Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump backend dependencies #408

Merged
merged 11 commits into from
Oct 2, 2024
Merged

Bump backend dependencies #408

merged 11 commits into from
Oct 2, 2024

Conversation

mickol34
Copy link
Collaborator

@mickol34 mickol34 commented Sep 24, 2024
edited
Loading

Your checklist for this pull request

  • I've read the contributing guideline.
  • I've tested my changes by building and running mquery, and testing changed functionality (if applicable)
  • I've added automated tests for my change (if applicable, optional)
  • I've updated documentation to reflect my change (if applicable)

What is the current behaviour?
Current code has some dangerous dependencies spotted by Dependabot.

What is the new behaviour?
This bump solves all 15 pip-related issues with current state of Dependabot.

Test plan
App should work the same way after bumping.

Closing issues

fixes #401

@msm-cert
Copy link
Member

Hi,

can you investigate why the PR pipeline fails (https://github.com/CERT-Polska/mquery/actions/runs/11014720081/job/30586014054)?

/opt/hostedtoolcache/Python/3.10.15/x64/lib/python3.10/site-packages/starlette/requests.py:177: error: Positional-only parameters are only supported in Python 3.8 and greater
Found 1 error in 1 file (checked 32 source files)
Error: Process completed with exit code 2.

From a quick look it may be a tooling issue, since Python is already 3.10 and reported location is in the third party lib, but it should still be fixed before merging. Maybe bump of mypy (or starlette) helps here.

@mickol34 mickol34 marked this pull request as draft September 30, 2024 06:34
@mickol34 mickol34 changed the title Issue #401: bump backend dependencies Draft: Issue #401: bump backend dependencies Sep 30, 2024
@mickol34 mickol34 changed the title Draft: Issue #401: bump backend dependencies Issue #401: bump backend dependencies Sep 30, 2024
@mickol34 mickol34 marked this pull request as ready for review October 1, 2024 10:34
@msm-cert msm-cert changed the title Issue #401: bump backend dependencies Bump backend dependencies Oct 2, 2024
@msm-cert msm-cert force-pushed the fix/backend-dependencies-bump-401 branch from 56eb1d8 to ea1dcd6 Compare October 2, 2024 14:05
@msm-cert msm-cert force-pushed the fix/backend-dependencies-bump-401 branch from ea1dcd6 to 4961490 Compare October 2, 2024 14:06
@msm-cert msm-cert merged commit 54f36d3 into master Oct 2, 2024
10 checks passed
@msm-cert msm-cert deleted the fix/backend-dependencies-bump-401 branch October 2, 2024 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@msm-cert msm-cert msm-cert approved these changes

Assignees

@mickol34 mickol34

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Bump backend dependencies, and ensure the project still works
3 participants
@mickol34 @msm-cert @msm-code