Skip to content

chore(deps): upgrade project dependencies to latest versions#13

Merged
yeshamavani merged 3 commits intomasterfrom
GH-12
Apr 21, 2026
Merged

chore(deps): upgrade project dependencies to latest versions#13
yeshamavani merged 3 commits intomasterfrom
GH-12

Conversation

@Sourav-kashyap
Copy link
Copy Markdown
Contributor

@Sourav-kashyap Sourav-kashyap commented Mar 27, 2026

Checklist:

  • Performed a self-review of my own code
  • npm test passes on your machine

Build Passed

Screenshot 2026-03-27 at 5 00 18 PM

Test Passed

Screenshot 2026-03-27 at 5 00 39 PM

@Sourav-kashyap Sourav-kashyap self-assigned this Mar 27, 2026
@Sourav-kashyap Sourav-kashyap force-pushed the GH-12 branch 4 times, most recently from f82b833 to db0a117 Compare April 2, 2026 09:56
@Sourav-kashyap Sourav-kashyap force-pushed the GH-12 branch 5 times, most recently from aec3056 to f8aa3f6 Compare April 14, 2026 09:21
@Sourav-kashyap
chore(deps): upgrade project dependencies to latest versions
161a84d 
upgrade project dependencies to latest versions

GH-12
@vinaygupta-sourcefuse
chore(deps): resolving package release issues
ca5c02e 
resolving package release issues

GH-12
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 20, 2026

SonarQube reviewer guide

Summary: Upgrade GitHub Actions workflows to latest versions (v4) and update all project dependencies to newer minor/patch versions, including breaking changes to @commitlint (v17→v20) and other key packages.

Review Focus: The major version upgrades to @commitlint (v17→v20), @loopback/build (v12.0.3→v12.0.11), and related ecosystem packages may require attention for compatibility. Also verify the aquasecurity/trivy-action ref change from version pinning to commit hash. Check the package.json overrides for any implications of the new versions.

Start review at: .github/workflows/main.yaml and .github/workflows/trivy.yaml. These files contain the breaking infrastructure changes - GitHub Actions v4 updates and the Trivy security scanner version bump with a commit hash reference instead of semantic versioning, which affects CI/CD reliability and security scanning processes.

💬 Please send your feedback

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yeshamavani yeshamavani merged commit 0c673a4 into master Apr 21, 2026
7 checks passed
@yeshamavani yeshamavani deleted the GH-12 branch April 21, 2026 06:53
@yeshamavani
Copy link
Copy Markdown
Collaborator

yeshamavani commented Apr 21, 2026

🎉 This PR is included in version 1.0.3 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yeshamavani yeshamavani yeshamavani approved these changes

@a-ganguly a-ganguly Awaiting requested review from a-ganguly

Assignees

@Sourav-kashyap Sourav-kashyap

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Sourav-kashyap @yeshamavani @vinaygupta-sourcefuse