Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump taskcluster from 44.2.2 to 44.17.1 in /tools #275

Closed
wants to merge 1 commit into from
Closed

Bump taskcluster from 44.2.2 to 44.17.1 in /tools #275

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jul 13, 2022

Bumps taskcluster from 44.2.2 to 44.17.1.

Release notes

Sourced from taskcluster's releases.

v44.17.1

GENERAL

▶ [patch] Remove unused config value auditLog

▶ [patch] This patch addresses the following vuln in passport https://security.snyk.io/vuln/SNYK-JS-PASSPORT-2840631. This also upgrades express to the latest stable release.

▶ [patch] #5557 This patch upgrades to Debian 10 docker images, as Debian 9 hit EOL.

▶ [patch] Upgrade node to the latest LTS release, v16.16.0. This is a security release. More info can be found here.

DEVELOPERS

▶ [patch] Remove node-fetch dependency from ui/ as it was only used in abandoned queryServer.js script to cache possible graphql types.

▶ [patch] #5391 Skip github checks if github build is unkown. This happens in periodic and manual hooks that are doing some periodic operations on github repo. Those operations are not initiated by github, so there is no new build/check suite created for those events.

v44.17.0

GENERAL

▶ [minor] #5456 This change adds more DB functions to allow for filtering in the DB based on worker state and quarantined status for the workers page. Previously, filtering would only happen on the initial page loaded from the DB if results were paginated. This should also speed up the workers page rendering when a filter is applied.

▶ [patch] #5529 This patch makes it so that the docker-compose.yml file is updated with the new taskcluster docker image version on a yarn release. Previously, the version wasn't updated, so the meta-generate task would fail on releases. This issue first appeared in v44.16.4.

▶ [patch] #5319 This patch migrates the legacy, process.hrtime([time]) to the new, process.hrtime.bigint(). See Node Docs for more information.

▶ [patch] This patch upgrades dependencies to their latest minor/patch versions. Doing so fixes a handful of vulns found within Snyk and docker scans.

DEVELOPERS

▶ [patch] Added a cloudbuild.yaml file for the Google Cloud Build trigger on the main branch.

v44.16.4

USERS

... (truncated)

Changelog

Sourced from taskcluster's changelog.

v44.17.1

GENERAL

▶ [patch] Remove unused config value auditLog

▶ [patch] This patch addresses the following vuln in passport https://security.snyk.io/vuln/SNYK-JS-PASSPORT-2840631. This also upgrades express to the latest stable release.

▶ [patch] #5557 This patch upgrades to Debian 10 docker images, as Debian 9 hit EOL.

▶ [patch] Upgrade node to the latest LTS release, v16.16.0. This is a security release. More info can be found here.

DEVELOPERS

▶ [patch] Remove node-fetch dependency from ui/ as it was only used in abandoned queryServer.js script to cache possible graphql types.

▶ [patch] #5391 Skip github checks if github build is unkown. This happens in periodic and manual hooks that are doing some periodic operations on github repo. Those operations are not initiated by github, so there is no new build/check suite created for those events.

v44.17.0

GENERAL

▶ [minor] #5456 This change adds more DB functions to allow for filtering in the DB based on worker state and quarantined status for the workers page. Previously, filtering would only happen on the initial page loaded from the DB if results were paginated. This should also speed up the workers page rendering when a filter is applied.

▶ [patch] #5529 This patch makes it so that the docker-compose.yml file is updated with the new taskcluster docker image version on a yarn release. Previously, the version wasn't updated, so the meta-generate task would fail on releases. This issue first appeared in v44.16.4.

▶ [patch] #5319 This patch migrates the legacy, process.hrtime([time]) to the new, process.hrtime.bigint(). See Node Docs for more information.

▶ [patch] This patch upgrades dependencies to their latest minor/patch versions. Doing so fixes a handful of vulns found within Snyk and docker scans.

DEVELOPERS

▶ [patch] Added a cloudbuild.yaml file for the Google Cloud Build trigger on the main branch.

v44.16.4

... (truncated)

Commits
  • c6e1d5f v44.17.1
  • 8ea4d52 Merge pull request #5562 from taskcluster/dependabot/npm_and_yarn/request-ip-...
  • 85a1b64 build(deps): bump request-ip from 2.2.0 to 3.3.0
  • fad8f23 Merge pull request #5559 from taskcluster/dependabot/npm_and_yarn/moment-2.29.4
  • 0802a27 build(deps-dev): bump moment from 2.29.3 to 2.29.4
  • 88e6e28 Merge pull request #5558 from taskcluster/matt-boris/node16.16.0
  • d308dc7 Upgrade to Debian 10 LTS (buster)
  • 26b3266 build(deps): upgrade node to 16.16.0
  • 7f36bb2 Merge pull request #5546 from taskcluster/dependabot/npm_and_yarn/ui/node-fet...
  • 086f1e3 Merge branch 'main' into dependabot/npm_and_yarn/ui/node-fetch-3.2.6
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump taskcluster from 44.2.2 to 44.17.1 in /tools
945d0f3 
Bumps [taskcluster](https://github.com/taskcluster/taskcluster) from 44.2.2 to 44.17.1.
- [Release notes](https://github.com/taskcluster/taskcluster/releases)
- [Changelog](https://github.com/taskcluster/taskcluster/blob/main/CHANGELOG.md)
- [Commits](taskcluster/taskcluster@v44.2.2...v44.17.1)

---
updated-dependencies:
- dependency-name: taskcluster
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jul 13, 2022
@dependabot dependabot bot mentioned this pull request Jul 13, 2022
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jul 28, 2022

Superseded by #282.

@dependabot dependabot bot closed this Jul 28, 2022
@dependabot dependabot bot deleted the dependabot/pip/tools/taskcluster-44.17.1 branch July 28, 2022 11:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants