chore(deps): bump the production-dependencies group with 9 updates #253

dependabot · 2024-10-24T07:36:10Z

Bumps the production-dependencies group with 9 updates:

Package	From	To
ash	`3.4.32`	`3.4.36`
ash_admin	`0.11.6`	`0.11.9`
ash_graphql	`1.4.0`	`1.4.1`
ash_json_api	`1.4.11`	`1.4.12`
ash_phoenix	`2.1.5`	`2.1.6`
ash_postgres	`2.4.9`	`2.4.11`
esbuild	`0.8.1`	`0.8.2`
floki	`0.36.2`	`0.36.3`
postgrex	`0.19.1`	`0.19.2`

Updates ash from 3.4.32 to 3.4.36

Changelog

Sourced from ash's changelog.

v3.4.36 (2024-10-24)

Bug Fixes:

properly replace fields with their replacement, not just their rules

ensure opts are passed through to constructed query in stream

Improvements:

add context indicating which action was just used to create a record

add just_created_with_action/1 check

v3.4.35 (2024-10-22)

Bug Fixes:

allow optional code interface args for fields with defaults

don't rewrite all attributes to atomics

write all attributes to atomics list before dispatching to data layer on update query

remove multichar aliases from mix ash.gen.resource

check nil before calling Decimal.eq? in Type.Decimal.equal? (#1538)

v3.4.34 (2024-10-21)

Bug Fixes:

properly accept options for ash.gen.resource in installer

v3.4.33 (2024-10-18)

Bug Fixes:

... (truncated)

Commits

1824129 chore: release version v3.4.36
1c4a0f2 fix: properly replace fields with their replacement, not just their rules
2d463e3 improvement: add context indicating which action was just used to create a re...
1aee4ba chore: various small fixes
dc76175 test: prove that calculations can return a list of embedded resources (#1548)
9c7e282 fix: ensure opts are passed through to constructed query in stream
91c0707 chore: release version v3.4.35
dace2e4 fix: allow optional code interface args for fields with defaults
b491d00 chore(deps): bump igniter from 0.3.67 to 0.3.72 in the production-dependencie...
7898e54 docs: Mention require in Ash.Query (#1547)
Additional commits viewable in compare view

Updates ash_admin from 0.11.6 to 0.11.9

Changelog

Sourced from ash_admin's changelog.

v0.11.9 (2024-10-17)

Improvements:

make generic actions list properly configurable

v0.11.8 (2024-10-17)

Bug Fixes:

clean up remaining generic action necessities

v0.11.7 (2024-10-17)

Improvements:

support for generic actions

Commits

270b8b0 chore: release version v0.11.9
58c4e9c improvement: make generic actions list properly configurable
9193056 chore: release version v0.11.8
a8b244b fix: clean up remaining generic action necessities
eeed0c0 chore: don't show generic actions if there are none
797163c chore: typo
e87de09 chore: release version v0.11.7
f5bbe34 improvement: support for generic actions
8a054da chore(deps-dev): bump the dev-dependencies group with 2 updates (#215)
1f36093 chore(deps): bump the production-dependencies group with 2 updates (#214)
Additional commits viewable in compare view

Updates ash_graphql from 1.4.0 to 1.4.1

Changelog

Sourced from ash_graphql's changelog.

v1.4.1 (2024-10-21)

Bug Fixes:

honor argument_names configuration for read & generic actions

Improvements:

remove unused data in subscription batcher (#227)

Commits

8e9e83d chore: release version v1.4.1
4e3a4dd fix: honor argument_names configuration for read & generic actions
3201682 chore: Add invalid actions argument names to test resources (#230)
eaff29a chore(deps-dev): bump git_ops in the dev-dependencies group (#229)
faa9cb8 chore(deps): bump the production-dependencies group with 3 updates (#228)
a5b3d6b improvement: remove unused data in subscription batcher (#227)
d5aff24 chore(deps): bump the production-dependencies group with 3 updates (#225)
86b047b chore(deps-dev): bump git_ops in the dev-dependencies group (#226)
See full diff in compare view

Updates ash_json_api from 1.4.11 to 1.4.12

Changelog

Sourced from ash_json_api's changelog.

v1.4.12 (2024-10-21)

Bug Fixes:

hide private arguments in open api (#247)

Commits

51a63b3 chore: release version v1.4.12
7ab19fa chore: update .formatter
f330d44 chore: docs/formatting/build
76020ae fix: hide private arguments in open api (#247)
5a573cd chore(deps): bump the production-dependencies group with 3 updates (#245)
32969b8 chore(deps-dev): bump git_ops in the dev-dependencies group (#246)
See full diff in compare view

Updates ash_phoenix from 2.1.5 to 2.1.6

Changelog

Sourced from ash_phoenix's changelog.

v2.1.6 (2024-10-17)

Improvements:

allow phoenix_live_view rc

Commits

d324074 chore: release version v2.1.6
8bbe0fa improvement: allow phoenix_live_view rc
5c9eafb chore(deps-dev): bump git_ops in the dev-dependencies group (#252)
c2bfea2 chore(deps): bump ash in the production-dependencies group (#251)
See full diff in compare view

Updates ash_postgres from 2.4.9 to 2.4.11

Changelog

Sourced from ash_postgres's changelog.

v2.4.11 (2024-10-23)

Bug Fixes:

ensure repo_opts is passed through to repo.all/2

v2.4.10 (2024-10-23)

Security

Patch of GHSA-hf59-7rwq-785m Empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.

Bug Fixes:

when an atomic update is fully skipped, run the query if it could produce errors

run any query that could produce errors when performing atomic upgrade

race condition compiling migrations when concurrently creating new tenants (#406)

Commits

b49bc8f chore: release version v2.4.11
c7aa5f6 fix: ensure repo_opts is passed through to repo.all/2
fe62a09 chore: release version v2.4.10
0570dcc fix: when an atomic update is fully skipped, run the query if it could produc...
1228fcd fix: run any query that could produce errors when performing atomic upgrade
d6999d4 doc: Fix migration path for tenant migration (#409)
e3b4e04 docs: Fix links in documentation (#408)
a9f1a00 fix: race condition compiling migrations when concurrently creating new tenan...
c4cc329 chore(deps-dev): bump git_ops in the dev-dependencies group (#405)
9712959 chore(deps): bump the production-dependencies group with 2 updates (#404)
Additional commits viewable in compare view

Updates esbuild from 0.8.1 to 0.8.2

Changelog

Sourced from esbuild's changelog.

v0.8.2 (2024-10-18)

Fallback to ipv4/ipv6 for unreachable hosts

Commits

7153c6e Release v0.8.2
c7d7bb8 fallback to ipv4/ipv6 in the event of an unreachable host error (#74)
ac23b69 Allow version check to be skipped (#73)
2249260 Add support for riscv64 arch (#72)
See full diff in compare view

Updates floki from 0.36.2 to 0.36.3

Release notes

Sourced from floki's releases.

v0.36.3

This release contains some performance improvements, thanks to @ypconstante.

Fixed

Stop Floki.get_by_id/2 traversal on first match. Thanks @ypconstante.

Remove extra whitespaces from nodes without attributes on Floki.raw_html/1. Thank you @ypconstante.

Fix Floki.raw_html/1 typespecs. Thanks @davydog187.

Pull requests

chore: fix some typos by @tianzedavid in philss/floki#564

Bump ex_doc from 0.32.1 to 0.32.2 by @dependabot in philss/floki#566

Bump credo from 1.7.5 to 1.7.6 by @dependabot in philss/floki#565

Bump html5ever from 0.15.0 to 0.16.1 by @dependabot in philss/floki#567

Find without html tree for some pseudo classes by @ypconstante in philss/floki#568

Remove stack usage on Finder by @ypconstante in philss/floki#569

Remove extra whitespace on node without attributes by @ypconstante in philss/floki#571

Stop get_by_id traversal on first match by @ypconstante in philss/floki#572

Bump ex_doc from 0.32.2 to 0.33.0 by @dependabot in philss/floki#570

Bump ex_doc from 0.33.0 to 0.34.0 by @dependabot in philss/floki#573

Bump benchee from 1.3.0 to 1.3.1 by @dependabot in philss/floki#574

Bump credo from 1.7.6 to 1.7.7 by @dependabot in philss/floki#575

Add OTP 27 and Elixir 1.17 to the CI matrix by @philss in philss/floki#576

Bump ex_doc from 0.34.0 to 0.34.1 by @dependabot in philss/floki#577

Bump jason from 1.4.1 to 1.4.3 by @dependabot in philss/floki#579

Optimize traverse_and_update without accumulator by @ypconstante in philss/floki#584

Bump ex_doc from 0.34.1 to 0.34.2 by @dependabot in philss/floki#581

Bump jason from 1.4.3 to 1.4.4 by @dependabot in philss/floki#585

Bump earmark from 1.4.46 to 1.4.47 by @dependabot in philss/floki#582

Copy and paste the benchmark commands by @kianmeng in philss/floki#587

Ignore .cover folder by @kianmeng in philss/floki#586

Use accumulator on raw_html by @ypconstante in philss/floki#588

Optimize raw html padding for small depths by @ypconstante in philss/floki#589

Bump credo from 1.7.7 to 1.7.8 by @dependabot in philss/floki#590

Bump dialyxir from 1.4.3 to 1.4.4 by @dependabot in philss/floki#591

Fix raw_html/2 typespec by @davydog187 in philss/floki#593

New Contributors

@tianzedavid made their first contribution in philss/floki#564

Full Changelog: philss/floki@v0.36.2...v0.36.3

Changelog

Sourced from floki's changelog.

[0.36.3] - 2024-10-21

This release contains some performance improvements, thanks to @ypconstante.

Fixed

Stop Floki.get_by_id/2 traversal on first match. Thanks @ypconstante.

Remove extra whitespaces from nodes without attributes on Floki.raw_html/1. Thank you @ypconstante.

Fix Floki.raw_html/1 typespecs. Thanks @davydog187.

Commits

4032396 Release v0.36.3
9ce1d1b Revert "add Floki.css_escape/1 (#594)"
3c05014 add Floki.css_escape/1 (#594)
c91a2d2 Fix raw_html/2 typespec (#593)
4554b7c Bump dialyxir from 1.4.3 to 1.4.4 (#591)
bd8440d Bump credo from 1.7.7 to 1.7.8 (#590)
e7f0d9d Optimize raw html padding for small depths (#589)
28c9ed8 Use accumulator on raw_html (#588)
7e50f15 Ignore .cover folder (#586)
b38b862 Copy and paste the benchmark commands (#587)
Additional commits viewable in compare view

Updates postgrex from 0.19.1 to 0.19.2

Changelog

Sourced from postgrex's changelog.

v0.19.2 (2024-10-23)

Bug fixes

Protect against message length overflow vulnerability

Commits

6de403e Release v0.19.2
5078a2c Raise when message exceeds maximum size, closes #711
731a1ae Fix start_link typespec (#710)
a4b85e8 Update error codes (#708)
5924c18 Fix super type modifier handling (#705)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group with 9 updates: | Package | From | To | | --- | --- | --- | | [ash](https://github.com/ash-project/ash) | `3.4.32` | `3.4.36` | | [ash_admin](https://github.com/ash-project/ash_admin) | `0.11.6` | `0.11.9` | | [ash_graphql](https://github.com/ash-project/ash_graphql) | `1.4.0` | `1.4.1` | | [ash_json_api](https://github.com/ash-project/ash_json_api) | `1.4.11` | `1.4.12` | | [ash_phoenix](https://github.com/ash-project/ash_phoenix) | `2.1.5` | `2.1.6` | | [ash_postgres](https://github.com/ash-project/ash_postgres) | `2.4.9` | `2.4.11` | | [esbuild](https://github.com/phoenixframework/esbuild) | `0.8.1` | `0.8.2` | | [floki](https://github.com/philss/floki) | `0.36.2` | `0.36.3` | | [postgrex](https://github.com/elixir-ecto/postgrex) | `0.19.1` | `0.19.2` | Updates `ash` from 3.4.32 to 3.4.36 - [Changelog](https://github.com/ash-project/ash/blob/main/CHANGELOG.md) - [Commits](ash-project/ash@v3.4.32...v3.4.36) Updates `ash_admin` from 0.11.6 to 0.11.9 - [Changelog](https://github.com/ash-project/ash_admin/blob/main/CHANGELOG.md) - [Commits](ash-project/ash_admin@v0.11.6...v0.11.9) Updates `ash_graphql` from 1.4.0 to 1.4.1 - [Changelog](https://github.com/ash-project/ash_graphql/blob/main/CHANGELOG.md) - [Commits](ash-project/ash_graphql@v1.4.0...v1.4.1) Updates `ash_json_api` from 1.4.11 to 1.4.12 - [Changelog](https://github.com/ash-project/ash_json_api/blob/main/CHANGELOG.md) - [Commits](ash-project/ash_json_api@v1.4.11...v1.4.12) Updates `ash_phoenix` from 2.1.5 to 2.1.6 - [Changelog](https://github.com/ash-project/ash_phoenix/blob/main/CHANGELOG.md) - [Commits](ash-project/ash_phoenix@v2.1.5...v2.1.6) Updates `ash_postgres` from 2.4.9 to 2.4.11 - [Changelog](https://github.com/ash-project/ash_postgres/blob/main/CHANGELOG.md) - [Commits](ash-project/ash_postgres@v2.4.9...v2.4.11) Updates `esbuild` from 0.8.1 to 0.8.2 - [Changelog](https://github.com/phoenixframework/esbuild/blob/main/CHANGELOG.md) - [Commits](phoenixframework/esbuild@v0.8.1...v0.8.2) Updates `floki` from 0.36.2 to 0.36.3 - [Release notes](https://github.com/philss/floki/releases) - [Changelog](https://github.com/philss/floki/blob/main/CHANGELOG.md) - [Commits](philss/floki@v0.36.2...v0.36.3) Updates `postgrex` from 0.19.1 to 0.19.2 - [Release notes](https://github.com/elixir-ecto/postgrex/releases) - [Changelog](https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md) - [Commits](elixir-ecto/postgrex@v0.19.1...v0.19.2) --- updated-dependencies: - dependency-name: ash dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ash_admin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ash_graphql dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ash_json_api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ash_phoenix dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ash_postgres dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: esbuild dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: floki dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: postgrex dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 24, 2024

zachdaniel merged commit 505a61e into main Oct 24, 2024
2 of 4 checks passed

dependabot bot deleted the dependabot/hex/production-dependencies-f1ca6b81e3 branch October 24, 2024 12:50

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the production-dependencies group with 9 updates #253

chore(deps): bump the production-dependencies group with 9 updates #253

dependabot bot commented on behalf of github Oct 24, 2024

chore(deps): bump the production-dependencies group with 9 updates #253

chore(deps): bump the production-dependencies group with 9 updates #253

Conversation

dependabot bot commented on behalf of github Oct 24, 2024

v3.4.36 (2024-10-24)

Bug Fixes:

Improvements:

v3.4.35 (2024-10-22)

Bug Fixes:

v3.4.34 (2024-10-21)

Bug Fixes:

v3.4.33 (2024-10-18)

Bug Fixes:

v0.11.9 (2024-10-17)

Improvements:

v0.11.8 (2024-10-17)

Bug Fixes:

v0.11.7 (2024-10-17)

Improvements:

v1.4.1 (2024-10-21)

Bug Fixes:

Improvements:

v1.4.12 (2024-10-21)

Bug Fixes:

v2.1.6 (2024-10-17)

Improvements:

v2.4.11 (2024-10-23)

Bug Fixes:

v2.4.10 (2024-10-23)

Security

Bug Fixes:

v0.8.2 (2024-10-18)

v0.36.3

Fixed

Pull requests

New Contributors

[0.36.3] - 2024-10-21

Fixed

v0.19.2 (2024-10-23)