chore(deps): update returntocorp/semgrep docker digest to 875ea8c - abandoned #2003
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Add .npmrc file with node-options="--openssl-legacy-provider" Delete .eslintignore file Add tsconfig.eslint.json file with specific compiler options Update vite.config.ts file to include "pool: forks" Add eslint.config.js file with eslint and typescript-eslint configurations Delete .eslintrc.json file Update .github/workflows/node.yml file to use "pnpm build" and "npm test" Update packages/gateway/test/web.test.ts file to use double quotes Update package.json file with lint, start, format, and test scripts * Update eslint.config.js file with eslint and typescript-eslint configurations * Update eslint.config.js with eslint and typescript-eslint configurations * Update .gitattributes file to prevent merging changes to generated files * Update codecovcli command in .github/workflows/node.yml
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* add logging to triage 1902 Related Error: Error handling packet: error: relation "vehicle" does not exist #1902 * Add TServerLogger type to mockLogger function * Fix unused import and remove eslint-disable-next-line in State.ts
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [black](https://togithub.com/psf/black) ([changelog](https://togithub.com/psf/black/blob/main/CHANGES.md)) | `==24.4.2` -> `==24.8.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>psf/black (black)</summary> ### [`v24.8.0`](https://togithub.com/psf/black/blob/HEAD/CHANGES.md#2480) [Compare Source](https://togithub.com/psf/black/compare/24.4.2...24.8.0) ##### Stable style - Fix crash when `# fmt: off` is used before a closing parenthesis or bracket. ([#​4363](https://togithub.com/psf/black/issues/4363)) ##### Packaging - Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. ([#​4345](https://togithub.com/psf/black/issues/4345)) ##### Parser - Fix regression where Black failed to parse a multiline f-string containing another multiline string ([#​4339](https://togithub.com/psf/black/issues/4339)) - Fix regression where Black failed to parse an escaped single quote inside an f-string ([#​4401](https://togithub.com/psf/black/issues/4401)) - Fix bug with Black incorrectly parsing empty lines with a backslash ([#​4343](https://togithub.com/psf/black/issues/4343)) - Fix bugs with Black's tokenizer not handling `\{` inside f-strings very well ([#​4422](https://togithub.com/psf/black/issues/4422)) - Fix incorrect line numbers in the tokenizer for certain tokens within f-strings ([#​4423](https://togithub.com/psf/black/issues/4423)) ##### Performance - Improve performance when a large directory is listed in `.gitignore` ([#​4415](https://togithub.com/psf/black/issues/4415)) ##### *Blackd* - Fix blackd (and all extras installs) for docker container ([#​4357](https://togithub.com/psf/black/issues/4357)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [coverage](https://togithub.com/nedbat/coveragepy) | `==7.6.0` -> `==7.6.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>nedbat/coveragepy (coverage)</summary> ### [`v7.6.1`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-761--2024-08-04) [Compare Source](https://togithub.com/nedbat/coveragepy/compare/7.6.0...7.6.1) - Fix: coverage used to fail when measuring code using :func:`runpy.run_path <python:runpy.run_path>` with a :class:`Path <python:pathlib.Path>` argument. This is now fixed, thanks to `Ask Hjorth Larsen <pull 1819_>`\_. - Fix: backslashes preceding a multi-line backslashed string could confuse the HTML report. This is now fixed, thanks to `LiuYinCarl <pull 1828_>`\_. - Now we publish wheels for Python 3.13, both regular and free-threaded. .. \_pull 1819:[https://github.com/nedbat/coveragepy/pull/1819](https://togithub.com/nedbat/coveragepy/pull/1819)9 .. \_pull 1828[https://github.com/nedbat/coveragepy/pull/1828](https://togithub.com/nedbat/coveragepy/pull/1828)28 .. \_changes\_7-6-0: </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [flake8](https://togithub.com/pycqa/flake8) ([changelog](https://flake8.pycqa.org/en/latest/release-notes/index.html)) | `==7.1.0` -> `==7.1.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>pycqa/flake8 (flake8)</summary> ### [`v7.1.1`](https://togithub.com/pycqa/flake8/compare/7.1.0...7.1.1) [Compare Source](https://togithub.com/pycqa/flake8/compare/7.1.0...7.1.1) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [pycodestyle](https://pycodestyle.pycqa.org/) ([changelog](https://pycodestyle.pycqa.org/en/latest/developer.html#changes)) | `==2.12.0` -> `==2.12.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/returntocorp-semgrep
branch
from
408bf1e
to
4e534bc
Compare
![codecov[bot]](https://avatars.githubusercontent.com/in/254?s=60&v=4){kind=small}
.github/workflows/semgrep.yml
Outdated
| @@ -16,7 +16,7 @@ jobs: | |||
| env: | |||
| SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} | |||
| container: | |||
| image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 | |||
| image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666 | |||
There was a problem hiding this comment.
It looks like the image used for the Semgrep tool has been updated to a different SHA-tagged version. Although this is fine, please ensure the new image version has been thoroughly tested for compatibility and doesn't introduce unexpected behaviour or degrades performance. Also, ideally, the reason for the version change should be provided in the commit message for better traceability.
| @@ -16,7 +16,7 @@ jobs: | |||
| env: | |||
| SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} | |||
| container: | |||
| image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 | |||
| image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666 | |||
| if: (github.actor != 'dependabot[bot]') | |||
| steps: | |||
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |||
There was a problem hiding this comment.
Note that the checkout action is using a specific tag (here the commit hash 692973e3d937129bcbf40652eb9f2f61becf3332). Be sure the commit hash is correct and does exactly what is expected for this workflow. Additionally, always using a tagged release is beneficial for stability reasons and is highly recommended.
.github/workflows/semgrep.yml
Outdated
| @@ -16,7 +16,7 @@ jobs: | |||
| env: | |||
| SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} | |||
| container: | |||
| image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 | |||
| image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666 | |||
There was a problem hiding this comment.
You have updated the image of the Semgrep. This assumes that the newer image is backward compatible, and all the steps will pass as expected. While this could be the case, it would idyllic to add checks ensuring this. Moreover, one should always state the reason for such changes in the commit messages to improve tracing and understanding of the project history.
| @@ -16,7 +16,7 @@ jobs: | |||
| env: | |||
| SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} | |||
| container: | |||
| image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 | |||
| image: returntocorp/semgrep@sha256:c98edb09ae3abcc870171df7446fd2df8426a6a7f6ff14ca1ac47f4a25bf1666 | |||
| if: (github.actor != 'dependabot[bot]') | |||
| steps: | |||
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |||
There was a problem hiding this comment.
The 'actions/checkout' action being is checked out at a particular commit. While this does ensure that a specific, known version of the action is being used for the job, consider using a released version, especially if the commit used does not correspond to a release. This will make the version being used clearer and ensure that good practices associated with releases, such as additional testing, have been followed.
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://togithub.com/nodejs/node)) | minor | `22.5.1` -> `22.6.0` | --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v22.6.0`](https://togithub.com/nodejs/node/compare/v22.5.1...v22.6.0) [Compare Source](https://togithub.com/nodejs/node/compare/v22.5.1...v22.6.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xOC4xNyIsInVwZGF0ZWRJblZlciI6IjM4LjE4LjE3IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Chores** - Updated Node.js version to 22.6.0 for improved performance and potential new features. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
Outside diff range, codebase verification and nitpick comments (1)
.github/workflows/semgrep.yml (1)
19-19: Provide traceability for the Docker image update.It is good practice to explain why the container image has been changed, for traceability and troubleshooting purposes. In the future, please leave a comment stating why you are making this change.
Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Files selected for processing (1)
- .github/workflows/semgrep.yml (1 hunks)
Additional comments not posted (1)
.github/workflows/semgrep.yml (1)
19-19: Test the impact of the Docker image update.Ensure to test the impact of this change on the functioning of the system, especially if there are any breaking changes introduced in this new version.
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [pyyaml](https://pyyaml.org/) ([source](https://togithub.com/yaml/pyyaml)) | `==6.0.1` -> `==6.0.2` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>yaml/pyyaml (pyyaml)</summary> ### [`v6.0.2`](https://togithub.com/yaml/pyyaml/releases/tag/6.0.2) [Compare Source](https://togithub.com/yaml/pyyaml/compare/6.0.1...6.0.2) #### What's Changed - Support for Cython 3.x and Python 3.13. **Full Changelog**: yaml/pyyaml@6.0.1...6.0.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xOC4xNyIsInVwZGF0ZWRJblZlciI6IjM4LjE4LjE3IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Chores** - Updated the `pyyaml` package to version `6.0.2` for improved stability and potential bug fixes. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [sentry-sdk](https://togithub.com/getsentry/sentry-python) ([changelog](https://togithub.com/getsentry/sentry-python/blob/master/CHANGELOG.md)) | `==2.12.0` -> `==2.13.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>getsentry/sentry-python (sentry-sdk)</summary> ### [`v2.13.0`](https://togithub.com/getsentry/sentry-python/blob/HEAD/CHANGELOG.md#2130) [Compare Source](https://togithub.com/getsentry/sentry-python/compare/2.12.0...2.13.0) ##### Various fixes & improvements - **New integration:** [Ray](https://docs.sentry.io/platforms/python/integrations/ray/) ([#​2400](https://togithub.com/getsentry/sentry-python/issues/2400)) ([#​2444](https://togithub.com/getsentry/sentry-python/issues/2444)) by [@​glowskir](https://togithub.com/glowskir) Usage: (add the RayIntegration to your `sentry_sdk.init()` call and make sure it is called in the worker processes) ```python import ray import sentry_sdk from sentry_sdk.integrations.ray import RayIntegration def init_sentry(): sentry_sdk.init( dsn="...", traces_sample_rate=1.0, integrations=[RayIntegration()], ) init_sentry() ray.init( runtime_env=dict(worker_process_setup_hook=init_sentry), ) ``` For more information, see the documentation for the [Ray integration](https://docs.sentry.io/platforms/python/integrations/ray/). - **New integration:** [Litestar](https://docs.sentry.io/platforms/python/integrations/litestar/) ([#​2413](https://togithub.com/getsentry/sentry-python/issues/2413)) ([#​3358](https://togithub.com/getsentry/sentry-python/issues/3358)) by [@​KellyWalker](https://togithub.com/KellyWalker) Usage: (add the LitestarIntegration to your `sentry_sdk.init()`) ```python from litestar import Litestar, get import sentry_sdk from sentry_sdk.integrations.litestar import LitestarIntegration sentry_sdk.init( dsn="...", traces_sample_rate=1.0, integrations=[LitestarIntegration()], ) @​get("/") async def index() -> str: return "Hello, world!" app = Litestar(...) ``` For more information, see the documentation for the [Litestar integration](https://docs.sentry.io/platforms/python/integrations/litestar/). - **New integration:** [Dramatiq](https://docs.sentry.io/platforms/python/integrations/dramatiq/) from [@​jacobsvante](https://togithub.com/jacobsvante) ([#​3397](https://togithub.com/getsentry/sentry-python/issues/3397)) by [@​antonpirker](https://togithub.com/antonpirker) Usage: (add the DramatiqIntegration to your `sentry_sdk.init()`) ```python import dramatiq import sentry_sdk from sentry_sdk.integrations.dramatiq import DramatiqIntegration sentry_sdk.init( dsn="...", traces_sample_rate=1.0, integrations=[DramatiqIntegration()], ) @​dramatiq.actor(max_retries=0) def dummy_actor(x, y): return x / y dummy_actor.send(12, 0) ``` For more information, see the documentation for the [Dramatiq integration](https://docs.sentry.io/platforms/python/integrations/dramatiq/). - **New config option:** Expose `custom_repr` function that precedes `safe_repr` invocation in serializer ([#​3438](https://togithub.com/getsentry/sentry-python/issues/3438)) by [@​sl0thentr0py](https://togithub.com/sl0thentr0py) See: https://docs.sentry.io/platforms/python/configuration/options/#custom-repr - Profiling: Add client SDK info to profile chunk ([#​3386](https://togithub.com/getsentry/sentry-python/issues/3386)) by [@​Zylphrex](https://togithub.com/Zylphrex) - Serialize vars early to avoid living references ([#​3409](https://togithub.com/getsentry/sentry-python/issues/3409)) by [@​sl0thentr0py](https://togithub.com/sl0thentr0py) - Deprecate hub-based `sessions.py` logic ([#​3419](https://togithub.com/getsentry/sentry-python/issues/3419)) by [@​szokeasaurusrex](https://togithub.com/szokeasaurusrex) - Deprecate `is_auto_session_tracking_enabled` ([#​3428](https://togithub.com/getsentry/sentry-python/issues/3428)) by [@​szokeasaurusrex](https://togithub.com/szokeasaurusrex) - Add note to generated yaml files ([#​3423](https://togithub.com/getsentry/sentry-python/issues/3423)) by [@​sentrivana](https://togithub.com/sentrivana) - Slim down PR template ([#​3382](https://togithub.com/getsentry/sentry-python/issues/3382)) by [@​sentrivana](https://togithub.com/sentrivana) - Use new banner in readme ([#​3390](https://togithub.com/getsentry/sentry-python/issues/3390)) by [@​sentrivana](https://togithub.com/sentrivana) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/rustymotors/server-old). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguMjYuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/returntocorp-semgrep
branch
from
4e534bc
to
3092cf5
Compare
|
| @@ -16,7 +16,7 @@ jobs: | |||
| env: | |||
| SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} | |||
| container: | |||
| image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 | |||
| image: returntocorp/semgrep@sha256:875ea8c5200ca5938836fa0c155b2220eca8fc83940da1bfa90caf67d73fb0ed | |||
There was a problem hiding this comment.
The Docker image used for semgrep has been updated. Please provide a brief explanation for this update. This should include the reason for the change (like OCI Vulnerabilities, feature updates) and a confirmation that this new Docker image has been tested adequately and successfully. It is always recommended to document such changes in the commit message or PR description, that way it's possible to track reasons for changes and they might be useful for the future references.
| @@ -16,7 +16,7 @@ jobs: | |||
| env: | |||
| SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} | |||
| container: | |||
| image: returntocorp/semgrep@sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 | |||
| image: returntocorp/semgrep@sha256:875ea8c5200ca5938836fa0c155b2220eca8fc83940da1bfa90caf67d73fb0ed | |||
There was a problem hiding this comment.
This line indicates that the semgrep's container image hash has been updated. Ensure that this new version/image hash has been verified or tested to perform as expected before integrating it into the workflow.
](https://renovatebot.com){kind=link}
Autoclosing SkippedThis PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error. |
renovate
bot
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
4614ec5->875ea8cConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.