Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the production-dependencies group across 1 directory with 10 updates #792

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the production-dependencies group across 1 directory with 10 updates #792

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 10, 2025
edited
Loading

Bumps the production-dependencies group with 8 updates in the / directory:

Package From To
ex_brotli 0.5.0 0.6.0
hackney 1.20.1 1.23.0
igniter 0.5.25 0.5.32
image 0.56.0 0.57.0
mdex 0.3.3 0.4.0
phoenix_live_view 1.0.4 1.0.5
solid 0.17.2 0.18.0
tailwind 0.2.4 0.3.1

Updates ex_brotli from 0.5.0 to 0.6.0

Commits
  • 4002385 Be specific about targets
  • 16336cc Bump deps
  • d056490 Merge pull request #8 from openhood/dirty-nif
  • 708d8f9 Add nif version 2.17 to release matrix
  • 40db78a Upgrade hex version to 0.6.0 and use the same for the rust NIF
  • 9bd5c5c Upgrade rustler to 0.30.1
  • 00845a8 Update erlang to 27.2.4 and elixir to 1.18.2 in .tool-versions
  • ca13bd5 Fix version typo in README.md
  • 8efcdfa Mark comptess and decompress rust function as schedule = "DirtyCpu" to ...
  • See full diff in compare view

Updates hackney from 1.20.1 to 1.23.0

Release notes

Sourced from hackney's releases.

1.23.0 - 2025-02-25

Changes:

fix: happy eyeball use correct timeout during connectino fix: don't wrap conection error improvement: eyeballonly spawn ipv6 worker when needed

Available on hex.pm https://hexdocs.pm/hackney/1.23.0/

1.22.0 - 2025-02-20

Changes

  • feature: prefer to connect using IPv6. happy eyeball strategy
  • improvement: fully support no_proxy environment variable
  • doc: migrated to ex_doc

1.21.0 - 2025-02-20

fix: remove SSL options incompatible with tls 1.3 fix: url parsing handle "/" path correctly fix: simplify integration test suite fix: handle chunked response in redirect responses fix: handle http & https proxies separately fix: skip junk lines in 1.xx response

** security fixes ***

fix URL parsing to prevent SSRF . (related to CVE-2025-1211) use latest SSL certificate bundle

Available on hex.pm : https://hex.pm/packages/hackney

Changelog

Sourced from hackney's changelog.

1.23.0 - 2025-02-25

  • fix: happy eyeball use correct timeout during connectino
  • fix: don't wrap conection error
  • improvement: eyeballonly spawn ipv6 worker when needed

1.22.0 - 2025-02-20

  • feature: prefer to connect using IPv6. happy eyeball strategy
  • improvement: fully support no_proxy environment variable
  • doc: migrated to ex_doc

1.21.0 - 2025-02-20

  • fix: remove SSL options incompatible with tls 1.3
  • fix: url parsing handle "/" path correctly
  • fix: simplify integration test suite
  • fix: handle chunked response in redirect responses
  • fix: handle http & https proxies separately
  • fix: skip junk lines in 1.xx response

** security fixes ***

  • fix URL parsing to prevent SSRF . (related to CVE-2025-1211)
  • use latest SSL certificate bundle
Commits

Updates igniter from 0.5.25 to 0.5.32

Changelog

Sourced from igniter's changelog.

v0.5.32 (2025-03-08)

Bug Fixes:

  • properly replace _ with - in task group names

v0.5.31 (2025-03-04)

v0.5.30 (2025-03-03)

Bug Fixes:

  • various fixes with cross project function renaming

  • ensure all paths are relative_to_cwd

Improvements:

  • mix igniter.refactor.rename_function short doc (#243)

  • add local.igniter task for easier upgrading

v0.5.29 (2025-02-25)

Bug Fixes:

  • remove erroneous diff displaying code

v0.5.28 (2025-02-24)

Improvements:

  • add phx_test_project for testing(#239)

v0.5.27 (2025-02-20)

... (truncated)

Commits
  • 80df1fd chore: release version v0.5.32
  • f9b8855 fix: properly replace _ with - in task group names
  • 3b73baa chore: bump installer version
  • 809aeef chore: add loading spinner to installer
  • a4c2ae2 build(deps-dev): bump the dev-dependencies group with 2 updates (#246)
  • 536e4c6 chore: release version v0.5.31
  • 092fb39 test: fix tests for upgrader
  • 5c86acb chore: only include files in the current project when updating modules
  • 6649c01 chore: fix example in task generator
  • c32e6d6 chore: fix arity option
  • Additional commits viewable in compare view

Updates image from 0.56.0 to 0.57.0

Release notes

Sourced from image's releases.

Image version 0.57.0

Bug Fixes

  • Fixes Image.from_kino!/2 to accept format: :png images.

Enhancements

Image version 0.56.1

Enhancements

  • Support :png image types in Image.from_kino/2. Although the option is called :png in Kino, it actually allows any image format as long as it can be opened with Image.open/2.

  • [Added in version 0.56.0] Adds Image.find_trim/2 and Image.find_trim!/2 to return the bounding box of the non-background area of an image.

Changelog

Sourced from image's changelog.

Image 0.57.0

This is the changelog for Image version 0.56.1 released on March 11th, 2025. For older changelogs please consult the release tag on GitHub

Bug Fixes

  • Fixes Image.from_kino!/2 to accept format: :png images.

Enhancements

Image 0.56.1

This is the changelog for Image version 0.56.1 released on March 11th, 2025. For older changelogs please consult the release tag on GitHub

Enhancements

  • Support :png image types in Image.from_kino/2. Although the option is called :png in Kino, it actually allows any image format as long as it can be opened with Image.open/2.
Commits

Updates mdex from 0.3.3 to 0.4.0

Release notes

Sourced from mdex's releases.

v0.4.0

bf60c4a4c111b533c652445788fc0bf0f421f9c8f1d403553aa81ad960194d87  comrak_nif-v0.4.0-nif-2.15-x86_64-pc-windows-gnu--legacy_cpu.dll.tar.gz
f2ba142789bbd60bb1f4e612eee759c3556fff7e390c211e720becba6f3659b7  comrak_nif-v0.4.0-nif-2.15-x86_64-pc-windows-gnu.dll.tar.gz
c0ababb233794dbf7b2d4db74c8b0ab928028b775df0a75a718b3833f8eba2e3  comrak_nif-v0.4.0-nif-2.15-x86_64-pc-windows-msvc--legacy_cpu.dll.tar.gz
a3f1b8fee4f1d5b294ebe1568bcce4aec66953cba3c16d1700149590f4fce721  comrak_nif-v0.4.0-nif-2.15-x86_64-pc-windows-msvc.dll.tar.gz
c174ada6ed4362cf7f92f7d71b317f8155b03148d1027d8c83158df078df415e  libcomrak_nif-v0.4.0-nif-2.15-aarch64-apple-darwin.so.tar.gz
5e4856333c6e74bf4794fc39eb67a7c941176ea47ee00e0280bb53c28abcd2f0  libcomrak_nif-v0.4.0-nif-2.15-aarch64-unknown-linux-gnu.so.tar.gz
2acdb750c8219e02f09c4ab69942eaf4bc02e060cdce8eec4ccdb1de921a799c  libcomrak_nif-v0.4.0-nif-2.15-aarch64-unknown-linux-musl.so.tar.gz
cadacab60229d527d11d4ee4dcd7178071be05ce30293b68e1903f8330d38268  libcomrak_nif-v0.4.0-nif-2.15-x86_64-apple-darwin.so.tar.gz
ecdac107969b922b9e8c435aa33e417e9adcf9d0f27a09a43717d44a60b7af62  libcomrak_nif-v0.4.0-nif-2.15-x86_64-unknown-freebsd--legacy_cpu.so.tar.gz
77f9f9c94d7c9eff38bd078d9ae1113af51f8808e7717a89b6584c2356455e8d  libcomrak_nif-v0.4.0-nif-2.15-x86_64-unknown-freebsd.so.tar.gz
367a88d51f5c80407b48c861c32b172a39626003754545473f554f12391fa828  libcomrak_nif-v0.4.0-nif-2.15-x86_64-unknown-linux-gnu--legacy_cpu.so.tar.gz
5d996d242e41673cc29ce5cf28911b0284d8cc7b5b8ae4d90a0eecd4d4c6b94a  libcomrak_nif-v0.4.0-nif-2.15-x86_64-unknown-linux-gnu.so.tar.gz
3bbc8380c2b988e49e9d1fcba6badbc093eb85cbd7f52fcd784b133fbe311c44  libcomrak_nif-v0.4.0-nif-2.15-x86_64-unknown-linux-musl.so.tar.gz
Changelog

Sourced from mdex's changelog.

0.4.0 (2025-03-10)

Enhancements

  • Added support for GitHub and GitLab alerts.
  • Process alerts by default in Sigils.
  • Added :experimental_minimize_commonmark render option.

Docs

Chores

  • Add sample Dockerfile for debugging
Commits

Updates phoenix from 1.7.19 to 1.7.20

Changelog

Sourced from phoenix's changelog.

1.7.20 (2025-02-20)

Enhancements

  • Add [:phoenix, :socket_drain] telemetry event to track socket draining and use it for logging
  • Address Elixir 1.18 warnings in phx.new
  • Add PHX_NEW_CACHE_DIR env var for cached phx.new builds

Bug fixes

  • Fix code reloader error when mix.lock is touched without its content changing
Commits
  • 072fcef Release 1.7.20
  • 24ed7c8 Backport PHX_NEW_CACHE_DIR
  • 3ca973b use makeup_syntect instead of makeup_lexers
  • 477d2e9 set PHX_CI for integration tests
  • 2400164 update changelog
  • a31aa15 phx.new - Fix deprecation warning when using Elixir ~> 1.18 (#5940)
  • 668a973 fix unused clause warning in installer on Elixir 1.18 (#6088)
  • 315eeff revert code reloader changed file detection (#6085)
  • d9ef909 update changelog
  • 83f2f03 add [:phoenix, :socket_drain] telemetry event (#6070)
  • Additional commits viewable in compare view

Updates phoenix_html from 4.2.0 to 4.2.1

Changelog

Sourced from phoenix_html's changelog.

4.2.1 (2025-02-21)

  • Enhancements
    • Add type to Phoenix.HTML.FormField
    • Allow keyword lists in options to use nil as key/value
Commits

Updates phoenix_live_view from 1.0.4 to 1.0.5

Changelog

Sourced from phoenix_live_view's changelog.

1.0.5 (2025-02-27)

Bug fixes

  • Fix JS.exec failing when a selector is passed (#3678)
  • Fix race conditions when testing a live upload that redirects in the progress callback (#3676)
  • Fix streams in sticky LiveView being reset under some circumstances when another LiveView also contains a stream (#3681)
  • Fix recursively locked elements not being correctly patched on unlock (#3684)
  • Fix JS.show/hide/toggle behavior while also fixing JS.focus() on Mobile Safari (#3692)

Enhancements

  • Detect infinite patch redirect loops and raise an error (#3670)
Commits

Updates solid from 0.17.2 to 0.18.0

Release notes

Sourced from solid's releases.

Solid v0.18.0

What's Changed

New Contributors

Full Changelog: edgurgel/solid@v0.17.2...v0.18.0

Commits

Updates tailwind from 0.2.4 to 0.3.1

Changelog

Sourced from tailwind's changelog.

v0.3.1 (2025-02-28)

  • Support correct target for Linux MUSL with Tailwind v3.

v0.3.0 (2025-02-26)

  • Support Tailwind v4+. This release assumes Tailwind v4 for new projects.

Note: v0.3.0 dropped target code for handling Linux MUSL with Tailwind v3. Use v0.3.1+ instead.

Commits
  • dec852e release v0.3.1
  • 2bc2fdf Merge pull request #115 from phoenixframework/sd-musl-target-v3v4
  • c0006e2 Support Linux MUSL v3 and v4
  • 08629c8 release v0.3.0
  • 8b3247d Merge branch 'next'
  • 7e1f93b use Tailwind 4.0.9 as latest
  • 44ac901 don't mention 0.3 or Tailwind v4 in README yet
  • 8ad425c Pass url as a string into fetch_body! as URI.parse would not succeed with a c...
  • 6f45cae Merge pull request #97 from arcanemachine/main
  • 2278885 Merge pull request #110 from phoenixframework/sd-tailwind3to4
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file elixir Pull requests that update Elixir code labels Mar 10, 2025
@dependabot dependabot bot force-pushed the dependabot/hex/production-dependencies-317ca5653c branch 2 times, most recently from 2b72c2f to 83e8bb5 Compare March 11, 2025 14:45
@dependabot
chore(deps): bump the production-dependencies group across 1 director…
3f07b37 
…y with 10 updates

Bumps the production-dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [ex_brotli](https://github.com/mfeckie/ex_brotli) | `0.5.0` | `0.6.0` |
| [hackney](https://github.com/benoitc/hackney) | `1.20.1` | `1.23.0` |
| [igniter](https://github.com/ash-project/igniter) | `0.5.25` | `0.5.32` |
| [image](https://github.com/kipcole9/image) | `0.56.0` | `0.57.0` |
| [mdex](https://github.com/leandrocp/mdex) | `0.3.3` | `0.4.0` |
| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.0.4` | `1.0.5` |
| [solid](https://github.com/edgurgel/solid) | `0.17.2` | `0.18.0` |
| [tailwind](https://github.com/phoenixframework/tailwind) | `0.2.4` | `0.3.1` |



Updates `ex_brotli` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/mfeckie/ex_brotli/releases)
- [Commits](mfeckie/ex_brotli@0.5.0...0.6.0)

Updates `hackney` from 1.20.1 to 1.23.0
- [Release notes](https://github.com/benoitc/hackney/releases)
- [Changelog](https://github.com/benoitc/hackney/blob/master/NEWS.md)
- [Commits](benoitc/hackney@1.20.1...1.23.0)

Updates `igniter` from 0.5.25 to 0.5.32
- [Changelog](https://github.com/ash-project/igniter/blob/main/CHANGELOG.md)
- [Commits](ash-project/igniter@v0.5.25...v0.5.32)

Updates `image` from 0.56.0 to 0.57.0
- [Release notes](https://github.com/kipcole9/image/releases)
- [Changelog](https://github.com/elixir-image/image/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kipcole9/image/commits/v0.57.0)

Updates `mdex` from 0.3.3 to 0.4.0
- [Release notes](https://github.com/leandrocp/mdex/releases)
- [Changelog](https://github.com/leandrocp/mdex/blob/main/CHANGELOG.md)
- [Commits](leandrocp/mdex@v0.3.3...v0.4.0)

Updates `phoenix` from 1.7.19 to 1.7.20
- [Release notes](https://github.com/phoenixframework/phoenix/releases)
- [Changelog](https://github.com/phoenixframework/phoenix/blob/v1.7.20/CHANGELOG.md)
- [Commits](phoenixframework/phoenix@v1.7.19...v1.7.20)

Updates `phoenix_html` from 4.2.0 to 4.2.1
- [Changelog](https://github.com/phoenixframework/phoenix_html/blob/main/CHANGELOG.md)
- [Commits](phoenixframework/phoenix_html@v4.2.0...v4.2.1)

Updates `phoenix_live_view` from 1.0.4 to 1.0.5
- [Changelog](https://github.com/phoenixframework/phoenix_live_view/blob/v1.0.5/CHANGELOG.md)
- [Commits](phoenixframework/phoenix_live_view@v1.0.4...v1.0.5)

Updates `solid` from 0.17.2 to 0.18.0
- [Release notes](https://github.com/edgurgel/solid/releases)
- [Commits](edgurgel/solid@v0.17.2...v0.18.0)

Updates `tailwind` from 0.2.4 to 0.3.1
- [Changelog](https://github.com/phoenixframework/tailwind/blob/main/CHANGELOG.md)
- [Commits](phoenixframework/tailwind@v0.2.4...v0.3.1)

---
updated-dependencies:
- dependency-name: ex_brotli
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: hackney
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: igniter
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: image
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: mdex
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: phoenix
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: phoenix_html
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: phoenix_live_view
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: solid
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: tailwind
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/hex/production-dependencies-317ca5653c branch from 83e8bb5 to 3f07b37 Compare March 11, 2025 14:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file elixir Pull requests that update Elixir code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants