Bump python-gitlab from 4.4.0 to 4.5.0 #10209
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v4.4.0...v4.5.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🟢 Risk threshold not exceeded. Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. Summary: The provided code change is an update to the Overall, the changes in this Files Changed:
Powered by DryRun Security |
Bumps python-gitlab from 4.4.0 to 4.5.0.
Release notes
Sourced from python-gitlab's releases.
... (truncated)
Changelog
Sourced from python-gitlab's changelog.
... (truncated)
Commits
58d50f2chore: release v4.5.02d1b749feat(job_token_scope): support Groups in job token allowlist API (#2816)c5d0404fix: Considerscopean ArrayAttribute in PipelineJobManagerc23e6bdfix(test): use different ids for merge request, approval rule, projectb8b3849fix(api): fix saving merge request approval rules4f338aechore(deps): update all non-major dependencies9be48f0chore(deps): update gitlab/gitlab-ee docker tag to v16.11.2-ee.09289189chore(deps): update dependency myst-parser to v365d0e65chore(deps): update all non-major dependencies8ea10c3chore(deps): update dependency jinja2 to v3.1.4 [security]Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)