Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update dev deps to remove alerts #64

Merged
merged 3 commits into from
Sep 27, 2023
Merged

fix: update dev deps to remove alerts #64

merged 3 commits into from
Sep 27, 2023

Conversation

mate-from-mattr
Copy link
Contributor

@mate-from-mattr mate-from-mattr commented Sep 25, 2023
edited
Loading

Fixes Dependabot alerts by updating some developer dependencies.

Description

See the references section for wider context on why we need these updates.

  1. Updates commit linting packages to remove semver vulnerability.
  2. Uses latest 6.x version of pytest to remove py vulnerability.
  3. Rust clippy also complained about minor code problems. I pushed changes to get the GitHub action to pass again.
  4. Update the Android Native Development Kit (NDK) to v23. This is the latest version compatible with Rust.
  5. Python 3.6 - 3.9 are at end-of-life and actions/setup-python no longer supports them on the latest Ubuntu. So we've dropped them.
  • Tests for the changes have been added (for bug fixes / features)
  • The commit message(s) follow conventional commits
  • Documentation has been added / updated (for bug fixes / features)
  • Changes follow the contributing document.

Motivation and Context

Part of MATTR's initiative to remove security vulnerabilities.

image

References

  1. Rust Blog - Android NDK update.
  2. actions/setup-python issue - why Python 3.6 no longer works.
  3. Supported versions of Python.
  4. Android NDK Revision History

Does this PR introduce a breaking change?

  • Yes
  • No

Which merge strategy will you use?

  • Squash
  • Rebase (REVIEW COMMITS)

@mate-from-mattr mate-from-mattr force-pushed the ma/upgrade branch 2 times, most recently from d491a44 to 8b0308a Compare September 25, 2023 03:06
@mate-from-mattr mate-from-mattr changed the title fix: update dev deps to remove alerts [WIP] fix: update dev deps to remove alerts Sep 26, 2023
@mate-from-mattr mate-from-mattr changed the title [WIP] fix: update dev deps to remove alerts fix: update dev deps to remove alerts Sep 27, 2023
@mate-from-mattr mate-from-mattr merged commit 2b1b9e7 into master Sep 27, 2023
@mate-from-mattr mate-from-mattr deleted the ma/upgrade branch September 27, 2023 01:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afonsobarracha afonsobarracha afonsobarracha approved these changes

@MargarytaKolomiyets MargarytaKolomiyets Awaiting requested review from MargarytaKolomiyets

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mate-from-mattr @afonsobarracha