Update all minor versions (minor)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@jamietanna/renovate-graph	0.21.9 -> 0.24.0
@snyk/fix	1.1293.1 -> 1.1294.0
c2cciutils	1.6.23 -> 1.7.1
c2cwsgiutils	6.0.8 -> 6.1.3
prospector (source)	1.11.0 -> 1.13.2
prospector-profile-duplicated	1.5.0 -> 1.7.0
prospector-profile-utils	1.7.2 -> 1.11.1
pygithub	2.4.0 -> 2.5.0
sentry-sdk (changelog)	2.15.0 -> 2.18.0
snyk	1.1293.1 -> 1.1294.0
snyk-python-plugin	1.24.1 -> 1.26.2
types-setuptools (changelog)	75.1.0.20241014 -> 75.3.0.20241112

---

Release Notes

tanna.dev/renovate-graph (@​jamietanna/renovate-graph)

v0.24.0

Compare Source

v0.23.1

Compare Source

v0.23.0

Compare Source

v0.22.0

Compare Source

snyk/snyk (@​snyk/fix)

v1.1294.0

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

News

• CycloneDX 1.6 SBOM support This new version now supports generating CycloneDX 1.6 SBOMs using the snyk sbom command, providing you with more comprehensive and detailed information about your software components and their dependencies. Read more about the CycloneDX version announcement here.
• Improved CLI monitoring of large Cocoapods projects When doing a snyk monitor on very large Cocoapods applications, the CLI sometimes returned an Invalid String OOM error and the operation would fail. Although this error was rare, we have fixed it so large Cocoapods applications can now be monitored successfully.
• Fix for security issue The Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted (PHP|Gradle) project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk always recommends not scanning untrusted projects.

Features

• sbom: add CycloneDX 1.6 SBOM support (1330fc2)
• deployment: Deploy alpine arm64 binaries (9daace4)
• monitor: enable cocoapods to send graphs for cli monitor (ca56c69)
• iac: pass allow analytics flag to snyk-iac-test [IAC-3017] (b12d3ac)

Bug Fixes

• all: restore cert file if it was externally removed (ef1547f)
• auth: missing auth issue with oauth (57ae95c)
• iac: upgrade iac custom rules ext to address vulns [IAC-3065] (d6cc509)
• iac: upgrade snyk-iac-test to v0.55.1 [IAC-2940] (0dadc90)
• monitor: add normalize help for deriving target files [CLI-448] (82efb50)
• sbom: include CVE in JSON output of sbom test command (a543179)
• sbom: add missing option --gradle-normalize-deps to SBOM command (151f63d)
• test: default limit to max vulnerable paths per vuln, add override option --max-vulnerable-paths (302d7ac)
• test: do not show test deps for Dverbose mvn with dependencyManagement (67e0de9)
• test: fixed support for pnpm alias packages (d506de1)
• test: point snyk policy out urls to snyk.io (28509a3)
• test: scan non publishable projects on improved net (a6c0e67)
• test: scan nuget with PublishSingleFile turned on (2c74298)
• dependencies: update snyk-nodejs-plugin to fix micromatch vuln (baef934)
• dependencies: address security vulnerability in snyk-php-plugin CVE-2024-48963 (7798d13)
• dependencies: address security vulnerability in snyk-gradle-plugin CVE-2024-48964 (c614284)
• dependencies: upgrade go-getter to 1.7.5 (970de96)
• dependencies: upgrade iac extension and snyk-iac-test (9134c05)
• dependencies: upgrade slack/webhook to 7.0.3 (8ab4433)

camptocamp/c2cciutils (c2cciutils)

v1.7.1

Compare Source

1.7.1 (2024-11-04)

Fixed bugs

• #​2020 Publish: Fix for missing image (@​sbrunner)

Dependency update

• #​2005 Update CI dependencies (1.7) (patch) (@​renovate[bot])
• #​2007 Update dependency poetry to v1.8.4 (1.7) (@​renovate[bot])
• #​2006 Update all patch versions (1.7) (patch) (@​renovate[bot])

Chore

Changes that shouldn't affect the users like continuous integration updates

• #​2019 Audit Dpkg 1.7 (@​geo-ghci-int[bot])

v1.7.0

Compare Source

1.7.0 (2024-10-31)

New feature

• #​1939 Remove outdated_versions of default audit (@​sbrunner)
• 8320685 Revert "Update all minor versions" (@​sbrunner)
• a8f2d41 Revert "Update all minor versions" (@​sbrunner)
• #​1914 Use security.md (@​sbrunner)
• a158f01 Remove pip pinning (@​sbrunner)
• 0f69a3f Add correspondances for Debian (@​sbrunner)
• #​1936 Remove dpkg version updater (@​sbrunner)
• 861fffe Revert "Update Poetry" (@​sbrunner)
• #​1922 Add possibility to connect to PyPI using OIDC (@​sbrunner)
• #​1871 Display the version of Docker Compose version 2 (@​sbrunner)
• 5f0a85d Revert "Update Poetry" (@​sbrunner)
• 294428a Revert "Update Poetry" (@​sbrunner)
• #​1999 Remove audit, cleanup (@​sbrunner)
• 2666802 Add missing import (@​sbrunner)
• 89f1540 Revert "Update Poetry" (@​sbrunner)
• 353d278 Revert "Update Poetry" (@​sbrunner)
• #​1854 Use Docker Compose version 2 (@​sbrunner)
• 0dc1d8a Revert "Update Poetry" (@​sbrunner)

Fixed bugs

• #​1362 [Backport master] Add a tool to update the dpkg-versions (@​c2c-bot-gis-ci, @​sbrunner)
• #​1474 [Backport master] Keep all the image in the dpkg versions file (@​c2c-bot-gis-ci, @​sbrunner)
• #​1248 [Backport master] Ignore unsupported Ubuntu 18.04 (@​c2c-bot-gis-ci, @​sbrunner)
• #​1256 [Backport master] Fix latest tag (@​c2c-bot-gis-ci, @​sbrunner)
• #​1418 [Backport master] Don't override the sources list (@​c2c-bot-gis-ci, @​sbrunner)
• #​1875 Fix Docker Compose version (@​sbrunner)
• #​1452 [Backport master] Fix for feature branch name with capital (@​c2c-bot-gis-ci, @​sbrunner)
• #​1246 [Backport master] Fix tags for feature branch (@​c2c-bot-gis-ci, @​sbrunner)
• #​1725 [Backport master] Fix spelling (@​c2c-bot-gis-ci-2, @​sbrunner)
• #​1242 [Backport master] Simplify, better logs (@​c2c-bot-gis-ci, @​sbrunner)
• #​1264 [Backport master] Add some additional configuration to be able to tweak the package ins… (@​c2c-bot-gis-ci, @​sbrunner)
• #​1439 [Backport master] Never use the source package version (@​c2c-bot-gis-ci, @​sbrunner)
• #​1916 [Backport master] Print version only of pre-installed application and c2cciutils (@​c2c-bot-gis-ci-2, @​sbrunner)
• #​1325 [Backport master] Fix version creation (@​c2c-bot-gis-ci, @​sbrunner)
• #​1703 [Backport master] Add c2cciutils-security-md to check SECURITY.md files (@​c2c-bot-gis-ci-2, @​sbrunner)
• #​1234 [Backport master] Fix helm chart releaser download (@​c2c-bot-gis-ci, @​sbrunner)
• #​1392 Don't add a file for Ubuntu in Debian container (@​sbrunner)
• #​1232 [Backport master] Strip the alt tag name, simplify (@​c2c-bot-gis-ci, @​sbrunner)
• #​1443 [Backport master] Fix dump error with version like '1:3.1' (@​c2c-bot-gis-ci, @​sbrunner)
• #​1389 Fix pr creation (@​sbrunner)
• #​1355 [Backport master] Get only the table in the SECURITY.md (@​c2c-bot-gis-ci, @​sbrunner)
• #​1244 [Backport master] Install Snyk on demand to have a smaller package (@​c2c-bot-gis-ci, @​sbrunner)
• #​1814 [Backport master] Just requires that certifi is present (@​c2c-bot-gis-ci-2, @​sbrunner)
• #​1416 [Backport master] Get an error when a pull request is created (@​c2c-bot-gis-ci, @​sbrunner)
• #​1576 Print rate limit and fix it (@​sbrunner)
• #​1386 Fix the pushed branch name (@​sbrunner)
• #​1723 [Backport master] Publishing: Fix then the Security.md file didn't exists (@​c2c-bot-gis-ci-2, @​sbrunner)
• #​1610 [Backport master] Save the generated dpkg file (@​c2c-bot-gis-ci-2, @​sbrunner)
• #​1279 [Backport master] Fix publish if there is no SECURITY.md file (@​c2c-bot-gis-ci, @​sbrunner)
• #​1297 [Backport master] Fix branch name used in pull request creation on release creation (@​c2c-bot-gis-ci, @​sbrunner)

Documentation

• #​1657 Fix used function (@​sbrunner)
• #​1687 Move the publish documentation to the wiki (@​sbrunner)

Dependency update

• #​1897 Update CI dependencies (master) (patch) (@​renovate[bot])
• #​1959 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1595 Update all patch versions to v1.6.17 (master) (patch) (@​renovate[bot])
• #​1253 Update dependency ubuntu_22_04/linux to v5.15.0-84.93 (master) (@​renovate[bot])
• #​1674 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1349 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1956 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1437 Lock file maintenance (master) (@​renovate[bot])
• #​1719 Update dependency types-setuptools to v70 (master) (@​renovate[bot])
• #​1350 Update Poetry (master) (@​renovate[bot])
• #​1435 Update asdf-vm/actions action to v3 (master) (@​renovate[bot])
• #​1977 Update all minor versions to v1.11.0 (master) (minor) (@​renovate[bot])
• #​1806 Update all minor versions (master) (minor) (@​renovate[bot], @​sbrunner)
• #​1566 Update CI dependencies (master) (minor) (@​renovate[bot], @​sbrunner)
• #​1635 Update Poetry (master) (minor) (@​renovate[bot])
• #​1525 Update pre-commit hook psf/black to v24 (master) (@​renovate[bot])
• #​1330 Update dependency ubuntu_22_04/linux to v5.15.0-88.98 (master) (@​renovate[bot])
• #​1568 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1351 Update asdf-vm/actions action to v3 (master) (@​renovate[bot])
• #​1470 Lock file maintenance (master) (@​renovate[bot])
• #​1808 Lock file maintenance (master) (@​renovate[bot], @​sbrunner)
• #​1597 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1633 Update dependency poetry-plugin-export to v1.1.2 (master) (@​renovate[bot])
• #​1640 Lock file maintenance (master) (@​renovate[bot])
• #​1718 Update dependency codespell to v2.3.0 (master) (@​renovate[bot])
• #​1675 Update dependency ubuntu to v24 (master) (@​renovate[bot], @​sbrunner, @​geo-ghci-int[bot])
• #​1377 Update dpkg (master) (patch) (@​renovate[bot])
• #​1430 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1961 Update dependency ubuntu to v24 (master) (@​renovate[bot], @​sbrunner)
• #​1522 Update Poetry (master) (@​renovate[bot])
• #​1526 Lock file maintenance (master) (@​renovate[bot])
• #​1962 Lock file maintenance (master) (@​renovate[bot], @​sbrunner)
• #​1637 Update Helm release postgresql to v15 (master) (@​renovate[bot])
• #​1849 Update all minor versions (master) (minor) (@​renovate[bot], @​sbrunner)
• #​1978 Update dependency python to v3.12.7 (master) (@​renovate[bot])
• #​1315 Update dependency ubuntu_22_04/linux to v5.15.0-87.97 (master) (@​renovate[bot])
• #​1277 Lock file maintenance (master) (@​renovate[bot])
• #​1466 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1524 Update andstor/file-existence-action action to v3 (master) (@​renovate[bot])
• #​1847 Update all patch versions (master) (patch) (@​renovate[bot], @​sbrunner)
• #​1372 Update dependency ubuntu_22_04/python-pip to v22.0.2+dfsg-1ubuntu0.4 (master) (@​renovate[bot])
• #​1671 Update CI dependencies (master) (patch) (@​renovate[bot])
• #​1804 Update pre-commit hook python-jsonschema/check-jsonschema to v0.28.6 (master) (@​renovate[bot])
• #​1672 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1979 Update Helm release postgresql to v16 (master) (@​renovate[bot])
• #​1973 Update CI dependencies (master) (patch) (@​renovate[bot])
• #​1898 Update all patch versions (master) (patch) (@​renovate[bot], @​sbrunner)
• #​1432 Update actions/checkout action to v4 (master) (@​renovate[bot])
• #​1634 Update CI dependencies (master) (minor) (@​renovate[bot], @​geo-ghci-int[bot])
• #​1565 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1438 Lock file maintenance (master) (@​renovate[bot])
• #​1347 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1852 Lock file maintenance (master) (@​renovate[bot], @​sbrunner)
• #​1673 Update CI dependencies (master) (minor) (@​renovate[bot])
• #​1563 Update CI dependencies (master) (patch) (@​renovate[bot])
• #​1348 Update dependency codespell to v2.2.6 (master) (@​renovate[bot])
• #​1636 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1988 Update all minor versions (master) (minor) (@​renovate[bot], @​sbrunner)
• #​1960 Update dependency types-setuptools to v75 (master) (@​renovate[bot], @​sbrunner)
• #​1519 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1274 Update actions/checkout action to v4 (master) (@​renovate[bot])
• #​1955 Update CI dependencies (master) (patch) (@​renovate[bot])
• #​1638 Update pre-commit hook sbrunner/hooks to v1 (master) (@​renovate[bot])
• #​1571 Update dependency prospector-profile-duplicated to v1 (master) (@​renovate[bot])
• #​1848 Update CI dependencies (master) (minor) (@​renovate[bot])
• #​1467 Update Poetry (master) (@​renovate[bot])
• #​1429 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1720 Lock file maintenance (master) (@​renovate[bot])
• #​1271 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1807 Update dependency pipenv to v2024 (master) (@​renovate[bot])
• #​1239 Update dependency ubuntu_22_04/glibc to v2.35-0ubuntu3.3 (master) (@​renovate[bot])
• #​1434 Update andstor/file-existence-action action to v2 (master) (@​renovate[bot])
• #​1715 Update pre-commit hook python-jsonschema/check-jsonschema to v0.28.4 (master) (@​renovate[bot])
• #​1900 Update all minor versions (master) (minor) (@​renovate[bot], @​sbrunner)
• #​1285 Update dependency ubuntu_22_04/glibc to v2.35-0ubuntu3.4 (master) (@​renovate[bot])
• #​1433 Update actions/github-script action to v7 (master) (@​renovate[bot])
• #​1676 Lock file maintenance (master) (@​renovate[bot])
• #​1957 Update dependency poetry-plugin-tweak-dependencies-version to v1.2.1 (master) (@​renovate[bot])
• #​1273 Update Helm release postgresql to v13 (master) (@​renovate[bot])
• #​1465 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1714 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1958 Update CI dependencies (master) (minor) (@​renovate[bot], @​geo-ghci-int[bot])
• #​1520 Update CI dependencies (master) (@​renovate[bot], @​sbrunner, @​pre-commit-ci[bot])
• #​1976 Update CI dependencies (master) (minor) (@​renovate[bot])
• #​1805 Update CI dependencies (master) (minor) (@​renovate[bot], @​geo-ghci-int[bot])
• #​1367 Update dependency ubuntu_22_04/apt to v2.4.11 (master) (@​renovate[bot])
• #​1360 Update dependency ubuntu_22_04/krb5 to v1.19.2-2ubuntu0.3 (master) (@​renovate[bot])
• #​1632 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1518 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1523 Update actions/cache action to v4 (master) (@​renovate[bot])
• #​1803 Update all patch versions (master) (patch) (@​renovate[bot], @​sbrunner)
• #​1468 Update github/codeql-action action to v3 (master) (@​renovate[bot])
• #​1272 Update all minor versions (master) (minor) (@​renovate[bot], @​sbrunner)
• #​1639 Update pre-commit hook sbrunner/pre-commit-copyright to v1 (master) (@​renovate[bot])
• #​1521 Update Helm release postgresql to v14 (master) (@​renovate[bot])
• #​1975 Update pre-commit hook sbrunner/pre-commit-copyright to v1.1.1 (master) (@​renovate[bot])
• #​1987 Update CI dependencies (master) (minor) (@​renovate[bot])
• #​1025 Update Poetry (master) (@​renovate[bot])
• #​1569 Update Poetry (master) (major) (@​renovate[bot])
• #​1631 Update CI dependencies (master) (patch) (@​renovate[bot])
• #​1717 Update all minor versions (master) (minor) (@​renovate[bot])
• #​1290 Update dependency ubuntu_22_04/linux to v5.15.0-86.96 (master) (@​renovate[bot])
• #​1567 Update Poetry (master) (minor) (@​renovate[bot])
• #​1275 Update dependency multi-repo-automation to v1 (master) (@​renovate[bot])
• #​1382 Update dependency ubuntu_22_04/nghttp2 to v1.43.0-1ubuntu0.1 (master) (@​renovate[bot])
• #​1721 Lock file maintenance (master) (@​renovate[bot])
• #​1899 Update CI dependencies (master) (minor) (@​renovate[bot])
• #​1573 Lock file maintenance (master) (@​renovate[bot])
• #​1353 Update all patch versions (master) (patch) (@​renovate[bot])
• #​1570 Update dependency prospector-profile-duplicated to v1 (master) (@​renovate[bot])
• #​1851 Update pre-commit hook renovatebot/pre-commit-hooks to v38 (master) (@​renovate[bot])
• #​1436 Update dependency types-setuptools to v69 (master) (@​renovate[bot])
• #​1974 Update dependency python to v3.12.7 (master) (@​renovate[bot])
• #​1352 Lock file maintenance (master) (@​renovate[bot])
• #​1850 Update dependency types-setuptools to v71 (master) (@​renovate[bot], @​sbrunner)
• #​1431 Update Poetry (master) (@​renovate[bot])
• #​1572 Update dependency twine to v5 (master) (@​renovate[bot])
• #​1716 Update CI dependencies (master) (minor) (@​renovate[bot])
• #​1276 Update pre-commit hook sbrunner/jsonschema2md2 to v1 (master) (@​renovate[bot])

Chore

Changes that shouldn't affect the users like continuous integration updates

• #​1787 Use official Renovate configuration validator (@​sbrunner)
• #​1383 CI updates (@​sbrunner)
• #​1529 CI updates (@​sbrunner)
• 7ace783 Add missing branch name (@​sbrunner)
• #​1746 Fix GHCI configuration (Run audit) (@​sbrunner)
• aaeed18 Don't upgrade to Poetry 1.2.2 (@​sbrunner)
• #​1770 Update Poetry Renovate rules (@​sbrunner)
• #​1796 Remove the audit, replaced by ghci (@​sbrunner)
• #​1734 CI updates (@​sbrunner)
• #​1677 On branch 1.2 and 1.3 don't upgrade types-pyyaml (@​sbrunner)
• 716f1af Disable node-vm2 upgrade (@​sbrunner)
• #​1983 Fix Renovate rule for Poetry (@​sbrunner)
• #​1964 CI updates (@​sbrunner)
• #​1306 CI updates (@​sbrunner)
• #​1938 CI updates (@​sbrunner)
• #​1984 Fix Renovate rule for Poetry (@​sbrunner)
• #​1331 Use (upgradable) node version 20 (@​sbrunner)
• #​1905 Immediately update the version of the cryptography package (@​sbrunner)
• #​1385 CI updates (@​sbrunner)
• #​1504 CI updates (@​sbrunner)
• #​1906 Update all version of the cryptography package (@​sbrunner)
• #​1937 CI updates (@​sbrunner)
• #​1487 CI updates (@​sbrunner)
• #​1641 CI updates (@​sbrunner)
• #​1772 Update Poetry Renovate rules (@​sbrunner)
• fc6acb3 Fix self used version (@​sbrunner)
• #​1643 CI updates (@​sbrunner)
• #​1726 CI updates (@​sbrunner)
• dbb249f Fix don't upgrade to Poetry 1.2.2 (@​sbrunner)
• #​2001 Remove audit in CI config (@​sbrunner)
• d4be2a8 Disable upgrading the supported Python version for Renovate (@​sbrunner)
• #​1384 CI updates ([@&Add diff applyer #8

---

Configuration

📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.