From c28402acae43143381481c0d3efb33f7c3fc0b07 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Aug 2024 04:04:58 +0000 Subject: [PATCH 1/5] Bump @sentry/node from 8.25.0 to 8.26.0 Bumps [@sentry/node](https://github.com/getsentry/sentry-javascript) from 8.25.0 to 8.26.0. - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/8.25.0...8.26.0) --- updated-dependencies: - dependency-name: "@sentry/node" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 167 ++++++++++++++++++++++++++++++++++++++++++---- package.json | 2 +- 2 files changed, 154 insertions(+), 15 deletions(-) diff --git a/package-lock.json b/package-lock.json index eecb8c56..21195cd3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "@babel/core": "^7.25.2", "@babel/plugin-transform-class-properties": "^7.24.7", "@babel/preset-env": "^7.25.3", - "@sentry/node": "^8.25.0", + "@sentry/node": "^8.26.0", "@sentry/profiling-node": "^8.25.0", "autoprefixer": "^10.4.20", "axios": "^1.7.3", @@ -2228,6 +2228,21 @@ "@opentelemetry/api": "^1.3.0" } }, + "node_modules/@opentelemetry/instrumentation-fs": { + "version": "0.14.0", + "resolved": "https://registry.npmjs.org/@opentelemetry/instrumentation-fs/-/instrumentation-fs-0.14.0.tgz", + "integrity": "sha512-pVc8P5AgliC1DphyyBUgsxXlm2XaPH4BpYvt7rAZDMIqUpRk8gs19SioABtKqqxvFzg5jPtgJfJsdxq0Y+maLw==", + "dependencies": { + "@opentelemetry/core": "^1.8.0", + "@opentelemetry/instrumentation": "^0.52.0" + }, + "engines": { + "node": ">=14" + }, + "peerDependencies": { + "@opentelemetry/api": "^1.3.0" + } + }, "node_modules/@opentelemetry/instrumentation-graphql": { "version": "0.42.0", "resolved": "https://registry.npmjs.org/@opentelemetry/instrumentation-graphql/-/instrumentation-graphql-0.42.0.tgz", @@ -2543,9 +2558,9 @@ } }, "node_modules/@sentry/node": { - "version": "8.25.0", - "resolved": "https://registry.npmjs.org/@sentry/node/-/node-8.25.0.tgz", - "integrity": "sha512-KFeJpYU/7CKi/v8D72ztniA+QqH0yBv2wzEP0PUe3DWZ/Fwl0OQSVWNNuDfJBQUvk3NrytCH5A6klZjU0/rwlw==", + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/node/-/node-8.26.0.tgz", + "integrity": "sha512-N9mNLzicnfGgsq6P10ckPdTzEFusjTC7gpqPopwq5eEMF7g798hH8CcE5o6FZ4iAAR3vWliAR/jgccdoMmJMpQ==", "dependencies": { "@opentelemetry/api": "^1.9.0", "@opentelemetry/context-async-hooks": "^1.25.1", @@ -2554,6 +2569,7 @@ "@opentelemetry/instrumentation-connect": "0.38.0", "@opentelemetry/instrumentation-express": "0.41.1", "@opentelemetry/instrumentation-fastify": "0.38.0", + "@opentelemetry/instrumentation-fs": "0.14.0", "@opentelemetry/instrumentation-graphql": "0.42.0", "@opentelemetry/instrumentation-hapi": "0.40.0", "@opentelemetry/instrumentation-http": "0.52.1", @@ -2570,10 +2586,10 @@ "@opentelemetry/sdk-trace-base": "^1.25.1", "@opentelemetry/semantic-conventions": "^1.25.1", "@prisma/instrumentation": "5.17.0", - "@sentry/core": "8.25.0", - "@sentry/opentelemetry": "8.25.0", - "@sentry/types": "8.25.0", - "@sentry/utils": "8.25.0", + "@sentry/core": "8.26.0", + "@sentry/opentelemetry": "8.26.0", + "@sentry/types": "8.26.0", + "@sentry/utils": "8.26.0", "import-in-the-middle": "^1.11.0" }, "engines": { @@ -2583,14 +2599,45 @@ "opentelemetry-instrumentation-fetch-node": "1.2.3" } }, + "node_modules/@sentry/node/node_modules/@sentry/core": { + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-8.26.0.tgz", + "integrity": "sha512-g/tVmTZD4GNbLFf++hKJfBpcCAtduFEMLnbfa9iT/QEZjlmP+EzY+GsH9bafM5VsNe8DiOUp+kJKWtShzlVdBA==", + "dependencies": { + "@sentry/types": "8.26.0", + "@sentry/utils": "8.26.0" + }, + "engines": { + "node": ">=14.18" + } + }, + "node_modules/@sentry/node/node_modules/@sentry/types": { + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/types/-/types-8.26.0.tgz", + "integrity": "sha512-zKmh6SWsJh630rpt7a9vP4Cm4m1C2gDTUqUiH565CajCL/4cePpNWYrNwalSqsOSL7B9OrczA1+n6a6XvND+ng==", + "engines": { + "node": ">=14.18" + } + }, + "node_modules/@sentry/node/node_modules/@sentry/utils": { + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-8.26.0.tgz", + "integrity": "sha512-xvlPU9Hd2BlyT+FhWHGNwnxWqdVRk2AHnDtVcW4Ma0Ri5EwS+uy4Jeik5UkSv8C5RVb9VlxFmS8LN3I1MPJsLw==", + "dependencies": { + "@sentry/types": "8.26.0" + }, + "engines": { + "node": ">=14.18" + } + }, "node_modules/@sentry/opentelemetry": { - "version": "8.25.0", - "resolved": "https://registry.npmjs.org/@sentry/opentelemetry/-/opentelemetry-8.25.0.tgz", - "integrity": "sha512-6g4TXwQMHtvmlu2i1OKqvFD2W2RTrGBxDtJ1tBQmqCfHKyiqQ37gy6AozuwrQ3po1KKbawaQGIFNEzb4wnSrfA==", + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/opentelemetry/-/opentelemetry-8.26.0.tgz", + "integrity": "sha512-HBDheM/+ysfIz8R1OH4bBIxdgD7ZbQkKLJAUXkdAbBcfbpK/CTtwcplbauF5wY7Q+GYvwL/ShuDwvXRfW+gFyQ==", "dependencies": { - "@sentry/core": "8.25.0", - "@sentry/types": "8.25.0", - "@sentry/utils": "8.25.0" + "@sentry/core": "8.26.0", + "@sentry/types": "8.26.0", + "@sentry/utils": "8.26.0" }, "engines": { "node": ">=14.18" @@ -2603,6 +2650,37 @@ "@opentelemetry/semantic-conventions": "^1.25.1" } }, + "node_modules/@sentry/opentelemetry/node_modules/@sentry/core": { + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-8.26.0.tgz", + "integrity": "sha512-g/tVmTZD4GNbLFf++hKJfBpcCAtduFEMLnbfa9iT/QEZjlmP+EzY+GsH9bafM5VsNe8DiOUp+kJKWtShzlVdBA==", + "dependencies": { + "@sentry/types": "8.26.0", + "@sentry/utils": "8.26.0" + }, + "engines": { + "node": ">=14.18" + } + }, + "node_modules/@sentry/opentelemetry/node_modules/@sentry/types": { + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/types/-/types-8.26.0.tgz", + "integrity": "sha512-zKmh6SWsJh630rpt7a9vP4Cm4m1C2gDTUqUiH565CajCL/4cePpNWYrNwalSqsOSL7B9OrczA1+n6a6XvND+ng==", + "engines": { + "node": ">=14.18" + } + }, + "node_modules/@sentry/opentelemetry/node_modules/@sentry/utils": { + "version": "8.26.0", + "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-8.26.0.tgz", + "integrity": "sha512-xvlPU9Hd2BlyT+FhWHGNwnxWqdVRk2AHnDtVcW4Ma0Ri5EwS+uy4Jeik5UkSv8C5RVb9VlxFmS8LN3I1MPJsLw==", + "dependencies": { + "@sentry/types": "8.26.0" + }, + "engines": { + "node": ">=14.18" + } + }, "node_modules/@sentry/profiling-node": { "version": "8.25.0", "resolved": "https://registry.npmjs.org/@sentry/profiling-node/-/profiling-node-8.25.0.tgz", @@ -2623,6 +2701,67 @@ "node": ">=14.18" } }, + "node_modules/@sentry/profiling-node/node_modules/@sentry/node": { + "version": "8.25.0", + "resolved": "https://registry.npmjs.org/@sentry/node/-/node-8.25.0.tgz", + "integrity": "sha512-KFeJpYU/7CKi/v8D72ztniA+QqH0yBv2wzEP0PUe3DWZ/Fwl0OQSVWNNuDfJBQUvk3NrytCH5A6klZjU0/rwlw==", + "dependencies": { + "@opentelemetry/api": "^1.9.0", + "@opentelemetry/context-async-hooks": "^1.25.1", + "@opentelemetry/core": "^1.25.1", + "@opentelemetry/instrumentation": "^0.52.1", + "@opentelemetry/instrumentation-connect": "0.38.0", + "@opentelemetry/instrumentation-express": "0.41.1", + "@opentelemetry/instrumentation-fastify": "0.38.0", + "@opentelemetry/instrumentation-graphql": "0.42.0", + "@opentelemetry/instrumentation-hapi": "0.40.0", + "@opentelemetry/instrumentation-http": "0.52.1", + "@opentelemetry/instrumentation-ioredis": "0.42.0", + "@opentelemetry/instrumentation-koa": "0.42.0", + "@opentelemetry/instrumentation-mongodb": "0.46.0", + "@opentelemetry/instrumentation-mongoose": "0.40.0", + "@opentelemetry/instrumentation-mysql": "0.40.0", + "@opentelemetry/instrumentation-mysql2": "0.40.0", + "@opentelemetry/instrumentation-nestjs-core": "0.39.0", + "@opentelemetry/instrumentation-pg": "0.43.0", + "@opentelemetry/instrumentation-redis-4": "0.41.0", + "@opentelemetry/resources": "^1.25.1", + "@opentelemetry/sdk-trace-base": "^1.25.1", + "@opentelemetry/semantic-conventions": "^1.25.1", + "@prisma/instrumentation": "5.17.0", + "@sentry/core": "8.25.0", + "@sentry/opentelemetry": "8.25.0", + "@sentry/types": "8.25.0", + "@sentry/utils": "8.25.0", + "import-in-the-middle": "^1.11.0" + }, + "engines": { + "node": ">=14.18" + }, + "optionalDependencies": { + "opentelemetry-instrumentation-fetch-node": "1.2.3" + } + }, + "node_modules/@sentry/profiling-node/node_modules/@sentry/opentelemetry": { + "version": "8.25.0", + "resolved": "https://registry.npmjs.org/@sentry/opentelemetry/-/opentelemetry-8.25.0.tgz", + "integrity": "sha512-6g4TXwQMHtvmlu2i1OKqvFD2W2RTrGBxDtJ1tBQmqCfHKyiqQ37gy6AozuwrQ3po1KKbawaQGIFNEzb4wnSrfA==", + "dependencies": { + "@sentry/core": "8.25.0", + "@sentry/types": "8.25.0", + "@sentry/utils": "8.25.0" + }, + "engines": { + "node": ">=14.18" + }, + "peerDependencies": { + "@opentelemetry/api": "^1.9.0", + "@opentelemetry/core": "^1.25.1", + "@opentelemetry/instrumentation": "^0.52.1", + "@opentelemetry/sdk-trace-base": "^1.25.1", + "@opentelemetry/semantic-conventions": "^1.25.1" + } + }, "node_modules/@sentry/types": { "version": "8.25.0", "resolved": "https://registry.npmjs.org/@sentry/types/-/types-8.25.0.tgz", diff --git a/package.json b/package.json index 194aafcc..5ec5968a 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ "@babel/core": "^7.25.2", "@babel/plugin-transform-class-properties": "^7.24.7", "@babel/preset-env": "^7.25.3", - "@sentry/node": "^8.25.0", + "@sentry/node": "^8.26.0", "@sentry/profiling-node": "^8.25.0", "autoprefixer": "^10.4.20", "axios": "^1.7.3", From 405c85dd4d47e254e7e4bf036526893b35f6a5fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Aug 2024 04:05:08 +0000 Subject: [PATCH 2/5] Bump axios from 1.7.3 to 1.7.4 Bumps [axios](https://github.com/axios/axios) from 1.7.3 to 1.7.4. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.7.3...v1.7.4) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 21195cd3..0eb662d7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "@sentry/node": "^8.26.0", "@sentry/profiling-node": "^8.25.0", "autoprefixer": "^10.4.20", - "axios": "^1.7.3", + "axios": "^1.7.4", "babel-loader": "^9.1.3", "body-parser": "^1.20.2", "browser-sync": "^3.0.2", @@ -3689,9 +3689,9 @@ "dev": true }, "node_modules/axios": { - "version": "1.7.3", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.3.tgz", - "integrity": "sha512-Ar7ND9pU99eJ9GpoGQKhKf58GpUOgnzuaB7ueNQ5BMi0p+LZ5oaEnfF999fAArcTIBwXTCHAmGcHOZJaWPq9Nw==", + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", + "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", "dependencies": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", diff --git a/package.json b/package.json index 5ec5968a..923a5c9a 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ "@sentry/node": "^8.26.0", "@sentry/profiling-node": "^8.25.0", "autoprefixer": "^10.4.20", - "axios": "^1.7.3", + "axios": "^1.7.4", "babel-loader": "^9.1.3", "body-parser": "^1.20.2", "browser-sync": "^3.0.2", From be643d9caa36a7d03bb5b36a5466c620cc434811 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Aug 2024 04:05:24 +0000 Subject: [PATCH 3/5] Bump winston from 3.14.1 to 3.14.2 Bumps [winston](https://github.com/winstonjs/winston) from 3.14.1 to 3.14.2. - [Release notes](https://github.com/winstonjs/winston/releases) - [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md) - [Commits](https://github.com/winstonjs/winston/compare/v3.14.1...v3.14.2) --- updated-dependencies: - dependency-name: winston dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0eb662d7..371583b5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -61,7 +61,7 @@ "webpack-assets-manifest": "^5.2.1", "webpack-cli": "^5.1.4", "webpack-merge": "^6.0.1", - "winston": "^3.14.1" + "winston": "^3.14.2" }, "devDependencies": { "@babel/eslint-parser": "^7.25.1", @@ -15921,9 +15921,9 @@ "integrity": "sha512-CC1bOL87PIWSBhDcTrdeLo6eGT7mCFtrg0uIJtqJUFyK+eJnzl8A1niH56uu7KMa5XFrtiV+AQuHO3n7DsHnLQ==" }, "node_modules/winston": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/winston/-/winston-3.14.1.tgz", - "integrity": "sha512-CJi4Il/msz8HkdDfXOMu+r5Au/oyEjFiOZzbX2d23hRLY0narGjqfE5lFlrT5hfYJhPtM8b85/GNFsxIML/RVA==", + "version": "3.14.2", + "resolved": "https://registry.npmjs.org/winston/-/winston-3.14.2.tgz", + "integrity": "sha512-CO8cdpBB2yqzEf8v895L+GNKYJiEq8eKlHU38af3snQBQ+sdAIUepjMSguOIJC7ICbzm0ZI+Af2If4vIJrtmOg==", "dependencies": { "@colors/colors": "^1.6.0", "@dabh/diagnostics": "^2.0.2", diff --git a/package.json b/package.json index 923a5c9a..a583aad6 100644 --- a/package.json +++ b/package.json @@ -85,7 +85,7 @@ "webpack-assets-manifest": "^5.2.1", "webpack-cli": "^5.1.4", "webpack-merge": "^6.0.1", - "winston": "^3.14.1" + "winston": "^3.14.2" }, "devDependencies": { "@babel/eslint-parser": "^7.25.1", From 52e098202a93b748fc93bd6c4ffaae16309920ae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Aug 2024 04:05:47 +0000 Subject: [PATCH 4/5] Bump cypress from 13.13.2 to 13.13.3 Bumps [cypress](https://github.com/cypress-io/cypress) from 13.13.2 to 13.13.3. - [Release notes](https://github.com/cypress-io/cypress/releases) - [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md) - [Commits](https://github.com/cypress-io/cypress/compare/v13.13.2...v13.13.3) --- updated-dependencies: - dependency-name: cypress dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 371583b5..af39a882 100644 --- a/package-lock.json +++ b/package-lock.json @@ -68,7 +68,7 @@ "chai": "^5.1.1", "chai-as-promised": "^8.0.0", "chai-subset": "^1.6.0", - "cypress": "^13.13.2", + "cypress": "^13.13.3", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", "eslint-config-standard": "^17.1.0", @@ -5765,9 +5765,9 @@ } }, "node_modules/cypress": { - "version": "13.13.2", - "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.13.2.tgz", - "integrity": "sha512-PvJQU33933NvS1StfzEb8/mu2kMy4dABwCF+yd5Bi7Qly1HOVf+Bufrygee/tlmty/6j5lX+KIi8j9Q3JUMbhA==", + "version": "13.13.3", + "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.13.3.tgz", + "integrity": "sha512-hUxPrdbJXhUOTzuML+y9Av7CKoYznbD83pt8g3klgpioEha0emfx4WNIuVRx0C76r0xV2MIwAW9WYiXfVJYFQw==", "dev": true, "hasInstallScript": true, "dependencies": { diff --git a/package.json b/package.json index a583aad6..0169292a 100644 --- a/package.json +++ b/package.json @@ -92,7 +92,7 @@ "chai": "^5.1.1", "chai-as-promised": "^8.0.0", "chai-subset": "^1.6.0", - "cypress": "^13.13.2", + "cypress": "^13.13.3", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", "eslint-config-standard": "^17.1.0", From 7ba466bf0b4e0c530bae194e32c69b1009ba7d6e Mon Sep 17 00:00:00 2001 From: Sophie Wenban Date: Mon, 19 Aug 2024 16:26:28 +0100 Subject: [PATCH 5/5] Update Cypress version in the dependancies --- Dockerfile | 2 +- docs/Dependabot.md | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index ef695d85..d46905a6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM gcr.io/sre-docker-registry/omis-dependencies:1.0.5 +FROM gcr.io/sre-docker-registry/omis-dependencies:1.0.6 ARG CURRENT_UID ARG CURRENT_GID diff --git a/docs/Dependabot.md b/docs/Dependabot.md index 6a07117b..6569ea74 100644 --- a/docs/Dependabot.md +++ b/docs/Dependabot.md @@ -44,7 +44,7 @@ docker build -f Dockerfile.dependencies -t omis-dependencies . --platform linux/ Tag the dependencies image with the incremented version. ```bash -export VERSION=1.0.5 # Increment this version each time when you edit Dockerfile. +export VERSION=1.0.6 # Increment this version each time when you edit Dockerfile. docker tag omis-dependencies:latest gcr.io/sre-docker-registry/omis-dependencies:${VERSION} docker tag omis-dependencies:latest gcr.io/sre-docker-registry/omis-dependencies:latest ``` @@ -71,4 +71,5 @@ Commit the new changes to the `chore/dependencies` branch before raising the mai ### Bulk upgrade of dependency groups As with the Data Hub frontend, this project has some dependencies that need to be updated together: -- Sentry (`dependabot:update-sentry`) \ No newline at end of file + +- Sentry (`dependabot:update-sentry`)