Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update dependencies to fix dependabot findings #125

Merged
merged 3 commits into from
Jan 3, 2025
Merged

chore: update dependencies to fix dependabot findings #125

merged 3 commits into from
Jan 3, 2025

Conversation

JTaeuber
Copy link
Member

@JTaeuber JTaeuber commented Jan 2, 2025
edited
Loading

Motivation

As with new-pykube, dependabot stated vulnerabilities with jinja2 in https://github.com/caas-team/py-kube-downscaler/security/dependabot/11 and https://github.com/caas-team/py-kube-downscaler/security/dependabot/12. This PR fixes this and updates all other dependencies while at it.

Changes

  • Updating certifi (2024.8.30 -> 2024.12.14)
  • Updating charset-normalizer (3.4.0 -> 3.4.1)
  • Updating urllib3 (2.2.3 -> 2.3.0)
  • Updating coverage (7.6.9 -> 7.6.10)
  • Updating identify (2.6.3 -> 2.6.4)
  • Updating jinja2 (3.1.4 -> 3.1.5)
  • Updating mypy (1.13.0 -> 1.14.1)
  • Updating new-pykube (24.12.0 -> 25.1.0)
  • Updated the pre-commit hooks

Tests done

Ran the python tests and pre-commit successfully.

TODO

  • I've assigned myself to this PR
  • Update new-pykube to also address the issue

@JTaeuber JTaeuber added fix dependencies Pull requests that update a dependency file labels Jan 2, 2025
@JTaeuber JTaeuber self-assigned this Jan 2, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 2, 2025
edited
Loading

File Coverage
All files 97%
test_autoscale_resource.py 99%
test_cmd.py 100%
test_events.py 100%
test_grace_period.py 100%
test_ignore_if_labels_dont_match.py 100%
test_main.py 100%
test_pods_force_uptime.py 100%
test_resources.py 100%
test_scaler.py 95%
test_time.py 100%

Minimum allowed coverage is 70%

Generated by 🐒 cobertura-action against c03c0c1

@JTaeuber JTaeuber marked this pull request as ready for review January 2, 2025 11:00
samuel-esp
samuel-esp approved these changes Jan 2, 2025
View reviewed changes
Copy link
Collaborator

@samuel-esp samuel-esp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JTaeuber JTaeuber merged commit 342286a into main Jan 3, 2025
7 checks passed
@JTaeuber JTaeuber deleted the chore/UpdateDependecies branch January 3, 2025 05:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samuel-esp samuel-esp samuel-esp approved these changes

@Fovty Fovty Awaiting requested review from Fovty Fovty is a code owner

@jonathan-mayer jonathan-mayer Awaiting requested review from jonathan-mayer jonathan-mayer is a code owner

Assignees

@JTaeuber JTaeuber

Labels
dependencies Pull requests that update a dependency file fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JTaeuber @samuel-esp