Bump the npm_and_yarn group across 1 directory with 2 updates#44
Closed
dependabot[bot] wants to merge 697 commits intomasterfrom
Closed
Bump the npm_and_yarn group across 1 directory with 2 updates#44dependabot[bot] wants to merge 697 commits intomasterfrom
dependabot[bot] wants to merge 697 commits intomasterfrom
Conversation
- Enforce mutual exclusivity by stopping demo/production services in deployment scripts. - Enhance Sidenav tests to include environment name calculation and admin write access checks. - Update backend task definitions with new environment variables and secrets
# Conflicts: # frontend/package.json
…encies from package-lock.json.
… filter, and i18n assets; improve configuration validation and backend tests.
…validation tests: - Created `robots.txt` for managing web crawler access
- Change "Fliessbandarbeit" to "Keine Fliessbandarbeit" for emphasis. - Add section
…ger` service with test to log application startup details. Refactor file structure for clearer organization in presentations.
- Remove Iteration-3 slides for streamlined content flow. - Create detailed Playwright E
- Pin `aquasecurity/trivy-action` to version `v0.29.0` for stability. - Replace invalid `trivy-version` input with `version` in GitHub workflows. - Add `apk upgrade` to Dockerfile to fix HIGH vulnerabilities in Alpine base image. - Modify Playwright workflow to include master branch.
… Update Snyk setup to version `0.4.0`. Add documentation entry for Trivy version fix.
- Add health check to Dockerfile for monitoring service availability. - Change permissions on `/app/data` to `755` for better security. - Include `scan-ref` and disable `skip-policy-update` in Trivy Action for enhanced configuration scanning.
- Document covering a 4-week roadmap for stabilizing AngularAI as a professional demo application. - Include tasks documents detailing CI/Testing/Security improvements such as fixing SonarCloud job path, removing redundant executions, pinning GitHub Actions versions, and enhancing security scan integrations.
Demo taskset 8
- `ingest_to_postgres.py`: Script to ingest normalized task markdown files into Post
- Adjust file paths for unpacking tasks and ADRs - Relocate `adr.md` for better doc organization
- Introduce comprehensive task sets aimed at enhancing reliability, observability, testing, security, and release engineering. - New tasks focus on structured logging, metrics exposure, E2E testing, threat modeling, semantic versioning, and automated release notes.
- Implement `AiProperties` and `AiProviderService` for AI model resolution. - Add Spring AI BOM and Ollama starter, and configure `application-local.yml` and `application-cloud.yml`. - Add compatibility bridges for Spring Boot 4. - Update Maven configuration and test scripts to use `OpenApiGeneratorTest`.
…ompts - Add prompt templates for architecture explanation and quick-add features. - Implement `StructuredOutputService` to handle JSON output with automatic retry and repair feature. - Add `QuickAddParseResult` and `ArchitectureExplainResult` DTOs for structured data handling. - Verify functionality with passing unit
…nation - Introduced new REST endpoints `/api/ai/task-quick-add/parse` and `/api/ai/architecture/explain` to handle AI-powered operations. - Implemented `AiApplicationService` for executing AI use cases. - Added integration tests for `AiController` to ensure endpoint functionality. - Enhanced centralized error handling for AI-specific exceptions with `AiExceptionHandler`. - Removed dependency suppressions and relocated existing ones. - Updated task documentation with verification steps.
- Delete Maven wrapper files and properties to clean up the project. - Introduce `DocEmbeddingRepository` for managing document embeddings in the database. - Add `MarkdownChunker` to handle markdown processing and chunking for document ingestion.
- Introduced Sprint retrospective prompt templates for AI service. - Created `RetrospectiveRequest` and `RetrospectiveResponse` DTOs to define input/output structures. - Added REST endpoint `/api/ai/retrospective` in `RetrospectiveResource`. - Implemented `RetrospectiveAiService` interface for AI model interaction. - Refactored test cases for different database profiles into distinct files. - Removed redundant test cases from `SystemControllerTest`.
…figuration - Introduce `MockitoBean` for
…tupLogger - Annotate tests with `@TestPropertySource` to specify test properties configuration. - Enhance `StartupLogger` with try-catch for error logging if system startup logging fails. - Update Playwright authentication cookie values.
- Introduce debug logs in `FlywayConfig` to track instantiation and bean creation. - Modify `V12__Create_Contact_Message_Table.sql` and `V6__add_password_recovery_tokens.sql` to use `GENERATED BY DEFAULT AS
- Deleted `SchemaValidationTest.java` to simplify test configuration. - Removed debug logging from `FlywayConfig`. - Introduced `BeanFactoryPostProcessor` for
…ngs to prevent duplicate keys and enhance compatibility, add Flyway schema configuration, and correct Envers audit table definitions.
- Remove obsolete migration scripts from the main directory. - Organize migration files under vendor-specific directories (`h2` and `postgresql`) to enhance compatibility and clarity. -
- Merged vendor-specific migrations (H2 and PostgreSQL) into unified schema. - Deleted obsolete `PostgresProfileBootTest` and redundant trace logs. - Updated test properties for `LoginCsrfTest` with active profile settings.
…st Swagger UI settings - Updated `application.properties` to enable `spring.flyway.baseline-on-migrate`.
- Introduce reusable CSS variables to manage background colors. - Implement calmer background tones for architecture page.
… surface tokens and architecture hero background updates.
- Add `features-page.component` with responsive UI elements. - Introduce architecture landing page with core design elements. - Increase backend logging threshold and exclude noisy endpoints from logs. - Update translation files for enhanced language support.
…to copy documentation, and adjust CSRF security settings.
…for logged-in and logged-out users. - Outline design principles for different user states. - Detail required UI improvements including backgrounds, hover effects, and headers. - Provide technical implementation guidelines for Angular components. -
…ional support in retrieval service.
…al form layout standard and shared Angular component - Document global responsive form layout standard for consistent styling and maintainability. - Introduce shared FormRowComponent to reduce duplication
…esting - Apply `Propagation.REQUIRES_NEW` to key transactional methods for improved isolation. - Test `OpenAiManualConfig` with mock interactions to validate message handling. - Update `AiUsageCostService` to re-load users in new transactions for accuracy.
- Updated CSS to apply a responsive flex layout, preventing the 'To Date' field from overflowing. - Removed obsolete CSS classes and ensured the form remains inside the container. - Updated HTML to align
- Migrated form rows in Retrospective, Risk Radar, and ADR Drift to `FormRowComponent`. - Removed redundant form row styles from global `styles.css` for consistency and maintainability. - Adjusted HTML for affected components to utilize the new standardized component.
- Implement `getUserUsageSummary` to provide user-specific AI usage insights. - Introduce `UserAiUsageDto` to standardize API responses for user AI usage data. - Enhance security configurations to restrict access to AI admin endpoints. - Update
- Convert `requests` and `loading` to use Angular signals for reactivity. - Migrate admin access check to a computed signal. - Inject `DestroyRef` and utilize `takeUntilDestroyed` for subscription cleanup. - Update HTML bindings to reflect signal-based state changes.
- Added functionality to account for extra credits in AI usage calculations. - Extended `AiUsageService` with methods to add and retrieve extra credits. - Modified `AiCreditRequestService` to apply extra credits
- Implement `aiUsed` tracking for tasks in `TaskService`. - Modify `QuickAddParseResult` and related tests to handle `aiUsed` status. - Add error handling in deployment scripts to abort on Docker
…in page hierarchy - Document the changes to reduce visual emphasis on the GitHub CTA on the login page for clearer hierarchy. - Detail visual hierarchy improvements for login page to
…cs translations to `ROLE_ADMIN` namespace
- Removed GitHub CTA from brand logo, repositioned to footer in login page. - Adjust styling
Iteration 3
Bumps the npm_and_yarn group with 2 updates in the /frontend directory: [hono](https://github.com/honojs/hono) and [tar](https://github.com/isaacs/node-tar). Updates `hono` from 4.12.5 to 4.12.7 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.5...v4.12.7) Updates `tar` from 7.5.10 to 7.5.11 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.5.10...v7.5.11) --- updated-dependencies: - dependency-name: hono dependency-version: 4.12.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-version: 7.5.11 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Qodana Community for JVMIt seems all right 👌 No new problems were found according to the checks applied 💡 Qodana analysis was run in the pull request mode: only the changed files were checked View the detailed Qodana reportTo be able to view the detailed Qodana report, you can either:
To get - name: 'Qodana Scan'
uses: JetBrains/qodana-action@v2024.3.4
with:
upload-result: trueContact Qodana teamContact us at qodana-support@jetbrains.com
|
Contributor
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
bot
deleted the
dependabot/npm_and_yarn/frontend/npm_and_yarn-86d2b668da
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 2 updates in the /frontend directory: hono and tar.
Updates
honofrom 4.12.5 to 4.12.7Release notes
Sourced from hono's releases.
Commits
b0aba5b4.12.71be3a53ci: apply automated fixesef90225Merge commit from fork3f886364.12.653b66aefix(lambda-edge): avoid callback handler deprecation on NODEJS_24_X (#4782)58825a7feat(jsx-renderer): support function-based options (#4780)0e80acbchore: addtsconfig.spec.json(#4798)d69deb8chore(builld): tsconfig project references (#4797)8217d9efix(jsx): align link hoisting and dedupe with React 19 (#4792)5086956fix(accept): replace regex split to mitigate ReDoS (#4758)Updates
tarfrom 7.5.10 to 7.5.11Commits
bf776f67.5.11f48b5faprevent escaping symlinks with drive-relative paths97cff15docs: more security infoDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.