Skip to content

Update trivially upgraded dependencies #3409

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 26, 2023
Merged

Update trivially upgraded dependencies #3409

merged 1 commit into from
Jul 26, 2023

Conversation

Qard
Copy link
Contributor

@Qard Qard commented Jul 17, 2023

What does this PR do?

Updates all dependencies which can be updated without needing code changes to maintain current test status on all active release lines. I've tested this locally on Node.js 12 and everything passes.

Motivation

Trying to figure out the best dependency upgrade strategy to avoid npm/yarn audit errors reporting and/or getting scared off by vulns that aren't really there.

@Qard Qard requested a review from a team as a code owner July 17, 2023 22:53
@github-actions
Copy link

github-actions bot commented Jul 17, 2023
edited
Loading

Overall package size

Self size: 4.95 MB
Deduped: 58.71 MB
No deduping: 58.8 MB

Dependency sizes

name version self size total size
@datadog/native-iast-taint-tracking 1.5.0 14.86 MB 14.86 MB
@datadog/native-appsec 3.2.0 13.38 MB 13.39 MB
@datadog/pprof 3.1.0 10.66 MB 11.5 MB
protobufjs 7.2.4 2.74 MB 6.52 MB
@datadog/native-iast-rewriter 2.0.1 2.09 MB 2.1 MB
@opentelemetry/core 1.14.0 872.87 kB 1.47 MB
@datadog/native-metrics 2.0.0 898.77 kB 1.3 MB
@opentelemetry/api 1.4.1 780.32 kB 780.32 kB
import-in-the-middle 1.4.1 40.97 kB 704.35 kB
msgpack-lite 0.1.26 201.16 kB 281.59 kB
opentracing 0.14.7 194.81 kB 194.81 kB
semver 7.5.4 93.4 kB 123.8 kB
@datadog/sketches-js 2.1.0 109.9 kB 109.9 kB
lodash.sortby 4.7.0 75.76 kB 75.76 kB
lru-cache 7.14.0 74.95 kB 74.95 kB
ipaddr.js 2.1.0 60.23 kB 60.23 kB
ignore 5.2.4 51.22 kB 51.22 kB
int64-buffer 0.1.10 49.18 kB 49.18 kB
istanbul-lib-coverage 3.2.0 29.34 kB 29.34 kB
lodash.uniq 4.5.0 25.01 kB 25.01 kB
limiter 1.1.5 23.17 kB 23.17 kB
retry 0.13.1 18.85 kB 18.85 kB
lodash.kebabcase 4.1.1 17.75 kB 17.75 kB
node-abort-controller 3.1.1 16.89 kB 16.89 kB
lodash.pick 4.4.0 16.33 kB 16.33 kB
crypto-randomuuid 1.0.0 11.18 kB 11.18 kB
diagnostics_channel 1.1.0 7.07 kB 7.07 kB
path-to-regexp 0.1.7 6.78 kB 6.78 kB
koalas 1.0.2 6.47 kB 6.47 kB
methods 1.1.2 5.29 kB 5.29 kB
module-details-from-path 1.0.3 4.47 kB 4.47 kB

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@codecov
Copy link

codecov bot commented Jul 17, 2023
edited
Loading

Codecov Report

Merging #3409 (72ddaed) into master (1c14fe8) will increase coverage by 0.05%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #3409      +/-   ##
==========================================
+ Coverage   84.66%   84.72%   +0.05%     
==========================================
  Files         218      218              
  Lines        8583     8583              
  Branches       33       33              
==========================================
+ Hits         7267     7272       +5     
+ Misses       1316     1311       -5

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@Qard Qard force-pushed the update-dependencies branch 3 times, most recently from b1cdb5c to 94992af Compare July 17, 2023 23:04
@pr-commenter
Copy link

pr-commenter bot commented Jul 17, 2023
edited
Loading

Benchmarks

Benchmark execution time: 2023-07-26 19:00:20

Comparing candidate commit 72ddaed in PR branch update-dependencies with baseline commit 1c14fe8 in branch master.

Found 0 performance improvements and 4 performance regressions! Performance is the same for 467 metrics, 21 unstable metrics.

scenario:plugin-graphql-with-depth-and-collapse-off-18

  • 🟥 max_rss_usage [+181.558KB; +229.442KB] or [+15.817%; +19.989%]

scenario:plugin-graphql-with-depth-and-collapse-on-18

  • 🟥 max_rss_usage [+118.680KB; +146.088KB] or [+14.317%; +17.624%]

scenario:plugin-graphql-with-depth-off-18

  • 🟥 max_rss_usage [+126.162KB; +146.850KB] or [+15.354%; +17.871%]

scenario:plugin-graphql-with-depth-on-max-18

  • 🟥 max_rss_usage [+124.725KB; +156.599KB] or [+15.211%; +19.098%]

@Qard Qard force-pushed the update-dependencies branch 3 times, most recently from 87e908d to b1e1af7 Compare July 17, 2023 23:42
@Qard Qard force-pushed the update-dependencies branch from b1e1af7 to 4d71f79 Compare July 18, 2023 23:12
@Qard
Copy link
Contributor Author

Qard commented Jul 19, 2023

@astuyve I seem to be getting consistent failures from the serverless integration test on this now for some reason. Has anything changed there recently? Did I bump any dependencies in here that you're depending on?

@astuyve
Copy link
Collaborator

astuyve commented Jul 20, 2023

Hey, this looks like a setup function for GCP - the function wasn't deployed correctly and doesn't exist. I'll get someone to look into it, but it's probably safe to ignore.

Does this fail on main?

@Qard
Copy link
Contributor Author

Qard commented Jul 20, 2023

Doesn't appear to fail on main, no. Just in this PR, so I suspect one of the dependencies I've updated broke something, but I'm not sure what. 🤔

@Qard Qard force-pushed the update-dependencies branch from 4d71f79 to 789c98a Compare July 20, 2023 02:55
@astuyve
Copy link
Collaborator

astuyve commented Jul 20, 2023

Looks like this is fixed here: #3418

@Qard Qard force-pushed the update-dependencies branch 2 times, most recently from 3265fc3 to ece3d96 Compare July 24, 2023 16:59
@Qard
Copy link
Contributor Author

Qard commented Jul 24, 2023

@astuyve Seems to just be failing for a different reason now?

@rochdev
Copy link
Member

rochdev commented Jul 25, 2023

@Qard Another fix just landed, hopefully it should no longer be flaky.

@Qard Qard force-pushed the update-dependencies branch from ece3d96 to 72ddaed Compare July 26, 2023 18:54
@Qard Qard merged commit f7102ba into master Jul 26, 2023
@Qard Qard deleted the update-dependencies branch July 26, 2023 19:06
rochdev pushed a commit that referenced this pull request Jul 27, 2023
@rochdev
Update trivially upgraded dependencies (#3409)
61a4798
rochdev pushed a commit that referenced this pull request Jul 27, 2023
@rochdev
Update trivially upgraded dependencies (#3409)
1585580
rochdev pushed a commit that referenced this pull request Jul 27, 2023
@rochdev
Update trivially upgraded dependencies (#3409)
21e93d9
rochdev pushed a commit that referenced this pull request Jul 27, 2023
@rochdev
Update trivially upgraded dependencies (#3409)
1fe2719
rochdev pushed a commit that referenced this pull request Jul 27, 2023
@rochdev
Update trivially upgraded dependencies (#3409)
806a5a1
rochdev pushed a commit that referenced this pull request Jul 27, 2023
@rochdev
Update trivially upgraded dependencies (#3409)
e7632ce
@erikvanbrakel erikvanbrakel mentioned this pull request Jul 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tlhunter tlhunter tlhunter approved these changes

@simon-id simon-id simon-id approved these changes

Assignees

No one assigned

Labels

dependencies semver-patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Qard @astuyve @rochdev @tlhunter @simon-id