Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

upgrade deps #28

Merged
merged 2 commits into from
Jul 16, 2024
Merged

upgrade deps #28

merged 2 commits into from
Jul 16, 2024

Conversation

sigu
Copy link
Contributor

@sigu sigu commented Jul 14, 2024

📖 Description and reason

I have upgraded the following dependancies

  1. yaml_elixir
  2. jason
  3. ex_doc
  4. credo_naming

When compiling a dependant application I get a warning originating from yaml_elixir version 2.9. All the errors thrown have been addressed in later versions.

ex_doc was also throwing error on this application, due to its dependancy errors which was fixed on this later version

The other 2 have been upgraded since after going through the changelog there was no breaking changes so the upgrade makes it easy to make incremental upgrades in future too.

👷 Work done

  • upgrade libraries

Tasks

  • upgrade libraries

Additional notes

None at the moment

🎉 Result

No more deprecation or warnings

🦀 Dispatch

Important

Not sure what needs to be included here

#dispatch/elixir

@mirego-builds mirego-builds requested a review from JoeyBG July 14, 2024 11:54
@mirego-builds
Copy link

🦀 Requesting reviewers for this pull request:

  • @JoeyBG (reviewer for the elixir stack)

@remi
Copy link
Member

remi commented Jul 15, 2024

Hi @sigu!

Thanks for the PR. It just needs this diff for Credo’s new Credo.Check.Readability.PredicateFunctionNames check to pass:

diff --git lib/mix_audit/audit.ex lib/mix_audit/audit.ex
index 683f75e..bdf9c24 100644
--- lib/mix_audit/audit.ex
+++ lib/mix_audit/audit.ex
@@ -4,7 +4,7 @@ defmodule MixAudit.Audit do
       Enum.reduce(dependencies, [], fn dependency, memo ->
         advisories
         |> Map.get(dependency.package, [])
-        |> Enum.filter(&is_vulnerability?(&1, dependency))
+        |> Enum.filter(&vulnerability?(&1, dependency))
         |> Enum.map(&map_vulnerability(&1, dependency))
         |> (&(memo ++ &1)).()
       end)
@@ -15,7 +15,7 @@ defmodule MixAudit.Audit do
     }
   end
 
-  defp is_vulnerability?(%MixAudit.Advisory{vulnerable_version_ranges: vulnerable_version_ranges}, %MixAudit.Dependency{version: version}) do
+  defp vulnerability?(%MixAudit.Advisory{vulnerable_version_ranges: vulnerable_version_ranges}, %MixAudit.Dependency{version: version}) do
     Enum.any?(vulnerable_version_ranges, fn version_range ->
       version_range
       |> map_ranges_to_requirements()

Let me know when your branch is updated (and the CI passes) — I’ll merge it! 🚀

@sigu
Copy link
Contributor Author

sigu commented Jul 16, 2024

Fixed the credo suggesions @remi , the workflow is awaiting approval

@remi remi merged commit 4d50509 into mirego:main Jul 16, 2024
5 checks passed
@remi
Copy link
Member

remi commented Jul 16, 2024

Thank you! I’ll release 2.1.4!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants