mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-09-19 15:09:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,718 Commits 25 Branches 38 Tags 164 MiB
4a8c901405
Commit Graph

3718 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Madhu Rajanna
4a8c901405 ci: use dependabot group feature 
enable dependabot raising PR by groups to
reduce PR and save CI resources.
This uses the  beta groups feature of dependabot
More details here
https://docs.github.com/en/code-security/\
dependabot/dependabot-version-updates/\
configuration-options-for-the-dependabot.yml-file#groups

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-29 14:01:10 +00:00
karthik-us
855d09c1cd rebase: replace MetricsBindAddress with Metrics 
MetricsBindAddress is replaced by Metrics in the
controller-runtime manager options in version 0.16.0
as part of
e59161ee8f
Updating the same here.

Signed-off-by: karthik-us <ksubrahm@redhat.com>
 2023-08-29 13:39:45 +00:00
dependabot[bot]
a51516501c rebase: Bump sigs.k8s.io/controller-runtime from 0.15.1 to 0.16.0 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.15.1 to 0.16.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.15.1...v0.16.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 13:39:45 +00:00
dependabot[bot]
97d9f701ec rebase: Bump github.com/IBM/keyprotect-go-client from 0.10.0 to 0.12.2 
Bumps [github.com/IBM/keyprotect-go-client](https://github.com/IBM/keyprotect-go-client) from 0.10.0 to 0.12.2.
- [Release notes](https://github.com/IBM/keyprotect-go-client/releases)
- [Changelog](https://github.com/IBM/keyprotect-go-client/blob/master/CHANGELOG.md)
- [Commits](https://github.com/IBM/keyprotect-go-client/compare/v0.10.0...v0.12.2)

---
updated-dependencies:
- dependency-name: github.com/IBM/keyprotect-go-client
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 11:20:28 +00:00
dependabot[bot]
eb24ae5cfc rebase: Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.11.0...v2.12.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 10:23:54 +00:00
Riya Singhal
ccc3aae76e rebase: run go mod tidy and go mod vendor 
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
 2023-08-29 08:00:22 +00:00
dependabot[bot]
9a94189d4d rebase: Bump k8s.io/api from 0.28.0 to 0.28.1 in /api 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.28.0 to 0.28.1.
- [Commits](https://github.com/kubernetes/api/compare/v0.28.0...v0.28.1)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:22 +00:00
dependabot[bot]
0707f7e463 rebase: Bump github.com/aws/aws-sdk-go from 1.44.328 to 1.44.333 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.328 to 1.44.333.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.328...v1.44.333)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 07:34:38 +00:00
Niels de Vos
6b40f6852c ci: use latest minikube version (v1.31.2) 
Use the latest minikube version that contains minor changes and
bugfixes.

See-also: https://github.com/kubernetes/minikube/blob/master/CHANGELOG.md
Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-28 13:41:58 +00:00
Riya Singhal
4061399bb2 ci: skip testing on k1.28 for the current releases 
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
 2023-08-28 13:38:34 +02:00
Riya Singhal
6a64394139 ci: skip kube 1.25 check for devel branch 
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
 2023-08-28 13:38:34 +02:00
dependabot[bot]
ef84a10910 rebase: bump github.com/ceph/go-ceph from 0.22.0 to 0.23.0 
Bumps [github.com/ceph/go-ceph](https://github.com/ceph/go-ceph) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/ceph/go-ceph/releases)
- [Changelog](https://github.com/ceph/go-ceph/blob/master/docs/release-process.md)
- [Commits](https://github.com/ceph/go-ceph/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/ceph/go-ceph
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-26 17:59:46 +00:00
dependabot[bot]
6b6257c45f rebase: bump github.com/google/uuid from 1.3.0 to 1.3.1 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 20:44:06 +00:00
Madhu Rajanna
461effe520 doc: set ceph version for NFS service 
specify from what ceph versions we
need to run nfs service commands and
when to skip it.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 17:50:40 +00:00
Madhu Rajanna
10bec8a002 ci: skip enabling nfs modules in e2e 
As we dont need to enable nfs modules
in ceph v16.2.8 onwards skipping this one.

Because of this one we have a regression
in nfs export

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 17:50:40 +00:00
Madhu Rajanna
d45bb12cc1 build: disable ganesha package in Dockerfile 
disable ganesha as dnf update is
failing on Reef ceph version.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 17:50:40 +00:00
Madhu Rajanna
e76e2f88b1 e2e: add --yes-i-really-mean-it for pool creation 
in recent ceph version .nfs pool creation
is failing, as we are sure about creating the
pools in the e2e tests, tring to create the pool
with required extra agruments to make it successful.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 17:50:40 +00:00
Madhu Rajanna
03cf97c9ff rebase: update Rook to the latest release 
update Rook to the latest v12 release.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 17:50:40 +00:00
Madhu Rajanna
fa0be82c34 rebase: update ceph to reef 
Updating ceph base image to Reef as its
the latest ceph release.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 17:50:40 +00:00
riya-singhal31
d435b59656 e2e: add timeout for pvc deletion in ephemeral e2e 
this commit adds the timeout to wait for pvc
deletion after the deletion of pod in test.

Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
 2023-08-25 14:22:00 +00:00
Niels de Vos
16e5de5e1d build: use lower version for dependencies if repositories are broken 
Some packages have dependencies on other repositories. On occasion these
repositories seem to be out-of-sync. In that case, install updates with
an older version, instead of erroring out.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-25 11:43:03 +00:00
Madhu Rajanna
ff030f12e1 deploy: use resizer canary image 
use resizer canary image to as it
might contain fix for pvc resize
with kubernetes 1.28

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 11:43:03 +00:00
Madhu Rajanna
2d94b4ccb2 ci: enable debug logs in kubelet 
enable debug logs in kubelet for
better debugging.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-25 11:43:03 +00:00
dependabot[bot]
e17bd0103c rebase: bump github.com/aws/aws-sdk-go from 1.44.323 to 1.44.328 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.323 to 1.44.328.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.323...v1.44.328)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-23 14:39:49 +00:00
dependabot[bot]
8dc6328ee8 rebase: bump github.com/aws/aws-sdk-go-v2/service/sts 
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.21.2 to 1.21.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/efs/v1.21.2...service/efs/v1.21.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-22 13:47:42 +00:00
Niels de Vos
ee843e6ffd ci: only add /test .. comment if the branch for the PR matches 
By adding an if-statement for each step of the matrix job, only those
steps are executed where the base ref of the PR matches the branch in
the matrix parameters.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-22 11:28:37 +00:00
Niels de Vos
2d120f2e10 ci: exclude branches from the testing matrix for ok-to-test comments 
It seems that `matrix.*` parameters can not be used in the if-statement
for a job. Now using the `exclude:` parameter with a more dynamically
constructed value for the branch. If the value for the branch is not
part of the initial branch list, the value will not be excluded, so the
jobs are expected to run.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-22 11:09:14 +00:00
Niels de Vos
a57fe08e7d ci: run versioned k8s jobs only on selected branches 
By using a matrix strategy with excluding certain branches and
Kubernetes versions, the number of CI jobs per PullRequest should stay
limited.

Closes: #4060
Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-21 11:06:29 +00:00
Madhu Rajanna
1098751843 ci: update mergify rules for kube v1.28.0 
updating mergify rules to consider kubernetes
v1.28.0 ci jobs.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-21 09:32:25 +02:00
Madhu Rajanna
9ffd3ffd98 ci: update pull request commentor for kube 1.28.0 
updating pull request commentor to
run tests with kubernetes 1.28.0

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-21 09:32:25 +02:00
rakshith-r
f1e9d8084a cephfs: set Pool parameter to empty for Snapshot-backed volumes 
Set VolumeOptions.Pool parameter to empty for Snapshot-backed volumes.
This Pool parameter is optional and  only used as 'pool-layout' parameter
during subvolume and subvolume clone create request in cephcsi
and not used for Snapshot-backed volume at all.
It is not saved anywhere for use in subsequent operations after create too.
Therefore, We can set it to empty and not error out.

Signed-off-by: rakshith-r <rar@redhat.com>
 2023-08-17 16:13:48 +00:00
Madhu Rajanna
f3fca46ac8 rebase: pin endpointslice to v0.28.0 
pin endpointslice to specific version to
fix go mod verify problem
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-17 13:43:15 +00:00
Madhu Rajanna
31ca4790ef rebase: update kubernetes in api mod file 
updating kubernetes to 0.28.0 in the api
go.mod file

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-17 13:43:15 +00:00
Madhu Rajanna
ff3e84ad67 rebase: update kubernetes to 1.28.0 in main 
updating kubernetes to 1.28.0
in the main repo.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-08-17 13:43:15 +00:00
dependabot[bot]
b2fdc269c3 rebase: Bump github.com/aws/aws-sdk-go from 1.44.313 to 1.44.323 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.313 to 1.44.323.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.313...v1.44.323)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-16 08:43:25 +00:00
dependabot[bot]
6ca8550ba1 rebase: Bump sigs.k8s.io/controller-runtime 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.15.1-0.20230524200249-30eae58f1b98 to 0.15.1.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/commits/v0.15.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-15 19:09:41 +00:00
Cheng Wang
874d0bcf4b doc: fix helm doc of ceph-csi deployment 
To make the doc better.

Signed-off-by: astraw99 <wangchengiscool@gmail.com>
 2023-08-08 12:40:22 +00:00
dependabot[bot]
e25ebb82d7 rebase: Bump golang.org/x/oauth2 in /actions/retest 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.10.0 to 0.11.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 10:54:54 +00:00
dependabot[bot]
edb8816f86 rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts 
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.21.0 to 1.21.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.21.0...service/efs/v1.21.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 08:59:18 +00:00
Niels de Vos
a129b1c4ab rebase: update golang.org/x/net to v0.14 
golang.org/x/net/html v0.12 is vulnerable against CVE-2023-3978.
Exploiting it through Ceph-CSI is non-trivial, but rebasing
golang.org/x/net should take away any concerns.

See-also: https://pkg.go.dev/vuln/GO-2023-1988
Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-07 20:56:44 +00:00
Niels de Vos
f371aa2677 ci: use podman for simple GitHub workflows 
`podman` is installed by default on the Ubuntu runners. Podman is
recommended for developers and contributors, as there are no elevated
privileges required to run it. Docker requires extra permissions to
build and or run container images, and contributors to Ceph-CSI should
not need to spend time working with that (several developers run the
`docker` command with `sudo`, which is discouraged).

Only the multi-arch Workflows require Docker, for the time being.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-08-07 16:34:44 +00:00
dependabot[bot]
e7a8e5d053 rebase: Bump google.golang.org/grpc from 1.56.2 to 1.57.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-01 21:28:46 +00:00
dependabot[bot]
f9310c84f4 rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts 
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.20.0...service/s3/v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-01 13:50:10 +00:00
dependabot[bot]
2acf7fc622 rebase: Bump github.com/aws/aws-sdk-go from 1.44.308 to 1.44.313 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.308 to 1.44.313.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.308...v1.44.313)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-01 11:19:59 +00:00
dependabot[bot]
007988d1cb rebase: Bump github.com/onsi/gomega from 1.27.8 to 1.27.10 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.8 to 1.27.10.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.8...v1.27.10)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-28 07:32:32 +00:00
dependabot[bot]
7311e7295e rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts 
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.19.3 to 1.20.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/efs/v1.19.3...service/s3/v1.20.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-27 11:13:20 +00:00
Niels de Vos
ce26b0e212 ci: allow CVE-2019-11255 in Kubernetes module dependency 
It is unclear how a module for utility functions can have the same
problem as a separate side-car that is expected to do the input
validation. The side-cars have been fixed already, no further details
are in the CVE description (from 2019).

See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4
Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-07-26 13:34:23 +00:00
Niels de Vos
30da273e5e rebase: update Kubernetes modules to v1.27.4 
Dependabot complains about Ceph-CSI being vulnerable to
GHSA-f4w6-3rh6-6q4q . This is an old and addressed CSI sidecar issue,
not related to the k8s.io/kubernetes module listed in go.mod. Is it
possible that updating the Kubernetes modules helps?

Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2023-07-26 13:34:23 +00:00
dependabot[bot]
3bc3aa5f1e rebase: Bump github.com/aws/aws-sdk-go from 1.44.307 to 1.44.308 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.307 to 1.44.308.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.307...v1.44.308)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-26 10:10:08 +00:00
dependabot[bot]
a2762b8ed5 rebase: Bump github.com/aws/aws-sdk-go from 1.44.301 to 1.44.307 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.301 to 1.44.307.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.301...v1.44.307)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-26 07:13:09 +00:00