Bump OpenTelemetry and npm dependencies to latest versions#3
Open
AngeloDotNet wants to merge 41 commits intoUGIdotNET:mainfrom
Open
Bump OpenTelemetry and npm dependencies to latest versions#3AngeloDotNet wants to merge 41 commits intoUGIdotNET:mainfrom
AngeloDotNet wants to merge 41 commits intoUGIdotNET:mainfrom
Conversation
Bumps [OpenTelemetry.Instrumentation.Http](https://github.com/open-telemetry/opentelemetry-dotnet) from 1.6.0-beta.2 to 1.8.1. - [Release notes](https://github.com/open-telemetry/opentelemetry-dotnet/releases) - [Commits](open-telemetry/opentelemetry-dotnet@1.6.0-beta.2...Instrumentation.Http-1.8.1) --- updated-dependencies: - dependency-name: OpenTelemetry.Instrumentation.Http dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [OpenTelemetry.Instrumentation.AspNetCore](https://github.com/open-telemetry/opentelemetry-dotnet) from 1.6.0-beta.2 to 1.8.1. - [Release notes](https://github.com/open-telemetry/opentelemetry-dotnet/releases) - [Commits](open-telemetry/opentelemetry-dotnet@1.6.0-beta.2...Instrumentation.Http-1.8.1) --- updated-dependencies: - dependency-name: OpenTelemetry.Instrumentation.AspNetCore dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…ikeTime.AspireStarter/UGIdotNET.SpikeTime.AspireStarter.ServiceDefaults/OpenTelemetry.Instrumentation.AspNetCore-1.8.1 Bump OpenTelemetry.Instrumentation.AspNetCore from 1.6.0-beta.2 to 1.8.1 in /UGIdotNET.SpikeTime.AspireStarter/UGIdotNET.SpikeTime.AspireStarter.ServiceDefaults
…ikeTime.AspireStarter/UGIdotNET.SpikeTime.AspireStarter.ServiceDefaults/OpenTelemetry.Instrumentation.Http-1.8.1 Bump OpenTelemetry.Instrumentation.Http from 1.6.0-beta.2 to 1.8.1 in /UGIdotNET.SpikeTime.AspireStarter/UGIdotNET.SpikeTime.AspireStarter.ServiceDefaults
Bumps the npm_and_yarn group with 3 updates in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers), [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) and [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware). Updates `@babel/helpers` from 7.26.9 to 7.27.4 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.4/packages/babel-helpers) Updates `@babel/runtime` from 7.26.9 to 7.27.4 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.4/packages/babel-runtime) Updates `http-proxy-middleware` from 2.0.7 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.7...v2.0.9) --- updated-dependencies: - dependency-name: "@babel/helpers" dependency-version: 7.27.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-version: 7.27.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…to version 1.21.2
…tensions.Hosting is included
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-3e7137dbeb Bump the npm_and_yarn group across 1 directory with 3 updates
Bumps the npm_and_yarn group with 2 updates in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [on-headers](https://github.com/jshttp/on-headers) and [compression](https://github.com/expressjs/compression). Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.2...v1.1.0) Updates `compression` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/expressjs/compression/releases) - [Changelog](https://github.com/expressjs/compression/blob/master/HISTORY.md) - [Commits](expressjs/compression@1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: compression dependency-version: 1.8.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-96c788614a Bump the npm_and_yarn group across 1 directory with 2 updates
Bumps the npm_and_yarn group with 1 update in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [form-data](https://github.com/form-data/form-data). Updates `form-data` from 3.0.3 to 3.0.4 - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/v3.0.4/CHANGELOG.md) - [Commits](form-data/form-data@v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: form-data dependency-version: 3.0.4 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-7d065cd83c Bump form-data from 3.0.3 to 3.0.4 in /UGIdotNET.SpikeTime.Aspire9/aspire-react in the npm_and_yarn group across 1 directory
Bumps the npm_and_yarn group with 1 update in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [brace-expansion](https://github.com/juliangruber/brace-expansion). Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `brace-expansion` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 2.0.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-c22e25d29b Bump the npm_and_yarn group across 1 directory with 1 update
Bumps the npm_and_yarn group with 1 update in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [js-yaml](https://github.com/nodeca/js-yaml). Updates `js-yaml` from 3.14.1 to 3.14.2 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.14.1...3.14.2) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-4265e88a4c Bump js-yaml from 3.14.1 to 3.14.2 in /UGIdotNET.SpikeTime.Aspire9/aspire-react in the npm_and_yarn group across 1 directory
Bumps the npm_and_yarn group with 1 update in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-c0657a3c3e Bump node-forge from 1.3.1 to 1.3.2 in /UGIdotNET.SpikeTime.Aspire9/aspire-react in the npm_and_yarn group across 1 directory
Bumps the npm_and_yarn group with 1 update in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.13.0 to 6.14.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.1) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-2b901f0e0d Bump qs from 6.13.0 to 6.14.1 in /UGIdotNET.SpikeTime.Aspire9/aspire-react in the npm_and_yarn group across 1 directory
Bumps OpenTelemetry.Exporter.OpenTelemetryProtocol to 1.15.3 --- updated-dependencies: - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
Copilot wasn't able to review any files in this pull request.
Files not reviewed (1)
- UGIdotNET.SpikeTime.Aspire9/aspire-react/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Bumps the npm_and_yarn group with 13 updates in the /UGIdotNET.SpikeTime.Aspire9/aspire-react directory: | Package | From | To | | --- | --- | --- | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.14` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.1.0` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` | | [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` | | [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.9` | `1.16.0` | | [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` | | [node-forge](https://github.com/digitalbazaar/forge) | `1.3.2` | `1.4.0` | | [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` | | [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` | | [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` | | [yaml](https://github.com/eemeli/yaml) | `2.7.0` | `2.8.3` | | [rollup](https://github.com/rollup/rollup) | `2.79.2` | `2.80.0` | | [webpack](https://github.com/webpack/webpack) | `5.98.0` | `5.106.2` | Updates `ajv` from 6.12.6 to 6.15.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.15.0) Updates `brace-expansion` from 1.1.12 to 1.1.14 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v1.1.12...v1.1.14) Updates `brace-expansion` from 2.0.2 to 2.1.0 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v1.1.12...v1.1.14) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `minimatch` from 5.1.6 to 5.1.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `flatted` from 3.3.3 to 3.4.2 - [Commits](WebReflection/flatted@v3.3.3...v3.4.2) Updates `follow-redirects` from 1.15.9 to 1.16.0 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.9...v1.16.0) Updates `jsonpath` from 1.1.1 to 1.3.0 - [Commits](https://github.com/dchester/jsonpath/commits) Updates `lodash` from 4.17.21 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.18.1) Updates `node-forge` from 1.3.2 to 1.4.0 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.2...v1.4.0) Updates `path-to-regexp` from 0.1.12 to 0.1.13 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.12...v.0.1.13) Updates `picomatch` from 2.3.1 to 2.3.2 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](micromatch/picomatch@2.3.1...2.3.2) Updates `yaml` from 1.10.2 to 1.10.3 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v1.10.2...v1.10.3) Updates `yaml` from 2.7.0 to 2.8.3 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v1.10.2...v1.10.3) Updates `rollup` from 2.79.2 to 2.80.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.2...v2.80.0) Updates `underscore` from 1.12.1 to 1.13.6 - [Commits](jashkenas/underscore@1.12.1...1.13.6) Updates `webpack` from 5.98.0 to 5.106.2 - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.98.0...v5.106.2) --- updated-dependencies: - dependency-name: ajv dependency-version: 6.15.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 1.1.14 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 2.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 5.1.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-version: 1.16.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsonpath dependency-version: 1.3.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-version: 1.4.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yaml dependency-version: 1.10.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yaml dependency-version: 2.8.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 2.80.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: underscore dependency-version: 1.13.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-version: 5.106.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…otNET.SpikeTime.Aspire9/aspire-react/npm_and_yarn-e9bec58c25 Bump the npm_and_yarn group across 1 directory with 14 updates
…pikeTime.Aspire9/UGIdotNET.SpikeTime.Aspire9.ServiceDefaults/nuget-bc6ce513d6 Bump the nuget group with 1 update
Bumps OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.14.0 to 1.15.3 --- updated-dependencies: - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.15.3 dependency-type: direct:production dependency-group: nuget ... Signed-off-by: dependabot[bot] <support@github.com>
…pikeTime.Maf/UGIdotNET.SpikeTime.Maf.ServiceDefaults/nuget-7367bff9ae Bump the nuget group with 1 update
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request updates the
package-lock.jsonfor theaspire-reactproject. The main changes include marking many dependencies as peer dependencies, as well as updating the versions of several packages to their latest patch or minor releases. These updates help ensure better compatibility and security for the project.The most important changes are:
Dependency updates:
Updated several dependencies to newer versions, including
express(4.21.2 → 4.22.1),js-yaml(multiple updates to 3.14.2 and 4.1.1),brace-expansion(1.1.11 → 1.1.12 and 2.0.1 → 2.0.2), andnode-forge(1.3.1 → 1.3.2), among others. These updates may include bug fixes and security improvements. [1] [2] [3] [4] [5] [6] [7] [8]Added a new sub-dependency
node_modules/express/node_modules/qsat version 6.14.1 to support the updatedexpresspackage.Peer dependency flags:
"peer": true, including packages such as@babel/core,@babel/plugin-syntax-flow,@babel/plugin-transform-react-jsx,@testing-library/dom,@typescript-eslint/eslint-plugin,@typescript-eslint/parser,acorn,ajv,jest,postcss-selector-parser,react,react-dom,react-refresh,rollup,type-fest,webpack, and more. This change helps npm/yarn correctly resolve and warn about peer dependency requirements, improving package management and avoiding version conflicts. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19]Dependency version range adjustments:
"body-parser": "1.20.3"→"body-parser": "~1.20.3") for severalexpressdependencies, allowing for automatic patch updates.These changes should improve the maintainability and reliability of the project's dependency management.