Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump pyright from 1.1.384 to 1.1.385 #553

Merged
merged 2 commits into from
Oct 17, 2024
Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 17, 2024

Bumps pyright from 1.1.384 to 1.1.385.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pyright](https://github.com/RobertCraigie/pyright-python) from 1.1.384 to 1.1.385.
- [Release notes](https://github.com/RobertCraigie/pyright-python/releases)
- [Commits](RobertCraigie/pyright-python@v1.1.384...v1.1.385)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from jkreileder as a code owner October 17, 2024 02:49
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 17, 2024
Copy link

codecov bot commented Oct 17, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (4ff30f5) to head (4e1487d).
Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff            @@
##              main      #553   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            8         8           
  Lines          151       151           
  Branches        15        15           
=========================================
  Hits           151       151           
Flag Coverage Δ
python-3.10 100.00% <ø> (ø)
python-3.11 100.00% <ø> (ø)
python-3.12 100.00% <ø> (ø)
python-3.13 100.00% <ø> (ø)
python-3.9 100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link

github-actions bot commented Oct 17, 2024

Test Results

  5 files  ±0    5 suites  ±0   22s ⏱️ ±0s
 36 tests ±0   36 ✅ ±0  0 💤 ±0  0 ❌ ±0 
180 runs  ±0  180 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 4e1487d. ± Comparison against base commit 4ff30f5.

♻️ This comment has been updated with latest results.

@jkreileder jkreileder enabled auto-merge (squash) October 17, 2024 07:42
Copy link

🔍 Vulnerabilities of jkreileder/cf-ips-to-hcloud-fw:pr-553

📦 Image Reference jkreileder/cf-ips-to-hcloud-fw:pr-553
digestsha256:9c39416f552ccf2ad342b3117de54379376d1e2963f41de1417dcab7ff776a7b
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
size25 MB
packages64
📦 Base Image python:3-alpine
also known as
  • 3-alpine3.20
  • 3.13-alpine
  • 3.13-alpine3.20
  • 3.13.0-alpine
  • 3.13.0-alpine3.20
  • alpine
  • alpine3.20
digestsha256:6e0d21f66f665a33876d963f3ff6206b13863a17af0d6cfda68097cd415ec128
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0

Copy link

Recommended fixes for image jkreileder/cf-ips-to-hcloud-fw:pr-553

Base image is python:3-alpine

Name3.13.0-alpine3.20
Digestsha256:6e0d21f66f665a33876d963f3ff6206b13863a17af0d6cfda68097cd415ec128
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 week ago
Size16 MB
Packages43
Flavoralpine
OS3.20
Runtime3.13.0
The base image is also available under the supported tag(s): 3-alpine3.20, 3.13-alpine, 3.13-alpine3.20, 3.13.0-alpine, 3.13.0-alpine3.20, alpine, alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

Overview

Image reference jkreileder/cf-ips-to-hcloud-fw:1 quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-553
- digest f6c3fb147a85 9c39416f552c
- tag 1 pr-553
- provenance a3b2b14 d40c2d7
- vulnerabilities critical: 3 high: 1 medium: 0 low: 0 critical: 0 high: 0 medium: 0 low: 0
- platform linux/amd64 linux/amd64
- size 27 MB 25 MB (-1.6 MB)
- packages 80 64 (-16)
Base Image python:3.12.4-alpine3.20
also known as:
3-alpine
3-alpine3.20
3.12-alpine
3.12-alpine3.20
alpine
alpine3.20
python:3-alpine
also known as:
3-alpine3.20
3.13-alpine
3.13-alpine3.20
3.13.0-alpine
3.13.0-alpine3.20
alpine
alpine3.20
- vulnerabilities critical: 3 high: 1 medium: 0 low: 0 critical: 0 high: 0 medium: 0 low: 0
Environment Variables (5 changes)
  • - 4 removed
  • ± 1 changed
  • 4 unchanged
 GPG_KEY=7169605F62C751356D054A26A821E680E5FA6305
-LANG=C.UTF-8
 PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 PYTHONDONTWRITEBYTECODE=1
 PYTHONFAULTHANDLER=1
-PYTHON_GET_PIP_SHA256=ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-PYTHON_GET_PIP_URL=https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-PYTHON_PIP_VERSION=24.0
-PYTHON_VERSION=3.12.4
+PYTHON_VERSION=3.13.0
Labels (3 changes)
  • ± 3 changed
  • 5 unchanged
-org.opencontainers.image.created=2024-07-15T18:40:43.715Z
+org.opencontainers.image.created=2024-10-17T08:10:47.010Z
 org.opencontainers.image.description=Update Hetzner Cloud firewall rules with current Cloudflare IP ranges
 org.opencontainers.image.licenses=MIT
-org.opencontainers.image.revision=a3b2b148963e273bab7629350a036f97ec24e0d7
+org.opencontainers.image.revision=d40c2d77d0a2b33ac20a72856ea3c6f80bf52067
 org.opencontainers.image.source=https://github.com/jkreileder/cf-ips-to-hcloud-fw
 org.opencontainers.image.title=cf-ips-to-hcloud-fw
 org.opencontainers.image.url=https://github.com/jkreileder/cf-ips-to-hcloud-fw
-org.opencontainers.image.version=1.0.12
+org.opencontainers.image.version=pr-553
Policies (1 improved, 1 worsened, 2 missing data)
Policy Name jkreileder/cf-ips-to-hcloud-fw:1 quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-553 Change Standing
Default non-root user No Change
No AGPL v3 licenses ⚠️ 1 -1 Improved
No fixable critical or high vulnerabilities No Change
No high-profile vulnerabilities No Change
No outdated base images ❓ No data
No unapproved base images ❓ No data ❓ No data
Supply chain attestations ⚠️ 2 +2 Worsened
Packages and Vulnerabilities (44 package changes and 4 vulnerability changes)
  • ➖ 15 packages removed
  • ♾️ 29 packages changed
  • 35 packages unchanged
  • ✔️ 4 vulnerabilities removed
Changes for packages of type apk (27 changes)
Package Version
jkreileder/cf-ips-to-hcloud-fw:1
Version
quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-553
♾️ .python-rundeps 20240715.184054 20241017.081054
♾️ ca-certificates-bundle 20240226-r0 20240705-r0
e2fsprogs 1.47.0-r5
♾️ expat 2.6.2-r0 2.6.3-r0
critical: 3 high: 0 medium: 0 low: 0
Removed vulnerabilities (3):
  • critical : CVE--2024--45492
  • critical : CVE--2024--45491
  • critical : CVE--2024--45490
gettext 0.22.5-r0
keyutils 1.6.3-r3
keyutils-libs 1.6.3-r3
krb5 1.21.3-r0
krb5-conf 1.0-r2
krb5-libs 1.21.3-r0
libcom_err 1.47.0-r5
♾️ libcrypto3 3.3.1-r1 3.3.2-r0
♾️ libexpat 2.6.2-r0 2.6.3-r0
libintl 0.22.5-r0
♾️ libncursesw 6.4_p20240420-r0 6.4_p20240420-r1
libnsl 2.0.1-r0
♾️ libpanelw 6.4_p20240420-r0 6.4_p20240420-r1
♾️ libssl3 3.3.1-r1 3.3.2-r0
libtirpc 1.3.4-r0
libtirpc-conf 1.3.4-r0
libverto 0.3.2-r2
♾️ ncurses 6.4_p20240420-r0 6.4_p20240420-r1
♾️ ncurses-terminfo-base 6.4_p20240420-r0 6.4_p20240420-r1
♾️ openssl 3.3.1-r1 3.3.2-r0
critical: 0 high: 1 medium: 0 low: 0
Removed vulnerabilities (1):
  • high : CVE--2024--6119
♾️ tzdata 2024a-r1 2024b-r0
♾️ xz 5.6.1-r3 5.6.2-r0
♾️ xz-libs 5.6.1-r3 5.6.2-r0
Changes for packages of type generic (1 changes)
Package Version
jkreileder/cf-ips-to-hcloud-fw:1
Version
quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-553
♾️ python 3.12.4 3.13.0
Changes for packages of type pypi (16 changes)
Package Version
jkreileder/cf-ips-to-hcloud-fw:1
Version
quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-553
♾️ anyio 4.4.0 4.6.2.post1
♾️ certifi 2024.7.4 2024.8.30
♾️ cf-ips-to-hcloud-fw 1.0.12 1.0.13.dev0
♾️ charset-normalizer 3.3.2 3.4.0
♾️ cloudflare 3.0.1 3.1.0
♾️ hcloud 2.0.1 2.3.0
♾️ httpcore 1.0.5 1.0.6
♾️ httpx 0.27.0 0.27.2
♾️ idna 3.7 3.10
♾️ pip 24.0 24.2
♾️ pydantic 2.8.2 2.9.2
♾️ pydantic-core 2.20.1 2.23.4
♾️ pyyaml 6.0.1 6.0.2
setuptools 70.3.0
♾️ urllib3 2.2.2 2.2.3
wheel 0.43.0

@jkreileder jkreileder merged commit 84d049e into main Oct 17, 2024
63 checks passed
@jkreileder jkreileder deleted the dependabot/pip/pyright-1.1.385 branch October 17, 2024 08:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant