2.0.0-alpha.4 (2023-08-27)
⚠️ Security updates (1 change)
- [Security] Bump puma from 6.3.0 to 6.3.1 by @dependabot-bot. See merge request !2321
🚀 New features (3 changes)
- Support closing superseded mrs in standalone mode by @andrcuns. See merge request !2341
- Add severity labels to merge requests with vulnerabilities by @andrcuns. See merge request !2324
- Add support for vulnerability detection in standalone mode by @andrcuns. See merge request !2301
🔬 Improvements (3 changes)
- Move background tasks to separate container by @andrcuns. See merge request !2334
- Add support for sentry profiling functionality by @andrcuns. See merge request !2310
- Log more details for processed vulnerability info by @andrcuns. See merge request !2307
🐞 Bug Fixes (7 changes)
- Only consider actual vulnerabilities when adding severity labels by @andrcuns. See merge request !2350
- Remove obsolete merge request closing by @andrcuns. See merge request !2349
- Cache labels already known to exist in project by @andrcuns. See merge request !2346
- Correctly update cached project labels by @andrcuns. See merge request !2345
- Correctly fetch source branch name for superseded mr in standalone mode by @andrcuns. See merge request !2343
- Revert "Merge branch 'dependabot-bundler-dependabot-omnibus-and-faraday-retry-0.226.0' into 'main'" by @andrcuns. See merge request !2319
- Correctly handle label creation for vulnerability issues by @andrcuns. See merge request !2308
📦 Dependency updates (6 changes)
- Bump dependabot-omnibus and faraday-retry by @dependabot-bot. See merge request !2342
- Bump mongoid from 8.1.1 to 8.1.2 by @dependabot-bot. See merge request !2339
- Bump anyway_config from 2.5.1 to 2.5.2 by @dependabot-bot. See merge request !2337
- Bump rails from 7.0.7 to 7.0.7.2 by @dependabot-bot. See merge request !2335
- Bump dependabot-omnibus and faraday-retry by @dependabot-bot. See merge request !2316
- Bump rails from 7.0.6 to 7.0.7 by @dependabot-bot. See merge request !2315
📦🔧 Development dependency updates (16 changes)
- Bump rspec-sidekiq from 4.0.1 to 4.0.2 by @dependabot-bot. See merge request !2347
- Bump rspec-sidekiq from 4.0.0 to 4.0.1 by @dependabot-bot. See merge request !2338
- Bump rubocop from 1.56.0 to 1.56.1 by @dependabot-bot. See merge request !2336
- Bump vitepress from 1.0.0-beta.7 to 1.0.0-rc.4 by @dependabot-bot. See merge request !2328
- Bump prettier from 3.0.1 to 3.0.2 by @dependabot-bot. See merge request !2327
- Bump @types/node from 20.4.8 to 20.5.1 by @dependabot-bot. See merge request !2326
- Bump @playwright/test from 1.36.2 to 1.37.1 by @dependabot-bot. See merge request !2325
- Bump rspec-sidekiq from 3.1.0 to 4.0.0 by @dependabot-bot. See merge request !2322
- Bump rubocop-performance from 1.18.0 to 1.19.0 by @dependabot-bot. See merge request !2323
- Bump faker from 3.2.0 to 3.2.1 by @dependabot-bot. See merge request !2318
- Bump rubocop from 1.55.1 to 1.56.0 by @dependabot-bot. See merge request !2313
- Bump rubocop-rspec from 2.23.1 to 2.23.2 by @dependabot-bot. See merge request !2314
- Bump rubocop-rspec from 2.23.0 to 2.23.1 by @dependabot-bot. See merge request !2305
- Bump prettier from 3.0.0 to 3.0.1 by @dependabot-bot. See merge request !2304
- Bump handlebars from 4.7.7 to 4.7.8 by @dependabot-bot. See merge request !2303
- Bump @types/node from 20.4.5 to 20.4.8 by @dependabot-bot. See merge request !2302
🔧 CI changes (5 changes)
- Use latest qemu emulators for image building by @andrcuns. See merge request !2344
- Fix image build rules order by @andrcuns.
- Update rules for building images and running tests by @andrcuns. See merge request !2333
- Introduce breaking changes changelog category by @andrcuns. See merge request !2332
- Remove legacy license scanning job by @andrcuns.
🧰 Maintenance (7 changes)
- Improve logging for dependency mr creation process by @andrcuns. See merge request !2348
- Use rails cache for project label caching by @andrcuns. See merge request !2340
- Use project dependencies for global setup in e2e tests by @andrcuns. See merge request !2331
- Remove redundant rspec metadata by @andrcuns. See merge request !2309
- Explicitly log when local vulnerability db is up to date by @andrcuns.
- Add logger context for background migration job by @andrcuns. See merge request !2306
- Refactor dependency vulnerability fetching by @andrcuns. See merge request !2298
📄 Documentation updates (3 changes)
- Update documentation on main-latest docker tag usage by @andrcuns.
- Document usage of images built from main branch by @andrcuns.
- Improve description of what dependabot-gitlab is or isn't by @andrcuns.
🚀 Deployment changes (7 changes)
- Reduce resource requests for backgroundTasksJob by @andrcuns.
- Remove pullPolicy from deployment by @andrcuns.
- Bump hashicorp/kubernetes from 2.22.0 to 2.23.0 in /deploy by @dependabot-bot. See merge request !2330
- Bump hashicorp/google from 4.76.0 to 4.78.0 in /deploy by @dependabot-bot. See merge request !2329
- Add sentry profiles and traces sample rates by @andrcuns.
- Ignore helm release metadata changes by @andrcuns.
- Bump hashicorp/google from 4.75.1 to 4.76.0 in /deploy by @dependabot-bot. See merge request !2300