Bump sentry-sdk from 2.48.0 to 2.49.0#138
Conversation
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.48.0 to 2.49.0. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@2.48.0...2.49.0) --- updated-dependencies: - dependency-name: sentry-sdk dependency-version: 2.49.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
dependabot
bot
requested review from
cosmingrz and
cristianpier
and removed request for
a team
![arnica-github-connector[bot]](https://avatars.githubusercontent.com/in/144692?s=60&v=4){kind=small}
| ipaddr==2.2.0 | ||
| mysqlclient==2.2.7 | ||
| sentry-sdk==2.48.0 | ||
| sentry-sdk==2.49.0 |
There was a problem hiding this comment.
Dependency Risk: sentry-sdk@2.49.0 has 1 transitive vulnerability
🚀 Upgrade to 3.0.0a7 (major version) to mitigate all risks
Severity: High 🚨
Status: Open 🔴
Suggested reviewers 🧐: @jbnable @CatalinTiberius @eszterk @mtargosz
More details:
For Arnica Remediation Guidance: https://n-able.atlassian.net/wiki/x/uwaezg0. For General Information about Arnica at N-able: https://n-able.atlassian.net/wiki/x/xQZ-vA0
Details
Take action by replying with an [arnica] command 💬
Actions
Use [arnica] or [a] to interact with the Arnica bot to acknowledge or dismiss code risks.
To acknowledge the finding as a valid code risk:
[arnica] ack <acknowledge additional details>
To dismiss the risk with a reason:
[arnica] dismiss <fp|accept|capacity> <dismissal reason>
Examples
-
[arnica] ack This is a valid risk and im looking into it -
[arnica] dismiss fp Dismissed - Risk Not Accurate: (i.e. False Positive) -
[arnica] dismiss accept Dismiss - Risk Accepted: Allow the risk to exist in the system -
[arnica] dismiss capacity Dismiss - No Capacity: This will need to wait for a future sprint
|
Superseded by #139. |
Bumps sentry-sdk from 2.48.0 to 2.49.0.
Release notes
Sourced from sentry-sdk's releases.
Changelog
Sourced from sentry-sdk's changelog.
Commits
2c85e64release: 2.49.08f273d4chore: Ignore type migration for scripts/ and tests/ in blame (#5284)dc8a8e5ref: Properly override parent func (#5283)485aa6dci: Allow to use Craft's new auto-versioning (#5218)c8d8d60docs: Fix typo in comment (#5280)6039305ref: Deduplicate batchers (#5263)f2317dcref(scope): Set global attrs on global scope (#5259)3d83b39fix(ray): Keep variadic kwargs last in signatures (#5244)f5c51fcFix openai count_tokens (#5281)a979755docs: Fixmiddleware_spansdocstring (#5279)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)