Skip to content

Update all non-major dependencies #1027

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
clavedeluna merged 1 commit into from
Mar 18, 2025
Merged

Update all non-major dependencies #1027

clavedeluna merged 1 commit into from
Mar 18, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 14, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
coverage >=7.6,<7.7 -> >=7.7,<7.8 age adoption passing confidence
semgrep >=1.111,<1.112 -> >=1.113,<1.114 age adoption passing confidence

Release Notes

nedbat/coveragepy (coverage)

v7.7.0

Compare Source

  • The Coverage object has a new method, :meth:.Coverage.branch_stats for
    getting simple branch information for a module. Closes issue 1888_.

  • The :class:Coverage constructor<.Coverage> now has a plugins parameter
    for passing in plugin objects directly, thanks to Alex Gaynor <pull 1919_>_.

  • Many constant tests in if statements are now recognized as being optimized
    away. For example, previously if 13: would have been considered a branch
    with one path not taken. Now it is understood as always true and no coverage
    is missing.

  • The experimental sys.monitoring support now works for branch coverage if you
    are using Python 3.14.0 alpha 6 or newer. This should reduce the overhead
    coverage.py imposes on your test suite. Set the environment variable
    COVERAGE_CORE=sysmon to try it out.

  • Confirmed support for PyPy 3.11. Thanks Michał Górny.

.. _issue 1888:https://github.com/nedbat/coveragepy/issues/18888
.. _pull 1919https://github.com/nedbat/coveragepy/pull/191919

.. _changes_7-6-12:

returntocorp/semgrep (semgrep)

v1.113.0

Compare Source

Fixed
  • Semgrep will no longer fail a diff scan if there is a relative safe directory (saf-1851)

v1.112.0

Compare Source

Added
  • TypeScript parser now allows ellipses in class bodies. For example, you can
    write the pattern like:
    class $C {
    ...
    $FUNC() { ... }
    ...
    }
    ``` (code-8242)
  • Semgrep will now present more detailed info when a scan is complete, such as what percent of lines were scanned. It is also formatted in a new manner (saf-details)
  • Verbose output will now print additional info about parsing and internal semgrep errors, such as what % of lines were skipped, and the lines they occured on (saf-verbose)
Fixed
  • pro: Fixed bug in (experimental) "at-exit" sinks feature that would prevent
    the identification of a statement like return foo() as one such sink. (code-8199)
  • FIX: --gitlab-secrets output has been updated to conform to GitLab JSON schema (scrt-849)
  • The behavior of --semgrepignore-v2 changed to be closer to the legacy
    Semgrepignore v1. .gitignore files are no longer loaded automatically
    as part of the Semgrepignore v2 exclusion mechanism.
    Loading a .gitignore file must be done
    by placing :include .gitignore in the .semgrepignore file
    as was the case with Semgrepignore v1. (semgrepignore-v1-compat)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@clavedeluna clavedeluna enabled auto-merge March 14, 2025 11:26
@clavedeluna clavedeluna added this pull request to the merge queue Mar 14, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Mar 14, 2025
@renovate renovate bot changed the title Update dependency semgrep to >=1.112,<1.113 Update all non-major dependencies Mar 16, 2025
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from be0fd07 to f0d0aec Compare March 16, 2025 21:25
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from f0d0aec to 885bec3 Compare March 18, 2025 02:36
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 18, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@clavedeluna clavedeluna added this pull request to the merge queue Mar 18, 2025
Merged via the queue into main with commit 9c39777 Mar 18, 2025
14 checks passed
@clavedeluna clavedeluna deleted the renovate/all-minor-patch branch March 18, 2025 10:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@clavedeluna clavedeluna clavedeluna approved these changes

@drdavella drdavella Awaiting requested review from drdavella drdavella is a code owner

@andrecsilva andrecsilva Awaiting requested review from andrecsilva andrecsilva is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@clavedeluna