Skip to content
This repository was archived by the owner on Mar 6, 2024. It is now read-only.

Bump @octokit/plugin-retry from 4.1.3 to 6.0.0 #359

Closed
wants to merge 1 commit into from
Closed

Bump @octokit/plugin-retry from 4.1.3 to 6.0.0 #359

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 14, 2023
edited by github-actions bot
Loading

Bumps @octokit/plugin-retry from 4.1.3 to 6.0.0.

Release notes

Sourced from @​octokit/plugin-retry's releases.

v6.0.0

6.0.0 (2023-07-10)

chore

  • deps: update octokit monorepo (major) (#450) (3d7258f)

BREAKING CHANGES

  • deps: require @octokit/core > 5
  • deps: bump @octokit/types to v11

v5.0.5

5.0.5 (2023-07-03)

Bug Fixes

  • do not retry status code 451 by default (#447) (7ae9006)

v5.0.4

5.0.4 (2023-06-16)

Bug Fixes

  • deps: update dependency @​octokit/types to v10 (#443) (8671f97)

v5.0.3

5.0.3 (2023-06-13)

Bug Fixes

  • deps: add @octokit/request-error as a runtime dependency (#440) (0396e2d), closes #436

v5.0.2

5.0.2 (2023-06-07)

Bug Fixes

v5.0.1

5.0.1 (2023-06-05)

... (truncated)

Commits
  • 3d7258f chore(deps): update octokit monorepo (major) (#450)
  • fcdd721 chore(deps): update dependency prettier to v3 (#449)
  • 7ae9006 fix: do not retry status code 451 by default (#447)
  • 5cda721 build(deps): lock file maintenance
  • 3305496 build(deps): lock file maintenance
  • 8671f97 fix(deps): update dependency @​octokit/types to v10 (#443)
  • e328ccc docs: replace references to Skypack CDN with esm.sh (#444)
  • 0396e2d fix(deps): add @octokit/request-error as a runtime dependency (#440)
  • 5c06bd5 build(deps): lock file maintenance
  • 1b61602 chore(deps): update dependency esbuild to ^0.18.0 (#441)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
### Summary by OpenAI

Refactor:

  • Organized imports into standard library, third-party, and local application sections in app.py.
  • Moved configuration values to a new config.py file.
  • Extracted database initialization logic to a separate db_init.py script.

New Feature:

  • Implemented unique constraints on username and email fields in the User model.
  • Added password hashing for user authentication.
  • Introduced pagination for the /users endpoint.

Bug fix:

  • Improved error handling with specific messages and HTTP status codes.
  • Ensured consistent response structure across all API endpoints.

Security:

  • Enhanced security with input validation on request data.

🎉 Here's to the code that's now neat and spry,
Security tightened, no loophole to spy.
With unique checks and hashes, we comply,
And to bugs and errors, we wave goodbye!
Pagination added, no more data to fry,
In this PR's glory, we bask, oh my! 🎉

@dependabot
Bump @octokit/plugin-retry from 4.1.3 to 6.0.0
d1b4bb8 
Bumps [@octokit/plugin-retry](https://github.com/octokit/plugin-retry.js) from 4.1.3 to 6.0.0.
- [Release notes](https://github.com/octokit/plugin-retry.js/releases)
- [Commits](octokit/plugin-retry.js@v4.1.3...v6.0.0)

---
updated-dependencies:
- dependency-name: "@octokit/plugin-retry"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 14, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Jul 14, 2023

🤖 OpenAI

The proposed changes aim to enhance the security, maintainability, and performance of a Python Flask application. They include reorganizing code into separate modules, improving error handling, implementing secure password hashing and authentication mechanisms, adding input validation, and introducing database optimizations.

Files Summary
app.py Reorganized imports, moved configuration values and database initialization logic to separate files, improved error handling, added unique constraints on username and email, implemented secure password hashing and authentication, introduced pagination for /users endpoint, added input validation, and made response structure consistent across all API endpoints.
models.py Added unique constraints on username and email fields in User model.
config.py (new) New file to store configuration values such as the database URI and secret key.
db_init.py (new) New file to handle database initialization logic.

Chat with 🤖 OpenAI Bot (@openai)

  • Reply on review comments left by this bot to ask follow-up questions. A review comment is a comment on a diff or a file.
  • Invite the bot into a review comment chain by tagging @openai in a reply.

Code suggestions

  • The bot may make code suggestions, but please review them carefully before committing since the line number ranges may be misaligned.
  • You can edit the comment made by the bot and manually tweak the suggestion if it is slightly off.

Ignoring further reviews

  • Type @openai: ignore anywhere in the PR description to ignore further reviews from the bot.
Files not summarized due to errors (1)

Failed to summarize

  • package-lock.json (diff tokens exceeds limit)

In the recent run, only the files that changed from the base of the PR and between bc5ee5a3faa74dcf049453ebf61454c669bc0e4a and d1b4bb88718a967732e1f642bdb0f74b72382348 commits were reviewed.

github-actions[bot]
github-actions bot reviewed Jul 14, 2023
View reviewed changes
package-lock.json
Comment on lines 1999 to +2015
}
},
"node_modules/@octokit/plugin-retry": {
"version": "4.1.3",
"resolved": "https://registry.npmjs.org/@octokit/plugin-retry/-/plugin-retry-4.1.3.tgz",
"integrity": "sha512-3YKBj7d0J/4mpEc4xzMociWsMNl5lZqrpAnYcW6mqiSGF3wFjU+c6GHih6GLClk31JNvKDr0x9jc5cfm7evkZg==",
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/@octokit/plugin-retry/-/plugin-retry-6.0.0.tgz",
"integrity": "sha512-a1/A4A+PB1QoAHQfLJxGHhLfSAT03bR1jJz3GgQJZvty2ozawFWs93MiBQXO7SL2YbO7CIq0Goj4qLOBj8JeMQ==",
"dependencies": {
"@octokit/types": "^9.0.0",
"@octokit/request-error": "^5.0.0",
"@octokit/types": "^11.0.0",
"bottleneck": "^2.15.3"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
},
"peerDependencies": {
"@octokit/core": ">=3"
"@octokit/core": ">=5"
}
Copy link
Contributor

@github-actions github-actions bot Jul 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 OpenAI

The updated version of @octokit/plugin-retry requires Node.js version 18 or higher and @octokit/core version 5 or higher. Please ensure that your project meets these requirements before merging this PR to avoid compatibility issues.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 25, 2023

Superseded by #467.

@dependabot dependabot bot closed this Sep 25, 2023
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/octokit/plugin-retry-6.0.0 branch September 25, 2023 02:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@github-actions github-actions[bot] github-actions[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant