Skip to content

chore(deps): lock file maintenance#468

Merged
renovate[bot] merged 1 commit into
mainfrom
renovate/lock-file-maintenance
May 25, 2026
Merged

chore(deps): lock file maintenance#468
renovate[bot] merged 1 commit into
mainfrom
renovate/lock-file-maintenance

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 25, 2026

This PR contains the following updates:

Update Change
lockFileMaintenance All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "before 4am on monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added dependencies Pull requests that update a dependency file javascript python Pull requests that update Python code labels May 25, 2026
@renovate renovate Bot enabled auto-merge (squash) May 25, 2026 00:59
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 25, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

uv.lock

PackageVersionLicenseIssue Type
aiohappyeyeballs2.6.2NullUnknown License
idna3.16NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
pip/aiohappyeyeballs 2.6.2 UnknownUnknown
pip/idna 3.16 UnknownUnknown
pip/yarl 1.24.2 🟢 7.1
Details
CheckScoreReason
Code-Review🟢 6Found 12/18 approved changesets -- score normalized to 6
Maintained🟢 1030 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Security-Policy🟢 10security policy file detected
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.

Scanned Files

  • uv.lock

1 similar comment
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 25, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

uv.lock

PackageVersionLicenseIssue Type
aiohappyeyeballs2.6.2NullUnknown License
idna3.16NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
pip/aiohappyeyeballs 2.6.2 UnknownUnknown
pip/idna 3.16 UnknownUnknown
pip/yarl 1.24.2 🟢 7.1
Details
CheckScoreReason
Code-Review🟢 6Found 12/18 approved changesets -- score normalized to 6
Maintained🟢 1030 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Security-Policy🟢 10security policy file detected
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.

Scanned Files

  • uv.lock

@codecov
Copy link
Copy Markdown

codecov Bot commented May 25, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (4c9817d) to head (b4ef6d4).

Additional details and impacted files 
@@            Coverage Diff            @@
##              main      #468   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           41        41           
  Lines         2288      2288           
=========================================
  Hits          2288      2288

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 25, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate Bot merged commit b893691 into main May 25, 2026
24 checks passed
@renovate renovate Bot deleted the renovate/lock-file-maintenance branch May 25, 2026 04:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants