Staging (#137)

jeffcumpsty-tpx · dependabot[bot] · web-flow · commit 4f3699c1ea85 · 2026-02-16T23:25:13.000Z
* Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Sanitize URLs in logging for schema loading and error handling (#124) * Update staging-to-main workflow to allow dependabot merges and modify .gitignore to include log files (#132) * Update .gitignore to ignore all log files in the logs directory (#134) * Jeffcumpsty tpx patch 1 (#135) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Staging (#125) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Sanitize URLs in logging for schema loading and error handling (#124) * Update staging-to-main workflow to allow dependabot merges and modify .gitignore to include log files (#132) * Update .gitignore to ignore all log files in the logs directory (#134) * Enhance error message for non-staging merges Added echo statement to display current actor during merge error. * chore: Bump Swashbuckle.AspNetCore from 10.1.2 to 10.1.3 (#131) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * chore: Bump Swashbuckle.AspNetCore from 10.1.2 to 10.1.3 --- updated-dependencies: - dependency-name: Swashbuckle.AspNetCore dependency-version: 10.1.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Staging (#125) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Sanitize URLs in logging for schema loading and error handling (#124) * Update staging-to-main workflow to allow dependabot merges and modify .gitignore to include log files (#132) * Update .gitignore to ignore all log files in the logs directory (#134) --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Jeff Cumpsty <jeff.cumpsty@tpximpact.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Bump Serilog.Sinks.File from 6.0.0 to 7.0.0 (#130) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * chore: Bump Serilog.Sinks.File from 6.0.0 to 7.0.0 --- updated-dependencies: - dependency-name: Serilog.Sinks.File dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Jeff Cumpsty <jeff.cumpsty@tpximpact.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Bump Serilog.AspNetCore and Serilog.Sinks.File (#129) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * chore: Bump Serilog.AspNetCore and Serilog.Sinks.File Bumps Serilog.AspNetCore from 8.0.3 to 10.0.0 Bumps Serilog.Sinks.File from 6.0.0 to 7.0.0 --- updated-dependencies: - dependency-name: Serilog.AspNetCore dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: Serilog.Sinks.File dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Jeff Cumpsty <jeff.cumpsty@tpximpact.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Bump the testing-packages group with 1 update (#128) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * chore: Bump the testing-packages group with 1 update Bumps coverlet.collector from 6.0.4 to 8.0.0 --- updated-dependencies: - dependency-name: coverlet.collector dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: testing-packages ... Signed-off-by: dependabot[bot] <support@github.com> * Staging (#125) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Sanitize URLs in logging for schema loading and error handling (#124) * Update staging-to-main workflow to allow dependabot merges and modify .gitignore to include log files (#132) * Update .gitignore to ignore all log files in the logs directory (#134) --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Jeff Cumpsty <jeff.cumpsty@tpximpact.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update .gitignore to ignore all log files in the logs directory (#136) * chore: Bump the microsoft-packages group with 1 update (#127) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * chore: Bump the microsoft-packages group with 1 update Bumps System.IdentityModel.Tokens.Jwt from 8.15.0 to 8.16.0 --- updated-dependencies: - dependency-name: System.IdentityModel.Tokens.Jwt dependency-version: 8.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft-packages ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Jeff Cumpsty <jeff.cumpsty@tpximpact.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Merge maion to staging (#139) * Staging (#118) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Staging (#125) * Update permissions in deploy.yml to allow writing for GitHub releases * Add job name to staging-to-main workflow for clarity * Sanitize URLs in logging for schema loading and error handling (#124) * Update staging-to-main workflow to allow dependabot merges and modify .gitignore to include log files (#132) * Update .gitignore to ignore all log files in the logs directory (#134) * ci: bump the github-actions-updates group with 2 updates (#126) Bumps the github-actions-updates group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `github/codeql-action` from 4.32.2 to 4.32.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v4.32.2...v4.32.3) Updates `aquasecurity/trivy-action` from 0.33.1 to 0.34.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.33.1...0.34.0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: aquasecurity/trivy-action dependency-version: 0.34.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/staging-to-main.yml b/.github/workflows/staging-to-main.yml
@@ -20,6 +20,7 @@ jobs:
         run: |
           echo "Error: Merges into 'main' are only allowed from the 'staging' branch."
           echo "Current source branch: ${{ github.head_ref }}"
+          echo "Current actor: ${{ github.actor }}"
           exit 1
 
       - name: Success status (from staging)
@@ -63,4 +64,4 @@ jobs:
                 '',
                 'Current source branch: **${{ github.head_ref }}**'
               ].join('\n')
-            });
+            });
diff --git a/OpenReferralApi.Tests/OpenReferralApi.Tests.csproj b/OpenReferralApi.Tests/OpenReferralApi.Tests.csproj
@@ -10,7 +10,7 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="coverlet.collector" Version="6.0.4" />
+        <PackageReference Include="coverlet.collector" Version="8.0.0" />
         <PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />
         <PackageReference Include="Moq" Version="4.20.72" />
         <PackageReference Include="NUnit" Version="4.4.0" />
diff --git a/OpenReferralApi/OpenReferralApi.csproj b/OpenReferralApi/OpenReferralApi.csproj
@@ -28,10 +28,10 @@
         <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.0" />
         <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.0" />
         <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.0" />
-        <PackageReference Include="Serilog.AspNetCore" Version="8.0.3" />
-        <PackageReference Include="Serilog.Sinks.File" Version="6.0.0" />
-        <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.2" />
-        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.15.0" />
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.16.0" />
+        <PackageReference Include="Serilog.AspNetCore" Version="10.0.0" />
+        <PackageReference Include="Serilog.Sinks.File" Version="7.0.0" />
+        <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.3" />
     </ItemGroup>
 
     <ItemGroup>
