 1.7.1

Changelog

Sourced from credo's changelog.

1.7.1

• Fix compatibility & compiler warnings with Elixir 1.15
• Improve docs
• Credo.Check.Readability.Specs works for parensless definitions

1.7.0

• Credo.Check.Readability.ModuleDoc works for Phoenix 1.7+ views
• Credo.Check.Readability.FunctionNames now ignores custom operators
• Credo.Check.Refactor.Apply now works in pipes
• Credo.Check.Consistency.ExceptionNames does no longer yield an issue if there is only one match
• Credo.Check.Readability.ModuleNames now supports an :ignore parameter
• Credo.Check.Design.AliasUsage now supports an :if_referenced parameter
• Credo.Check.Readability.FunctionNames now works for acronyms in predicate functions
• Credo.Check.Readability.NestedFunctionCalls now works for calls already in a pipeline and local function calls

Add SARIF support

Credo 1.7 provides a formatter that will output data in SARIF format, allowing direct GitHub support via the Security tab.

You can now use mix credo --format=sarif to output results in SARIF format.

Add IDs to checks

This was requested for SARIF support and has been added to provide a unique identifier for checks that is more technical than the check name.

Check authors can add IDs to their custom checks by using the :id option:

defmodule MyCheck do
  use Credo.Check,
    id: "EX5042",
    category: :warning,
    # ...
end

Credo's naming scheme for these IDs is simple:

EX5042
^^

EX stands for Elixir.

EX5042
  ^

... (truncated)

Commits

• See full diff in compare view

Updates gettext from 0.22.1 to 0.23.1

Changelog

Sourced from gettext's changelog.

v0.23.1

• Use the Hex version of the excoveralls dependency.

v0.23.0

• Add the :custom_flags_to_keep Gettext option.

v0.22.3

• Fix a bug with extracting translations in Elixir 1.15.0+.

v0.22.2

• Use Code.ensure_compiled/1 instead of Code.ensure_loaded/1 for Elixir < 1.12 compatibility.
• Ensure all modules are properly loaded for mix gettext.merge.
• Fix a "protected" check when extracting translations.

Commits

• abc1ca2 Release v0.23.1
• 8d41edb Use excoveralls dependency from Hex
• 52833c0 Start v0.24.0-dev
• 3814009 Release v0.23.0 (#372)
• b9bd1cd Don't force the "elixir-format" flag when merging
• d7e1bef Add the :custom_flags_to_keep option (#370)
• b8eb74d Go back to v0.23.0-dev in mix.exs
• 2d2aaf5 Release v0.22.3
• baa7f8e Don't rely on manifest timestamps in "gettext.extract" (#368)
• e981ff9 Start v0.23.0-dev
• Additional commits viewable in compare view

Updates ueberauth from 0.7.0 to 0.10.5

Release notes

Sourced from ueberauth's releases.

v0.10.5

What's Changed

• Use or strip port from forwarded host header by @​jamesvl in ueberauth/ueberauth#175
• maintenance: Update mix deps by @​jamesvl in ueberauth/ueberauth#178
• Handle default ports when the host header has no port specified by @​wkirschbaum in ueberauth/ueberauth#181

New Contributors

• @​jamesvl made their first contribution in ueberauth/ueberauth#175
• @​wkirschbaum made their first contribution in ueberauth/ueberauth#181

Full Changelog: ueberauth/ueberauth@v0.10.3...v0.10.5

v0.10.3

What's Changed

• Fix spec for set_errors! by @​sax in ueberauth/ueberauth#171

New Contributors

• @​sax made their first contribution in ueberauth/ueberauth#171

Full Changelog: ueberauth/ueberauth@v0.10.2...v0.10.3

v0.10.2

What's Changed

• Fixed typos in documentation by @​ryanzidago in ueberauth/ueberauth#167
• Update :csrf_attack to "csrf_attack" by @​cassiomarques in ueberauth/ueberauth#169

New Contributors

• @​ryanzidago made their first contribution in ueberauth/ueberauth#167
• @​cassiomarques made their first contribution in ueberauth/ueberauth#169

Full Changelog: ueberauth/ueberauth@v0.10.1...v0.10.2

v0.10.1

What's Changed

• Fix callback URL not mounted right when router has nested paths. by @​williamweckl in ueberauth/ueberauth#166

New Contributors

• @​williamweckl made their first contribution in ueberauth/ueberauth#166

Full Changelog: ueberauth/ueberauth@v0.10.0...v0.10.1

v0.10.0

What's Changed

• fixed callback name for callback phase in README by @​webmstk in ueberauth/ueberauth#162
• Don't generate auth/1 for every strategy by @​fuelen in ueberauth/ueberauth#163
• Add option for state param cookie SameSite by @​langalex in ueberauth/ueberauth#164

New Contributors

• @​webmstk made their first contribution in ueberauth/ueberauth#162
• @​langalex made their first contribution in ueberauth/ueberauth#164

... (truncated)

Changelog

Sourced from ueberauth's changelog.

0.10.5 - 2023-03-09

• Fix default port selection when none is specified on the host header #181

0.10.4 - 2023-01-19

• Fix port being duplicate when behind reverse proxy and non-standard port #103

0.10.3 - 2022-09-13

• Fix @spec for Ueberauth.Strategy.Helpers.set_errors!/2

0.10.2 - 2022-08-11

• Replace :csrf_attack with "csrf_attack" so it matches the type specs in Ueberauth.Failure.Error #169

0.10.1 - 2022-07-05

• Fix callback URL not mounted right when router has nested paths #166

0.10.0 - 2022-06-16

• Add state_param_cookie_same_site to strategy options to support different SameSite values #148

v0.9.0 - 2022-04-27

• Prefer x-forwarded-host to construct callback_url #161

v0.8.0 - 2021-08-19

• Add support for custom URL schemes #144

Commits

• See full diff in compare view

Updates ueberauth_github from 0.8.2 to 0.8.3

Release notes

Sourced from ueberauth_github's releases.

v0.8.3

What's Changed

• Conditionally fetch email by @​aiwaiwa in ueberauth/ueberauth_github#78
• Update mix.exs by @​yordis in ueberauth/ueberauth_github#79

New Contributors

• @​aiwaiwa made their first contribution in ueberauth/ueberauth_github#78

Full Changelog: ueberauth/ueberauth_github@v0.8.2...v0.8.3

Changelog

Sourced from ueberauth_github's changelog.

v0.8.3

• Fix empty scope not allowing to proceed with an expected missing email #77

Commits

• a3bb165 Update mix.exs (#79)
• 2934232 Conditionally fetch email (#78)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions