Bumps [dialyxir](https://github.com/jeremyjh/dialyxir) from 1.4.5 to
1.4.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jeremyjh/dialyxir/releases">dialyxir's
releases</a>.</em></p>
<blockquote>
<h2>1.4.6</h2>
<h3>Fixed</h3>
<ul>
<li><code>CallWithoutOpaque</code> function clause error on OTP-28</li>
<li><code>invalid_contract</code> warning showed spec twice instead of
success typing</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update <code>ex_doc</code> to the latest version for an improved
UI</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Add a note about the <code>:unknown</code> flag to the "Default
Flags" section in the README</li>
<li>Fix dead hex doc links by including CI config docs in
<code>mix.exs</code>'s <code>:docs</code></li>
<li>Fix a typo in the README</li>
</ul>
<h3>CI</h3>
<ul>
<li>Update the Ubuntu version used in CI to 24.04</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jeremyjh/dialyxir/blob/master/CHANGELOG.md">dialyxir's
changelog</a>.</em></p>
<blockquote>
<h2>Unreleased changes post [1.4.6]</h2>
<h2>[1.4.6] - 2025-08-09</h2>
<h3>Fixed</h3>
<ul>
<li><code>CallWithoutOpaque</code> function clause error on OTP-28</li>
<li><code>invalid_contract</code> warning showed spec twice instead of
success typing</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update <code>ex_doc</code> to the latest version for an improved
UI</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Add a note about the <code>:unknown</code> flag to the "Default
Flags" section in the README</li>
<li>Fix dead hex doc links by including CI config docs in
<code>mix.exs</code>'s <code>:docs</code></li>
<li>Fix a typo in the README</li>
</ul>
<h3>CI</h3>
<ul>
<li>Update the Ubuntu version used in CI to 24.04</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a0e4cf90f4"><code>a0e4cf9</code></a>
Bump version to 1.4.6</li>
<li><a
href="51266a5a4d"><code>51266a5</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/569">#569</a>
from dvic/fix/call-without-opaque-otp28-issue-561</li>
<li><a
href="c564806f70"><code>c564806</code></a>
Merge branch 'master' into fix/call-without-opaque-otp28-issue-561</li>
<li><a
href="bf06a92928"><code>bf06a92</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/570">#570</a>
from pwcsquared/ci-fix-ubuntu-ver</li>
<li><a
href="d3776d2f78"><code>d3776d2</code></a>
Update ubuntu version used in CI to 24.04 (currently supported)</li>
<li><a
href="431f6c922c"><code>431f6c9</code></a>
Merge branch 'master' into fix/call-without-opaque-otp28-issue-561</li>
<li><a
href="c5da65f9b7"><code>c5da65f</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/564">#564</a>
from camatcode/master</li>
<li><a
href="684f1bbeba"><code>684f1bb</code></a>
Refactor OTP-28 clause to delegate to existing implementation</li>
<li><a
href="bea2032e4b"><code>bea2032</code></a>
Fix CallWithoutOpaque function clause error on OTP-28</li>
<li><a
href="73529050d3"><code>7352905</code></a>
Docs: Fix dead hex doc links by including CI config docs in mix.exs
'docs'</li>
<li>Additional commits viewable in <a
href="https://github.com/jeremyjh/dialyxir/compare/1.4.5...1.4.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ex_cldr](https://github.com/elixir-cldr/cldr) from 2.42.0 to
2.43.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr/releases">ex_cldr's
releases</a>.</em></p>
<blockquote>
<h2>Cldr version 2.43.0</h2>
<h3>Deprecations</h3>
<ul>
<li>
<p>Deprecate <code>Cldr.Timezone.fetch/1</code> in favor of
<code>Cldr.Timezone.fetch_short_zone/1</code></p>
</li>
<li>
<p>Deprecate <code>Cldr.Timezone.get/1</code> in favor of
<code>Cldr.Timezone.get_short_zone/1</code></p>
</li>
<li>
<p>Deprecate <code>Cldr.Timezone.timezones_for_territory/0</code> in
favor of <code>Cldr.Timezone.timezones_by_territory/0</code></p>
</li>
<li>
<p>Deprecate <code>Cldr.Timezone.validate_timezone/1</code> in favor of
<code>Cldr.Timezone.validate_short_zone/1</code></p>
</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>
<p>Adds metazone, metazone mapping and primary zone data to the build
process. This data supports timezone name localisation for a future
release of <a
href="https://github.com/elixir-cldr/cldr_dates_times">ex_cldr_dates_times</a>.
See the <a
href="https://github.com/orgs/elixir-cldr/discussions/258">github
discussion</a> for more background.</p>
<ul>
<li>Adds <code>Cldr.Config.metazones/0</code></li>
<li>Adds <code>Cldr.Config.metazone_mapping/0</code></li>
<li>Adds <code>Cldr.Config.metazone_ids/0</code></li>
<li>Adds <code>Cldr.Config.primary_zones/0</code></li>
</ul>
</li>
<li>
<p>Adds <code>Cldr.Timezone.canonical_timezones/0</code> to return the
mapping of IANA long timezone names to their canonical equivalent.</p>
</li>
<li>
<p>Adds <code>Cldr.Timezone.canonical_timezone/1</code> to return the
canonical timezone name for a given IANA long timezone name, or
<code>{:error, "Etc/Unknown"}</code>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr/blob/main/CHANGELOG.md">ex_cldr's
changelog</a>.</em></p>
<blockquote>
<h2>Cldr v2.43.0</h2>
<p>This is the changelog for Cldr v2.43.0 released on August 25th, 2025.
For older changelogs please consult the release tag on <a
href="https://github.com/elixir-cldr/cldr/tags">GitHub</a></p>
<h3>Deprecations</h3>
<ul>
<li>
<p>Deprecate <code>Cldr.Timezone.fetch/1</code> in favor of
<code>Cldr.Timezone.fetch_short_zone/1</code></p>
</li>
<li>
<p>Deprecate <code>Cldr.Timezone.get/1</code> in favor of
<code>Cldr.Timezone.get_short_zone/1</code></p>
</li>
<li>
<p>Deprecate <code>Cldr.Timezone.timezones_for_territory/0</code> in
favor of <code>Cldr.Timezone.timezones_by_territory/0</code></p>
</li>
<li>
<p>Deprecate <code>Cldr.Timezone.validate_timezone/1</code> in favor of
<code>Cldr.Timezone.validate_short_zone/1</code></p>
</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>
<p>Adds metazone, metazone mapping and primary zone data to the build
process. This data supports timezone name localisation for a future
release of <a
href="https://github.com/elixir-cldr/cldr_dates_times">ex_cldr_dates_times</a>.
See the <a
href="https://github.com/orgs/elixir-cldr/discussions/258">github
discussion</a> for more background.</p>
<ul>
<li>Adds <code>Cldr.Config.metazones/0</code></li>
<li>Adds <code>Cldr.Config.metazone_mapping/0</code></li>
<li>Adds <code>Cldr.Config.metazone_ids/0</code></li>
<li>Adds <code>Cldr.Config.primary_zones/0</code></li>
</ul>
</li>
<li>
<p>Adds <code>Cldr.Timezone.canonical_timezones/0</code> to return the
mapping of IANA long timezone names to their canonical equivalent.</p>
</li>
<li>
<p>Adds <code>Cldr.Timezone.canonical_timezone/1</code> to return the
canonical timezone name for a given IANA long timezone name, or
<code>{:error, "Etc/Unknown"}</code>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="581e9b857c"><code>581e9b8</code></a>
Release 2.43.0</li>
<li><a
href="f2e04f3970"><code>f2e04f3</code></a>
Fix timezone.ex</li>
<li><a
href="9363c12bf7"><code>9363c12</code></a>
Correct timezone generation</li>
<li><a
href="5ccb26f955"><code>5ccb26f</code></a>
No territory for utc, gmt, utc.. timezones</li>
<li><a
href="f2bcabf3a4"><code>f2bcabf</code></a>
Add additional substitution pattern</li>
<li><a
href="4d12a2b828"><code>4d12a2b</code></a>
Rename :daylight_savings to :daylight on loading (for now)</li>
<li><a
href="63a0fd7032"><code>63a0fd7</code></a>
daylight_savings => daylight to be consistent</li>
<li><a
href="24312eb7b7"><code>24312eb</code></a>
Mix format</li>
<li><a
href="c376bd3809"><code>c376bd3</code></a>
Add Cldr.Timezone.territories_by_timezone/0</li>
<li><a
href="3df5cdad9b"><code>3df5cda</code></a>
Invert the primary_zones map</li>
<li>Additional commits viewable in <a
href="https://github.com/elixir-cldr/cldr/compare/v2.42.0...v2.43.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [oban](https://github.com/oban-bg/oban) from 2.19.4 to 2.20.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/oban-bg/oban/releases">oban's
releases</a>.</em></p>
<blockquote>
<h2>v2.20.0</h2>
<p>This release brings a fantastic new helper function, an optional
migration to aid pruning, some stability improvements, and a bevy of
documentation updates.</p>
<h2>🦋 Update Job</h2>
<p>This introduces the <code>Oban.update_job/2,3</code> function to
simplify updating existing jobs while ensuring data consistency and
safety. Previously, updating jobs required manually constructing change
operations or complex queries that could lead to race conditions or
invalid state changes.</p>
<p>Only a curated subset of job fields, e.g. <code>:args</code>,
<code>:max_attempts</code>, <code>:meta</code>, etc. may be updated and
they use the same validation rules as insertion to prevent invalid data.
Updates are also wrapped in a transaction with locking clauses to
prevent concurrent modifications.</p>
<p>The function supports direct map changes:</p>
<pre lang="elixir"><code>Oban.update_job(job, %{priority: 0, tags:
["urgent"]})
</code></pre>
<p>It also has a convenient function-based mode for dynamic changes:</p>
<pre lang="elixir"><code>Oban.update_job(job, fn job ->
%{meta: Map.put(job.meta, "processed_by", current_node())}
end)
</code></pre>
<h2>❄️ Unique State Groups</h2>
<p>There are now named unique state groups to replace custom state lists
for unique jobs, promoting better uniqueness design and reducing
configuration errors.</p>
<p>Previously, developers had to manually specify lists of job states
for uniqueness, which was error-prone and could lead to subtle bugs when
states were omitted or incorrectly combined. The new predefined groups
ensure correctness and consistency across applications.</p>
<p>The new state groups are:</p>
<ul>
<li><strong><code>:all</code></strong> - All job states</li>
<li><strong><code>:incomplete</code></strong> - Jobs that haven't
finished (<code>~w(available scheduled executing
retryable)a</code>)</li>
<li><strong><code>:scheduled</code></strong> - Only scheduled jobs
(<code>[:scheduled]</code>)</li>
<li><strong><code>:successful</code></strong> - Jobs that completed
successfully (<code>~w(available scheduled executing retryable
completed)a</code>)</li>
</ul>
<p>These groups eliminate the risk of accidentally creating incomplete
or incorrect state lists that could allow duplicate jobs to be created
when they shouldn't be, or prevent valid job creation when duplicates
should be allowed.</p>
<h2>🪺 Nested Plugin Supervision</h2>
<p>Plugins and the internal Stager are now nested within a secondary
supervision tree to improve system resilience and stability.</p>
<p>Previously, plugins were supervised directly under the main Oban
supervisor alongside core process. This meant that plugin failures could
potentially impact the entire Oban system, and frequent plugin restarts
could trigger cascading failures in the primary supervision tree.</p>
<p>The new supervisor has more lenient restart limits to allow for more
plugin restart attempts before giving up. This change makes Oban more
robust in production environments where plugins may experience transient
failures due to database or connectivity issues.</p>
<h2>v2.20.0 — 2025-08-13</h2>
<h3>Enhancements</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/oban-bg/oban/blob/main/CHANGELOG.md">oban's
changelog</a>.</em></p>
<blockquote>
<h2>v2.20.1 — 2025-08-15</h2>
<h3>Bug Fixes</h3>
<ul>
<li>
<p>[Worker] Handle missing fields in unique Worker validation.</p>
<p>Workers that specified <code>keys</code> without <code>fields</code>
would fail validation at compile time. Now
default values are considered for <code>use Oban.Worker</code> as well
as <code>Job.new/2</code>.</p>
</li>
</ul>
<h2>v2.20.0 — 2025-08-13</h2>
<h3>Enhancements</h3>
<ul>
<li>
<p><code>Migration</code> Add V13 migration for indexing cancelled and
discarded states.</p>
<p>A new V13 migration adds compound indexes to significantly improve
<code>Oban.Plugins.Pruner</code>
performance when cleaning up <code>discarded</code> and
<code>cancelled</code> jobs. This is especially beneficial for
applications that process large volumes of jobs and retain them for
extended periods.</p>
</li>
<li>
<p><code>Repo</code> Expose dynamic repo switching as
<code>with_dynamic_repo/2</code></p>
<p>The function was previously internal, which made impossible to use in
external modules or extend
upon. Now custom plugins and extensions can use
<code>Repo.with_dynamic_repo/2</code> to use the configured
dynamic repo options.</p>
</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>
<p>[Oban] Allow <code>insert_all/1,3</code> via Oban facade</p>
<p>The <code>insert_all/1</code> and <code>insert_all/3</code> function
variants were missing from the generated Oban
facade functions when using a named instance.</p>
</li>
<li>
<p>[Testing] Generate correct <code>perform_job/1,2,3</code>
clauses.</p>
<p>The <code>perform_job/2,3</code> clauses generated by <code>use
Oban.Testing</code> didn't handle the <code>perform_job/2</code>
variant designed to run jobs created with <code>build_job/3</code>. This
caused test failures when trying
to execute jobs built using the <code>build_job/3</code> helper
function.</p>
<p>The fix generates the missing <code>perform_job/2</code> clause along
with a convenient <code>perform_job/1</code>
variant, ensuring all testing scenarios work seamlessly regardless of
how jobs are constructed.</p>
</li>
<li>
<p>[Testing] Restrict inline execution to <code>available</code> and
<code>scheduled</code> states.</p>
<p>Jobs in the <code>completed</code> state or other non-runnable states
were incorrectly attempted by the
inline engine, potentially causing errors or unexpected behavior during
testing.</p>
</li>
<li>
<p>[Worker] Disallow <code>:keys</code> when <code>:fields</code>
doesn't contain <code>:args</code> or <code>:meta</code></p>
<p>Unique job configurations using <code>:keys</code> were allowed even
when <code>:fields</code> didn't include <code>:args</code>
or <code>:meta</code>, which would result in runtime errors since keys
can only extract values from these</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d177b524ad"><code>d177b52</code></a>
Release v2.20.1</li>
<li><a
href="74756b3269"><code>74756b3</code></a>
Handle missing fields in Worker unique</li>
<li><a
href="65016963a8"><code>6501696</code></a>
Release v2.20.0</li>
<li><a
href="baec2df2ef"><code>baec2df</code></a>
Bump actions/checkout from 4 to 5 (<a
href="https://redirect.github.com/oban-bg/oban/issues/1331">#1331</a>)</li>
<li><a
href="215981e3bb"><code>215981e</code></a>
Restrict inline execution to available/scheduled</li>
<li><a
href="f2c26cc147"><code>f2c26cc</code></a>
Remove commented out dead code from installer</li>
<li><a
href="d07f740f29"><code>d07f740</code></a>
Bump the production-dependencies group with 2 updates (<a
href="https://redirect.github.com/oban-bg/oban/issues/1328">#1328</a>)</li>
<li><a
href="0d462e9d51"><code>0d462e9</code></a>
Fix duplicate word typo (<a
href="https://redirect.github.com/oban-bg/oban/issues/1327">#1327</a>)</li>
<li><a
href="d1124e68df"><code>d1124e6</code></a>
Bump the production-dependencies group with 2 updates (<a
href="https://redirect.github.com/oban-bg/oban/issues/1325">#1325</a>)</li>
<li><a
href="902d8c9b97"><code>902d8c9</code></a>
Nest plugins within a secondary supervision tree</li>
<li>Additional commits viewable in <a
href="https://github.com/oban-bg/oban/compare/v2.19.4...v2.20.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [hackney](https://github.com/benoitc/hackney) from 1.24.1 to
1.25.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/hackney/releases">hackney's
releases</a>.</em></p>
<blockquote>
<h2>1.25.0 - 2025-07-24</h2>
<p><strong>IMPORTANT CHANGE</strong></p>
<ul>
<li>
<p>change: <code>insecure_basic_auth</code> now defaults to
<code>true</code> instead of <code>false</code></p>
<p>This restores backward compatibility with pre-1.24.0 behavior where
basic auth
was allowed over HTTP connections. If you need strict HTTPS-only basic
auth:</p>
<ul>
<li>Set globally: <code>application:set_env(hackney,
insecure_basic_auth, false)</code></li>
<li>Or per-request: <code>{insecure_basic_auth, false}</code> in
options</li>
</ul>
</li>
</ul>
<p>Hex.pm : <a
href="https://hex.pm/packages/hackney/1.25.0">https://hex.pm/packages/hackney/1.25.0</a>
Doc: <a
href="https://hexdocs.pm/hackney/readme.html">https://hexdocs.pm/hackney/readme.html</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/hackney/blob/master/NEWS.md">hackney's
changelog</a>.</em></p>
<blockquote>
<h2>1.25.0 - 2025-07-24</h2>
<p>** IMPORTANT CHANGE **</p>
<ul>
<li>
<p>change: <code>insecure_basic_auth</code> now defaults to
<code>true</code> instead of <code>false</code></p>
<p>This restores backward compatibility with pre-1.24.0 behavior where
basic auth
was allowed over HTTP connections. If you need strict HTTPS-only basic
auth:</p>
<ul>
<li>Set globally: <code>application:set_env(hackney,
insecure_basic_auth, false)</code></li>
<li>Or per-request: <code>{insecure_basic_auth, false}</code> in
options</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8c00789e41"><code>8c00789</code></a>
Merge pull request <a
href="https://redirect.github.com/benoitc/hackney/issues/778">#778</a>
from benoitc/insecure-basic-auth-default-true</li>
<li><a
href="a1d4108541"><code>a1d4108</code></a>
change insecure_basic_auth default to true</li>
<li><a
href="e2bbdf741e"><code>e2bbdf7</code></a>
bump unicode compat lib</li>
<li><a
href="3b901a6cf8"><code>3b901a6</code></a>
update readme</li>
<li>See full diff in <a
href="https://github.com/benoitc/hackney/compare/1.24.1...1.25.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logger_json](https://github.com/Nebo15/logger_json) from 7.0.3 to
7.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Nebo15/logger_json/releases">logger_json's
releases</a>.</em></p>
<blockquote>
<h2>7.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Add indentation to the code snippet for docs by <a
href="https://github.com/RudolfMan"><code>@RudolfMan</code></a> in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/160">Nebo15/logger_json#160</a></li>
<li>Google Cloud: Handle non-binary values in
<code>format_affected_user/1</code> by <a
href="https://github.com/raulpe7eira"><code>@raulpe7eira</code></a> in
<a
href="https://redirect.github.com/Nebo15/logger_json/pull/161">Nebo15/logger_json#161</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Nebo15/logger_json/compare/7.0.3...7.0.4">https://github.com/Nebo15/logger_json/compare/7.0.3...7.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1524672b6c"><code>1524672</code></a>
Bump version</li>
<li><a
href="88a149b0ac"><code>88a149b</code></a>
fix(google-cloud): <code>format_affected_user/1</code> with non-binary
values (<a
href="https://redirect.github.com/Nebo15/logger_json/issues/161">#161</a>)</li>
<li><a
href="6e7768060e"><code>6e77680</code></a>
Add indentation to the code snippet for docs (<a
href="https://redirect.github.com/Nebo15/logger_json/issues/160">#160</a>)</li>
<li>See full diff in <a
href="https://github.com/Nebo15/logger_json/compare/7.0.3...7.0.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [postgrex](https://github.com/elixir-ecto/postgrex) from 0.20.0 to
0.21.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md">postgrex's
changelog</a>.</em></p>
<blockquote>
<h2>v0.21.0 (2025-07-31)</h2>
<p>This release requires Erlang/OTP 25+</p>
<ul>
<li>
<p>Enhancements</p>
<ul>
<li>Add query timeout option on ReplicationConnection</li>
</ul>
</li>
<li>
<p>Bug fixes</p>
<ul>
<li>PGHOST option does not override explicitly given endpoint
configuration</li>
<li>Add ltxtquery support</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/elixir-ecto/postgrex/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sentry](https://github.com/getsentry/sentry-elixir) from 10.10.0
to 11.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/releases">sentry's
releases</a>.</em></p>
<blockquote>
<h2>11.0.2</h2>
<h3>Bug fixes</h3>
<ul>
<li>Deeply nested spans are handled now when building up traces in
<code>SpanProcessor</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/924">#924</a>)</li>
</ul>
<h4>Various improvements</h4>
<ul>
<li>Span's attributes no longer include <code>db.url:
"ecto:"</code> entries as they are now filtered out (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/925">#925</a>)</li>
</ul>
<h2>11.0.1</h2>
<h4>Various improvements</h4>
<ul>
<li><code>Sentry.OpenTelemetry.Sampler</code> now works with an empty
config (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/915">#915</a>)</li>
</ul>
<h2>11.0.0</h2>
<p>This release comes with a beta support for Traces using OpenTelemetry
- please test it out and report any issues you find.</p>
<h3>New features</h3>
<ul>
<li>
<p>Beta support for Traces using OpenTelemetry (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/902">#902</a>)</p>
<p>To enable Tracing in your Phoenix application, you need to add the
following to your <code>mix.exs</code>:</p>
<pre lang="elixir"><code>def deps do
[
# ...
{:sentry, "~> 11.0.0"},
{:opentelemetry, "~> 1.5"},
{:opentelemetry_api, "~> 1.4"},
{:opentelemetry_exporter, "~> 1.0"},
{:opentelemetry_semantic_conventions, "~> 1.27"},
{:opentelemetry_phoenix, "~> 2.0"},
{:opentelemetry_ecto, "~> 1.2"},
# ...
]
</code></pre>
<p>And then configure Tracing in Sentry and OpenTelemetry in your
<code>config.exs</code>:</p>
<pre lang="elixir"><code>config :sentry,
# ...
traces_sample_rate: 1.0 # any value between 0 and 1.0 enables tracing
<p>config :opentelemetry, span_processor:
{Sentry.OpenTelemetry.SpanProcessor, []}
config :opentelemetry, sampler: {Sentry.OpenTelemetry.Sampler, [drop:
[]]}
</code></pre></p>
</li>
<li>
<p>Add installer (based on Igniter) (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/876">#876</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/blob/master/CHANGELOG.md">sentry's
changelog</a>.</em></p>
<blockquote>
<h2>11.0.2</h2>
<h3>Bug fixes</h3>
<ul>
<li>Deeply nested spans are handled now when building up traces in
<code>SpanProcessor</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/924">#924</a>)</li>
</ul>
<h4>Various improvements</h4>
<ul>
<li>Span's attributes no longer include <code>db.url:
"ecto:"</code> entries as they are now filtered out (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/925">#925</a>)</li>
</ul>
<h2>11.0.1</h2>
<h4>Various improvements</h4>
<ul>
<li><code>Sentry.OpenTelemetry.Sampler</code> now works with an empty
config (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/915">#915</a>)</li>
</ul>
<h2>11.0.0</h2>
<p>This release comes with a beta support for Traces using OpenTelemetry
- please test it out and report any issues you find.</p>
<h3>New features</h3>
<ul>
<li>
<p>Beta support for Traces using OpenTelemetry (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/902">#902</a>)</p>
<p>To enable Tracing in your Phoenix application, you need to add the
following to your <code>mix.exs</code>:</p>
<pre lang="elixir"><code>def deps do
[
# ...
{:sentry, "~> 11.0.0"},
{:opentelemetry, "~> 1.5"},
{:opentelemetry_api, "~> 1.4"},
{:opentelemetry_exporter, "~> 1.0"},
{:opentelemetry_semantic_conventions, "~> 1.27"},
{:opentelemetry_phoenix, "~> 2.0"},
{:opentelemetry_ecto, "~> 1.2"},
# ...
]
</code></pre>
<p>And then configure Tracing in Sentry and OpenTelemetry in your
<code>config.exs</code>:</p>
<pre lang="elixir"><code>config :sentry,
# ...
traces_sample_rate: 1.0 # any value between 0 and 1.0 enables tracing
<p>config :opentelemetry, span_processor:
{Sentry.OpenTelemetry.SpanProcessor, []}
config :opentelemetry, sampler: {Sentry.OpenTelemetry.Sampler, []}
</code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b142174df9"><code>b142174</code></a>
release: 11.0.2</li>
<li><a
href="f43055b8ca"><code>f43055b</code></a>
Update CHANGELOG for 11.0.2 (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/926">#926</a>)</li>
<li><a
href="ee512d3bf6"><code>ee512d3</code></a>
Filter out empty db.url from span's attributes (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/925">#925</a>)</li>
<li><a
href="6809aaa68c"><code>6809aaa</code></a>
Fix handling of spans at 2+ levels (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/924">#924</a>)</li>
<li><a
href="b7e16798d3"><code>b7e1679</code></a>
Improve event callback docs (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/922">#922</a>)</li>
<li><a
href="97d0382418"><code>97d0382</code></a>
Merge branch 'release/11.0.1'</li>
<li><a
href="738fc763cd"><code>738fc76</code></a>
release: 11.0.1</li>
<li><a
href="ab58c0ef6b"><code>ab58c0e</code></a>
Update CHANGELOG (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/917">#917</a>)</li>
<li><a
href="028ce18841"><code>028ce18</code></a>
handle nil drop list (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/915">#915</a>)</li>
<li><a
href="5850c73a96"><code>5850c73</code></a>
Merge branch 'release/11.0.0'</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-elixir/compare/10.10.0...11.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [hammer](https://github.com/ExHammer/hammer) from 7.0.1 to 7.1.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ExHammer/hammer/blob/master/CHANGELOG.md">hammer's
changelog</a>.</em></p>
<blockquote>
<h2>7.1.0 - 2025-07-18</h2>
<ul>
<li>Fix key type inconsistency in backend implementations - all backends
now accept <code>term()</code> keys instead of <code>String.t()</code>
(<a
href="https://redirect.github.com/ExHammer/hammer/issues/143">#143</a>)</li>
<li>Add comprehensive test coverage for various key types (atoms,
tuples, integers, lists, maps)</li>
<li>Fix race conditions in atomic backend tests (FixWindow, LeakyBucket,
TokenBucket)</li>
<li>Replace timing-dependent tests with polling-based
<code>eventually</code> helper for better CI reliability</li>
<li>Add documentation warning about Redis backend string key
requirement</li>
<li>Fix typo in <code>inc/3</code> optional callback documentation (<a
href="https://redirect.github.com/ExHammer/hammer/issues/142">#142</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a57bdecdc1"><code>a57bdec</code></a>
improve changelog last commit (<a
href="https://redirect.github.com/ExHammer/hammer/issues/145">#145</a>)</li>
<li><a
href="bb061c5334"><code>bb061c5</code></a>
Bump version to 7.1.0 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/144">#144</a>)</li>
<li><a
href="7d7967f898"><code>7d7967f</code></a>
Fix key type inconsistency in backend implementations (<a
href="https://redirect.github.com/ExHammer/hammer/issues/143">#143</a>)</li>
<li><a
href="94d39525e8"><code>94d3952</code></a>
Fixes typo for inc/3 optional callback <code>@doc</code> (<a
href="https://redirect.github.com/ExHammer/hammer/issues/142">#142</a>)</li>
<li><a
href="79ca221876"><code>79ca221</code></a>
Bump benchee from 1.3.1 to 1.4.0 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/135">#135</a>)</li>
<li><a
href="a09bbd0d42"><code>a09bbd0</code></a>
Bump ex_doc from 0.37.3 to 0.38.2 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/141">#141</a>)</li>
<li><a
href="d06a17b6be"><code>d06a17b</code></a>
Bump credo from 1.7.11 to 1.7.12 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/134">#134</a>)</li>
<li><a
href="26df742620"><code>26df742</code></a>
Update bug_report.md (<a
href="https://redirect.github.com/ExHammer/hammer/issues/133">#133</a>)</li>
<li><a
href="b8765fe216"><code>b8765fe</code></a>
Bump ex_doc from 0.37.2 to 0.37.3 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/131">#131</a>)</li>
<li>See full diff in <a
href="https://github.com/ExHammer/hammer/compare/7.0.1...7.1.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[telemetry_poller](https://github.com/beam-telemetry/telemetry_poller)
from 1.2.0 to 1.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/beam-telemetry/telemetry_poller/blob/main/CHANGELOG.md">telemetry_poller's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/beam-telemetry/telemetry_poller/tree/v1.3.0">1.3.0</a></h2>
<h3>Added</h3>
<ul>
<li>Add <code>atom_limit</code>, <code>process_limit</code>, and
<code>port_limit</code> measurements to the <code>[vm,
system_counts]</code> event. (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/79">#79</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6d5c98f580"><code>6d5c98f</code></a>
Release v1.3.0</li>
<li><a
href="411675d8ed"><code>411675d</code></a>
Add vm.system_counts measurements with atom, port, process limits (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/79">#79</a>)</li>
<li><a
href="fefb3e9053"><code>fefb3e9</code></a>
Fix incorrect GitHub CI badge URL (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/78">#78</a>)</li>
<li><a
href="f5a3a389a7"><code>f5a3a38</code></a>
Mention persistent_term in the README (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/77">#77</a>)</li>
<li><a
href="8e8148f774"><code>8e8148f</code></a>
Fix docs</li>
<li>See full diff in <a
href="https://github.com/beam-telemetry/telemetry_poller/compare/v1.2.0...v1.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [phoenix_ecto](https://github.com/phoenixframework/phoenix_ecto)
from 4.6.4 to 4.6.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_ecto/blob/main/CHANGELOG.md">phoenix_ecto's
changelog</a>.</em></p>
<blockquote>
<h2>v4.6.5</h2>
<ul>
<li>Bug fixes
<ul>
<li>Unallow existing allowances when attempting to allow a Plug to
access a connection</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/phoenixframework/phoenix_ecto/commits/v4.6.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [nimble_csv](https://github.com/dashbitco/nimble_csv) from 1.2.0
to 1.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dashbitco/nimble_csv/blob/master/CHANGELOG.md">nimble_csv's
changelog</a>.</em></p>
<blockquote>
<h2>v1.3.0 (2025-06-24)</h2>
<ul>
<li>Require Elixir 1.15+</li>
<li>Add <code>generated: true</code> to <code>newlines_separator</code>
macro</li>
<li>Fix warnings on Elixir 1.20+</li>
<li>Document OWASP official recommendations for CSV injections</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2fc3cbf4b5"><code>2fc3cbf</code></a>
Release v1.3.0</li>
<li><a
href="1c3b383dd9"><code>1c3b383</code></a>
Update ex_doc</li>
<li><a
href="da38c6ac6b"><code>da38c6a</code></a>
Document OWASP official recommendations for CSV injections (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/86">#86</a>)</li>
<li><a
href="2b4a5e0da6"><code>2b4a5e0</code></a>
Support Elixir 1.18 in CI (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/84">#84</a>)</li>
<li><a
href="020ea8297e"><code>020ea82</code></a>
Update docs</li>
<li><a
href="106e298ec7"><code>106e298</code></a>
Fix warnings on Elixir 1.20+ (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/83">#83</a>)</li>
<li><a
href="57e0858100"><code>57e0858</code></a>
CI housekeeping (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/82">#82</a>)</li>
<li><a
href="8cf912e204"><code>8cf912e</code></a>
Add generated to newlines_separator macro (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/81">#81</a>)</li>
<li><a
href="3b2e2f7f2a"><code>3b2e2f7</code></a>
Document parse error, closes <a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/78">#78</a></li>
<li><a
href="0b2390440a"><code>0b23904</code></a>
Add benchmarks using benchee (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/76">#76</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dashbitco/nimble_csv/compare/v1.2.0...v1.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [mix_audit](https://github.com/mirego/mix_audit) from 2.1.4 to
2.1.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mirego/mix_audit/blob/main/CHANGELOG.md">mix_audit's
changelog</a>.</em></p>
<blockquote>
<h2>2.1.5 (2025-06-09)</h2>
<ul>
<li>Update dependencies</li>
<li>Use <code>System.stop/1</code> instead of
<code>System.halt/1</code></li>
<li>Use <code>System.user_home()</code> instead of
<code>System.get_env("HOME")</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a3a6c1cbf4"><code>a3a6c1c</code></a>
v2.1.5</li>
<li><a
href="aa630f7e91"><code>aa630f7</code></a>
Update CHANGELOG.md</li>
<li><a
href="14f3511a92"><code>14f3511</code></a>
Bump ex_doc from 0.38.1 to 0.38.2</li>
<li><a
href="14698645b0"><code>1469864</code></a>
refactor: use <code>System.stop/1</code> to enable caller to rescue
tasks</li>
<li><a
href="5b43bcb989"><code>5b43bcb</code></a>
Bump ex_doc from 0.37.3 to 0.38.1</li>
<li><a
href="572a0bfdb3"><code>572a0bf</code></a>
Bump ex_doc from 0.34.2 to 0.37.3</li>
<li><a
href="7247db4543"><code>7247db4</code></a>
Bump jason from 1.4.3 to 1.4.4</li>
<li><a
href="11580d4125"><code>11580d4</code></a>
Change home to platform independent function</li>
<li><a
href="41c96c476a"><code>41c96c4</code></a>
Revert a commit that was temporary to test something locally 🤦♂️</li>
<li><a
href="876645af75"><code>876645a</code></a>
Use latest Ubuntu and support Elixir 1.18 and 1.17 in CI</li>
<li>Additional commits viewable in <a
href="https://github.com/mirego/mix_audit/compare/v2.1.4...v2.1.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ecto_sql](https://github.com/elixir-ecto/ecto_sql) from 3.12.1 to
3.13.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-ecto/ecto_sql/blob/master/CHANGELOG.md">ecto_sql's
changelog</a>.</em></p>
<blockquote>
<h2>v3.13.2 (2025-06-24)</h2>
<h3>Enhancements</h3>
<ul>
<li>[sandbox] Allow passing through opts in
<code>Ecto.Adapters.SQL.Sandbox.allow/4</code> calls</li>
<li>[sql] Add support for <code>ON DELETE SET DEFAULT</code></li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[postgres] Fix nested array generated time columns</li>
</ul>
<h2>v3.13.1 (2025-06-20)</h2>
<h3>Bug fixes</h3>
<ul>
<li>[postgres] Fix nested array generated columns</li>
</ul>
<h2>v3.13.0 (2025-06-18)</h2>
<h3>Enhancements</h3>
<ul>
<li>[Ecto.Migration] Add support for index directions</li>
<li>[sql] Support <code>:log_stacktrace_mfa</code> for filtering or
modifying stacktrace-derived info in query logs</li>
<li>[mysql] Support arrays using JSON for MariaDB</li>
<li>[mysql] Allow to specify <code>:prepare</code> per operation</li>
<li>[postgres] Add support for collations in Postgres</li>
<li>[postgres] Allow source fields in
<code>json_extract_path</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cf5080c1a4"><code>cf5080c</code></a>
Release v3.13.2</li>
<li><a
href="b87638180f"><code>b876381</code></a>
Refactor generated handling in column_type</li>
<li><a
href="62603f88b6"><code>62603f8</code></a>
Fix generated nested time array (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/680">#680</a>)</li>
<li><a
href="701c99e97f"><code>701c99e</code></a>
Add support for <code>ON DELETE SET DEFAULT</code> (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/677">#677</a>)</li>
<li><a
href="79590224dc"><code>7959022</code></a>
Allow passing through opts in Ecto.Adapters.SQL.Sandbox.allow/4 calls
(<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/678">#678</a>)</li>
<li><a
href="22c71121b7"><code>22c7112</code></a>
Release v3.13.1</li>
<li><a
href="35e27985ec"><code>35e2798</code></a>
Fix nested array generated columns (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/676">#676</a>)</li>
<li><a
href="955f0fbf8f"><code>955f0fb</code></a>
Release v3.13.0</li>
<li><a
href="aa9a3291f7"><code>aa9a329</code></a>
Remove unused argument from private helper (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/672">#672</a>)</li>
<li><a
href="3084d7150d"><code>3084d71</code></a>
Better docs for Repos that use <code>Ecto.Adapters.SQL.Adapter</code>
(<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/671">#671</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/elixir-ecto/ecto_sql/compare/v3.12.1...v3.13.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Why:
* Adding some simple logging around OIDC calls to help with better
debugging.
* Removing the `opentelemetry_liveview` package as it has been pulled in
to the `opentelemetry_phoenix` package that we are already using.
Bumps [esbuild](https://github.com/phoenixframework/esbuild) from 0.9.0
to 0.10.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/esbuild/blob/main/CHANGELOG.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h2>v0.10.0 (2025-05-27)</h2>
<ul>
<li>Automatically join environment variables specified as lists using
the
correct <code>PATH</code> separator. For example:
<pre lang="elixir"><code>config :esbuild,
my_profile: [
...
env: %{
"NODE_PATH" => [Path.expand("../deps", __DIR__),
Mix.Project.build_path()]
}
]
</code></pre>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="86f43046c0"><code>86f4304</code></a>
release v0.10.0</li>
<li><a
href="c891ea2560"><code>c891ea2</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/esbuild/issues/78">#78</a>
from phoenixframework/sd-path-sep</li>
<li><a
href="6f8b4dffe6"><code>6f8b4df</code></a>
join all lists</li>
<li><a
href="e818a27858"><code>e818a27</code></a>
update CI</li>
<li><a
href="809c25fd07"><code>809c25f</code></a>
support passing NODE_PATH as list</li>
<li>See full diff in <a
href="https://github.com/phoenixframework/esbuild/compare/v0.9.0...v0.10.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view)
from 1.0.14 to 1.0.17.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_live_view/blob/v1.0.17/CHANGELOG.md">phoenix_live_view's
changelog</a>.</em></p>
<blockquote>
<h2>1.0.17 (2025-06-04)</h2>
<h3>Bug fixes</h3>
<ul>
<li>Fix <code><select></code> elements not being included in form
recovery (regression in 1.0.14; <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3831">#3831</a>)</li>
<li>Fix events from destroyed child LiveViews being accidentally sent to
the parent LiveView instead</li>
</ul>
<h2>1.0.16 (2025-06-04)</h2>
<h3>Bug fixes</h3>
<ul>
<li>Fix <code>Phoenix.Component.focus_wrap/1</code> running into an
infinite JavaScript recursion (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3828">#3828</a>)</li>
</ul>
<h2>1.0.15 (2025-06-02)</h2>
<h3>Bug fixes</h3>
<ul>
<li>Fix accumulation of empty text nodes inside
<code>phx-update="stream"</code> containers (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3784">#3784</a>).
This could lead to exponential memory growth when the stream container
was part of a
form with concurrent updates.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4aa2242f72"><code>4aa2242</code></a>
release v1.0.17</li>
<li><a
href="567ac1d02b"><code>567ac1d</code></a>
Update assets</li>
<li><a
href="396e1ea13b"><code>396e1ea</code></a>
Update assets</li>
<li><a
href="35881d59e3"><code>35881d5</code></a>
backport fix for <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3831">#3831</a></li>
<li><a
href="b7f82d42c1"><code>b7f82d4</code></a>
release v1.0.16</li>
<li><a
href="8968180a8d"><code>8968180</code></a>
Update assets</li>
<li><a
href="da5f6d63fe"><code>da5f6d6</code></a>
backport <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3829">#3829</a></li>
<li><a
href="d173d241c9"><code>d173d24</code></a>
release v1.0.15</li>
<li><a
href="c1497e9fa7"><code>c1497e9</code></a>
Update assets</li>
<li><a
href="ff5a6b0238"><code>ff5a6b0</code></a>
backport <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3824">#3824</a></li>
<li>See full diff in <a
href="https://github.com/phoenixframework/phoenix_live_view/compare/v1.0.14...v1.0.17">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sobelow](https://github.com/sobelow/sobelow) from 0.13.0 to
0.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sobelow/sobelow/releases">sobelow's
releases</a>.</em></p>
<blockquote>
<h2>v0.14.0</h2>
<ul>
<li>Removed
<ul>
<li>Support for minimum Elixir versions 1.7 - 1.11 (<strong>POTENTIALLY
BREAKING</strong> - only applies if you relied on Elixir 1.7 through
1.11, 1.12+ is still supported)</li>
</ul>
</li>
<li>Enhancements
<ul>
<li>Added support for multiple variations of
<code>SQL.query()</code></li>
<li>Added support for `System.shell' command introduced in Elixir
v1.12</li>
<li>Ignore runtime config during <code>Config.HSTS</code></li>
<li>Updated developer dependencies (<code>ex_doc</code> &
<code>credo</code>)</li>
</ul>
</li>
<li>Bug fixes
<ul>
<li>Fixed <code>is_endpoint?</code> error in main</li>
<li>Fixed findings normalization bug</li>
<li>Fixed truncation error</li>
</ul>
</li>
<li>Misc
<ul>
<li>GitHub Actions test matrix updated (hence the large drop in support
for old Elixir versions)</li>
<li>Addressed compiler warnings from Elixir v1.18.x</li>
<li>Moved from <code>master</code> branch to <code>main</code></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sobelow/sobelow/blob/main/CHANGELOG.md">sobelow's
changelog</a>.</em></p>
<blockquote>
<h2>v0.14.0</h2>
<ul>
<li>Removed
<ul>
<li>Support for minimum Elixir versions 1.7 - 1.11 (<strong>POTENTIALLY
BREAKING</strong> - only applies if you relied on Elixir 1.7 through
1.11, 1.12+ is still supported)</li>
</ul>
</li>
<li>Enhancements
<ul>
<li>Added support for multiple variations of
<code>SQL.query()</code></li>
<li>Added support for `System.shell' command introduced in Elixir
v1.12</li>
<li>Ignore runtime config during <code>Config.HSTS</code></li>
<li>Updated developer dependencies (<code>ex_doc</code> &
<code>credo</code>)</li>
</ul>
</li>
<li>Bug fixes
<ul>
<li>Fixed <code>is_endpoint?</code> error in main</li>
<li>Fixed findings normalization bug</li>
<li>Fixed truncation error</li>
</ul>
</li>
<li>Misc
<ul>
<li>GitHub Actions test matrix updated (hence the large drop in support
for old Elixir versions)</li>
<li>Addressed compiler warnings from Elixir v1.18.x</li>
<li>Moved from <code>master</code> branch to <code>main</code></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d1ba5432c5"><code>d1ba543</code></a>
version bump - 0.14.0 (<a
href="https://redirect.github.com/sobelow/sobelow/issues/5">#5</a>)</li>
<li><a
href="527d1c5420"><code>527d1c5</code></a>
Merge upstream pr 175 (<a
href="https://redirect.github.com/sobelow/sobelow/issues/4">#4</a>)</li>
<li><a
href="db26dcd636"><code>db26dcd</code></a>
Updated default branch to 'main' (<a
href="https://redirect.github.com/sobelow/sobelow/issues/3">#3</a>)</li>
<li><a
href="6ff224478a"><code>6ff2244</code></a>
Removed deprecated OTP versions and bumped minimum supported Sobelow
version ...</li>
<li><a
href="c1ddd3242e"><code>c1ddd32</code></a>
Minor tweaks (<a
href="https://redirect.github.com/sobelow/sobelow/issues/1">#1</a>)</li>
<li><a
href="9302f842b7"><code>9302f84</code></a>
Merge upstream PR <a
href="https://redirect.github.com/sobelow/sobelow/issues/174">#174</a>:
Fixed typespec-warning</li>
<li><a
href="7a2435ebc0"><code>7a2435e</code></a>
Merge PR <a
href="https://redirect.github.com/sobelow/sobelow/issues/173">#173</a>
from upstream by <a
href="https://github.com/camdencheek"><code>@camdencheek</code></a>:
Add plug params support</li>
<li><a
href="adf482f59c"><code>adf482f</code></a>
Fixed typespec-warning</li>
<li><a
href="0e89405e14"><code>0e89405</code></a>
fix possible KeyError</li>
<li><a
href="b47ad2fbdd"><code>b47ad2f</code></a>
Ignore HSTS check in Runtime Config (<a
href="https://redirect.github.com/sobelow/sobelow/issues/166">#166</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sobelow/sobelow/compare/v0.13.0...v0.14.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [gen_smtp](https://github.com/gen-smtp/gen_smtp) from 1.2.0 to
1.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gen-smtp/gen_smtp/releases">gen_smtp's
releases</a>.</em></p>
<blockquote>
<h2>1.3.0</h2>
<p>This release marks significant improvements in stability, compliance
with current OTP versions, and enhanced capabilities with the addition
of LMTP support.</p>
<h2>Features</h2>
<ul>
<li>
<p><strong>Add LMTP support to the gen_smtp_client</strong><br />
<em>Author: Pablo Willian Suchewschy</em><br />
This addition includes support for the LMTP protocol, along with a
dedicated test for the LMTP client.</p>
</li>
<li>
<p><strong>Document socket options</strong><br />
<em>Author: Oneric</em><br />
Updated documentation to clarify that <code>tls_options</code> is no
longer filtered and to explain the use of socket options for newer OTP
releases.</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>
<p><strong>Fix issues with gen_smtp_server_session compilation on
OTP-28</strong><br />
<em>Author: Marc Worrell</em><br />
Resolved a compilation error for <code>gen_smtp_server_session</code> on
OTP-28. This commit also includes updates to GitHub actions and CI
environments by removing older OTP versions.</p>
</li>
<li>
<p><strong>Allow sender to immediately hang up after QUIT
message</strong><br />
<em>Author: Marc Worrell</em><br />
Introduced the ability for the sender to terminate the session
immediately after sending a QUIT message.</p>
</li>
<li>
<p><strong>Fix DATA response in smtp_server_example</strong><br />
<em>Author: ts-klassen</em><br />
Addressed errors in the DATA response handling within the
smtp_server_example.</p>
</li>
<li>
<p><strong>Fix OTP 26 compilation failure</strong><br />
<em>Author: Thanabodee Charoenpiriyakij</em><br />
Corrected type specifications in <code>handle_error</code> to resolve
compilation issues with OTP 26.</p>
</li>
<li>
<p><strong>Fix source links in documentation</strong><br />
<em>Author: Adam Millerchip</em><br />
Updated documentation links to ensure they direct correctly to relevant
sources.</p>
</li>
<li>
<p><strong>Correct README instructions for IPv6 launching</strong><br />
<em>Author: rdtq</em><br />
Adjusted instructions to better clarify how to launch the server on
IPv6.</p>
</li>
<li>
<p><strong>Fix parameter value encoding</strong><br />
<em>Authors: Maria Scott & Jan Uhlig</em><br />
Corrected parameter value encoding issues for better functionality.</p>
</li>
<li>
<p><strong>Fix CI environment compatibility</strong><br />
<em>Author: Chris Wögi</em><br />
Modified the CI setup to ensure that it functions correctly given that
OTP 23 is not available on Ubuntu 22.04.</p>
</li>
<li>
<p><strong>Various improvements and simplifications</strong><br />
<em>Author: Marc Worrell</em><br />
Streamlined various implementations, including simplifying code related
to message sending.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="68ab11101a"><code>68ab111</code></a>
Bump version to 1.3.0</li>
<li><a
href="a48929deeb"><code>a48929d</code></a>
Fix an issue where gen_smtp_server_session did not compile on OTP-28 (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/353">#353</a>)</li>
<li><a
href="185c54dbd6"><code>185c54d</code></a>
Simplify try_send code (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/345">#345</a>)</li>
<li><a
href="bd7fae350d"><code>bd7fae3</code></a>
Allow sender to immediately hangup after QUIT message (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/344">#344</a>)</li>
<li><a
href="da7893dbe5"><code>da7893d</code></a>
smtp_server_example: fix DATA response (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/338">#338</a>)</li>
<li><a
href="21c3e247a6"><code>21c3e24</code></a>
Fix docs source links (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/330">#330</a>)</li>
<li><a
href="e4cd410668"><code>e4cd410</code></a>
Document sockopts (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/335">#335</a>)</li>
<li><a
href="15e969d06a"><code>15e969d</code></a>
hookup.email is using gen_smtp (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/333">#333</a>)</li>
<li><a
href="ac4f8bafdc"><code>ac4f8ba</code></a>
Fix OTP 26 compilation failure (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/325">#325</a>)</li>
<li><a
href="17b161613e"><code>17b1616</code></a>
Add OTP 25 (<a
href="https://redirect.github.com/gen-smtp/gen_smtp/issues/326">#326</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/gen-smtp/gen_smtp/compare/1.2.0...1.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view)
from 1.0.12 to 1.0.14.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_live_view/blob/v1.0.14/CHANGELOG.md">phoenix_live_view's
changelog</a>.</em></p>
<blockquote>
<h2>1.0.14 (2025-05-30)</h2>
<h3>Bug fixes</h3>
<ul>
<li>Ensure <code>_unused</code> parameters are sent correctly during
form recovery (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/pull/3809">#3809</a>)</li>
<li>Fix form recovery failing and blocking updates when a form does not
have any inputs (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3818">#3818</a>)</li>
</ul>
<h2>1.0.13 (2025-05-28)</h2>
<h3>Bug fixes</h3>
<ul>
<li>Ensure submitter value is sent when submitting a form with
<code>phx-trigger-action</code> (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/pull/3815">#3815</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34e0634d1c"><code>34e0634</code></a>
release v1.0.14</li>
<li><a
href="cb37eb1266"><code>cb37eb1</code></a>
Update assets</li>
<li><a
href="9c8be3e96c"><code>9c8be3e</code></a>
backport <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3821">#3821</a></li>
<li><a
href="8d417129e1"><code>8d41712</code></a>
backport <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3816">#3816</a></li>
<li><a
href="1c4cec573a"><code>1c4cec5</code></a>
release v1.0.13</li>
<li><a
href="11c99906f3"><code>11c9990</code></a>
Update form-bindings.md to add a note about known limitations of
phx-disable-...</li>
<li><a
href="8bca18692b"><code>8bca186</code></a>
Add section for preventing form submission in the form bindings guide
(<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3798">#3798</a>)</li>
<li><a
href="f29bbc572c"><code>f29bbc5</code></a>
Improve doc links betweens <code>async result/1</code> and
<code>assign_async/4</code> (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3803">#3803</a>)</li>
<li><a
href="1ab79c9c8e"><code>1ab79c9</code></a>
fix live_reload_test on OTP 28</li>
<li><a
href="a819547247"><code>a819547</code></a>
Update assets</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/phoenix_live_view/compare/v1.0.12...v1.0.14">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[opentelemetry_logger_metadata](https://github.com/salemove/opentelemetry_logger_metadata)
from 0.1.0 to 0.2.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/salemove/opentelemetry_logger_metadata/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logger_json](https://github.com/Nebo15/logger_json) from 7.0.2 to
7.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Nebo15/logger_json/releases">logger_json's
releases</a>.</em></p>
<blockquote>
<h2>7.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Format <code>metadata[:file]</code> as string in
<code>Formatters.Basic</code> by <a
href="https://github.com/smaximov"><code>@smaximov</code></a> in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/159">Nebo15/logger_json#159</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/smaximov"><code>@smaximov</code></a>
made their first contribution in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/159">Nebo15/logger_json#159</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Nebo15/logger_json/compare/7.0.2...7.0.3">https://github.com/Nebo15/logger_json/compare/7.0.2...7.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a0436795e1"><code>a043679</code></a>
Bump version</li>
<li><a
href="6d524a5577"><code>6d524a5</code></a>
Format <code>metadata[:file]</code> as string in
<code>Formatters.Basic</code> (<a
href="https://redirect.github.com/Nebo15/logger_json/issues/159">#159</a>)</li>
<li>See full diff in <a
href="https://github.com/Nebo15/logger_json/compare/7.0.2...7.0.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [phoenix_ecto](https://github.com/phoenixframework/phoenix_ecto)
from 4.6.3 to 4.6.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_ecto/blob/main/CHANGELOG.md">phoenix_ecto's
changelog</a>.</em></p>
<blockquote>
<h2>v4.6.4</h2>
<ul>
<li>Enhancements
<ul>
<li>Wrap raised Ecto exceptions so context is not lost</li>
<li>Do not override changeset actions</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/phoenixframework/phoenix_ecto/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [workos](https://github.com/workos/workos-elixir) from 1.1.0 to
1.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/workos/workos-elixir/releases">workos's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update WorkOS Dependency Version in Readme by <a
href="https://github.com/matthew-kerle"><code>@matthew-kerle</code></a>
in <a
href="https://redirect.github.com/workos/workos-elixir/pull/65">workos/workos-elixir#65</a></li>
<li>Fix types n cast by <a
href="https://github.com/apoorv-2204"><code>@apoorv-2204</code></a> in
<a
href="https://redirect.github.com/workos/workos-elixir/pull/63">workos/workos-elixir#63</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/matthew-kerle"><code>@matthew-kerle</code></a>
made their first contribution in <a
href="https://redirect.github.com/workos/workos-elixir/pull/65">workos/workos-elixir#65</a></li>
<li><a
href="https://github.com/apoorv-2204"><code>@apoorv-2204</code></a>
made their first contribution in <a
href="https://redirect.github.com/workos/workos-elixir/pull/63">workos/workos-elixir#63</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/workos/workos-elixir/compare/v1.1.0...v1.1.1">https://github.com/workos/workos-elixir/compare/v1.1.0...v1.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b90ef7ae62"><code>b90ef7a</code></a>
Bump to 1.1.1</li>
<li><a
href="16616322b3"><code>1661632</code></a>
fix(profile): 🐛 ensure casting of all fields in profile</li>
<li><a
href="d5adc7bbbd"><code>d5adc7b</code></a>
fix(profile struct): ⚡ fix cast of profile and token, to cast
profile map...</li>
<li><a
href="4fead72dcc"><code>4fead72</code></a>
Update deprecated runner in GHA workflow</li>
<li><a
href="ea11c24bd3"><code>ea11c24</code></a>
Pin third-party actions to currently used SHA (<a
href="https://redirect.github.com/workos/workos-elixir/issues/66">#66</a>)</li>
<li><a
href="d65cec3d04"><code>d65cec3</code></a>
Update WorkOS Dependency Version in Readme</li>
<li>See full diff in <a
href="https://github.com/workos/workos-elixir/compare/v1.1.0...v1.1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logger_json](https://github.com/Nebo15/logger_json) from 7.0.0 to
7.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Nebo15/logger_json/releases">logger_json's
releases</a>.</em></p>
<blockquote>
<h2>7.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Datadog: report <code>error.kind</code> and <code>error.stack</code>
for non-crash error+ logs by <a
href="https://github.com/aloukissas"><code>@aloukissas</code></a> in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/157">Nebo15/logger_json#157</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/aloukissas"><code>@aloukissas</code></a> made
their first contribution in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/157">Nebo15/logger_json#157</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Nebo15/logger_json/compare/7.0.1...7.0.2">https://github.com/Nebo15/logger_json/compare/7.0.1...7.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e0b5ca332"><code>6e0b5ca</code></a>
Bump version</li>
<li><a
href="7de4c86996"><code>7de4c86</code></a>
pattern match</li>
<li><a
href="42c074a193"><code>42c074a</code></a>
honor existing metadata</li>
<li><a
href="b7a1e1ae5c"><code>b7a1e1a</code></a>
remove else clause</li>
<li><a
href="bd6144a591"><code>bd6144a</code></a>
logger level option</li>
<li><a
href="564f1e14ab"><code>564f1e1</code></a>
no need for stack</li>
<li><a
href="2cf9140036"><code>2cf9140</code></a>
feat: report error.kind and error.stack for non-crash error+ logs</li>
<li><a
href="14aa482efb"><code>14aa482</code></a>
Add kind and top level message to DataDog formatter</li>
<li><a
href="c0bcd290d1"><code>c0bcd29</code></a>
Allow using old tuples in config.exs and promote using new/1 in
runtime.exs</li>
<li>See full diff in <a
href="https://github.com/Nebo15/logger_json/compare/7.0.0...7.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ex_cldr_numbers](https://github.com/elixir-cldr/cldr_numbers)
from 2.35.0 to 2.35.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr_numbers/releases">ex_cldr_numbers's
releases</a>.</em></p>
<blockquote>
<h2>Cldr Numbers version 2.35.1</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Fix formatting currency amounts when the currency format does not
have a digit placeholder (<code>0</code> and <code>#</code>) directly
next to the currency placeholder (<code>¤</code>). Thanks to <a
href="https://github.com/benregn"><code>@benregn</code></a> for the
report. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr_numbers/issues/54">#54</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr_numbers/blob/main/CHANGELOG.md">ex_cldr_numbers's
changelog</a>.</em></p>
<blockquote>
<h2>Cldr Numbers v2.35.1</h2>
<p>This is the changelog for Cldr v2.35.1 released on April 23rd, 2025.
For older changelogs please consult the release tag on <a
href="https://github.com/elixir-cldr/cldr_numbers/tags">GitHub</a></p>
<h3>Bug Fixes</h3>
<ul>
<li>Fix formatting currency amounts when the currency format does not
have a digit placeholder (<code>0</code> and <code>#</code>) directly
next to the currency placeholder (<code>¤</code>). Thanks to <a
href="https://github.com/benregn"><code>@benregn</code></a> for the
report. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr_numbers/issues/54">#54</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1fb2f82370"><code>1fb2f82</code></a>
Fix currency formatting. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr_numbers/issues/54">#54</a></li>
<li>See full diff in <a
href="https://github.com/elixir-cldr/cldr_numbers/compare/v2.35.0...v2.35.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tzdata](https://github.com/lau/tzdata) from 1.1.2 to 1.1.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/lau/tzdata/blob/master/CHANGELOG.md">tzdata's
changelog</a>.</em></p>
<blockquote>
<h2>[1.1.3] - 2025-03-05</h2>
<h3>Fixed</h3>
<ul>
<li>Fix Elixir compiler warnings for decreasing ranges without explicit
steps (Christoph Grothaus)</li>
<li>Fix various Elixir compiler warnings (Thomas Cioppettini)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Now requires Elixir 1.9 or greater instead of 1.8 or greater.</li>
<li>tzdata release version shipped with this library is now 2025a
instead of 2024b.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="61fb7ecf68"><code>61fb7ec</code></a>
Version 1.1.3 (<a
href="https://redirect.github.com/lau/tzdata/issues/158">#158</a>)</li>
<li><a
href="f760899337"><code>f760899</code></a>
Fix Elixir compiler warnings for decreasing ranges without explicit
steps (<a
href="https://redirect.github.com/lau/tzdata/issues/154">#154</a>)</li>
<li><a
href="7791318499"><code>7791318</code></a>
chore(Elixir): Fix warnings emitted by elixir 1.16 (<a
href="https://redirect.github.com/lau/tzdata/issues/139">#139</a>)</li>
<li>See full diff in <a
href="https://github.com/lau/tzdata/compare/v1.1.2...v1.1.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [observer_cli](https://github.com/zhongwencool/observer_cli) from
1.8.2 to 1.8.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zhongwencool/observer_cli/releases">observer_cli's
releases</a>.</em></p>
<blockquote>
<h2>1.8.3</h2>
<h2>What's Changed</h2>
<ul>
<li>process_info(Pid, monitors) can also return {port, _} tuples by <a
href="https://github.com/gomoripeti"><code>@gomoripeti</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/110">zhongwencool/observer_cli#110</a></li>
<li>correct the units shown for memory data by <a
href="https://github.com/gonzalobf"><code>@gonzalobf</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/111">zhongwencool/observer_cli#111</a></li>
<li>Fix compile warning on OTP 27 by <a
href="https://github.com/zmstone"><code>@zmstone</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/114">zhongwencool/observer_cli#114</a></li>
<li>Fix mnesia crash by handling unknown storage types by <a
href="https://github.com/zhongwencool"><code>@zhongwencool</code></a>
in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/115">zhongwencool/observer_cli#115</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gonzalobf"><code>@gonzalobf</code></a>
made their first contribution in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/111">zhongwencool/observer_cli#111</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zhongwencool/observer_cli/compare/v1.8.2...1.8.3">https://github.com/zhongwencool/observer_cli/compare/v1.8.2...1.8.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5ef0a2cec2"><code>5ef0a2c</code></a>
chore: include docs dir</li>
<li><a
href="de56d61c8c"><code>de56d61</code></a>
Merge pull request <a
href="https://redirect.github.com/zhongwencool/observer_cli/issues/115">#115</a>
from zhongwencool/mnesia-crash</li>
<li><a
href="49440d8134"><code>49440d8</code></a>
Migrate documentation from doc to docs directory and switch to
ex_doc</li>
<li><a
href="cbfcf75ecc"><code>cbfcf75</code></a>
bump to 1.8.3</li>
<li><a
href="93453bd876"><code>93453bd</code></a>
Fix mnesia crash by handling unknown storage types</li>
<li><a
href="54f152d717"><code>54f152d</code></a>
Fix compile warning on OTP 27</li>
<li><a
href="c4eba84200"><code>c4eba84</code></a>
correct the units shown for memory data</li>
<li><a
href="12ef05329c"><code>12ef053</code></a>
process_info(Pid, monitors) can also return {port, _} tuples</li>
<li>See full diff in <a
href="https://github.com/zhongwencool/observer_cli/compare/v1.8.2...1.8.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [argon2_elixir](https://github.com/riverrun/argon2_elixir) from
4.1.2 to 4.1.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c77ab6660b"><code>c77ab66</code></a>
update version to v4.1.3</li>
<li><a
href="2bc37dcc9f"><code>2bc37dc</code></a>
Merge pull request <a
href="https://redirect.github.com/riverrun/argon2_elixir/issues/68">#68</a>
from meeq/patch-1</li>
<li><a
href="af29b73a65"><code>af29b73</code></a>
Fix Clang compile warning</li>
<li>See full diff in <a
href="https://github.com/riverrun/argon2_elixir/compare/v4.1.2...v4.1.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [credo](https://github.com/rrrene/credo) from 1.7.11 to 1.7.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rrrene/credo/releases">credo's
releases</a>.</em></p>
<blockquote>
<h2>v1.7.12</h2>
<p>Check it out on Hex: <a
href="https://hex.pm/packages/credo/1.7.12">https://hex.pm/packages/credo/1.7.12</a></p>
<ul>
<li>Fix compatibility & compiler warnings with Elixir 1.19
(dev)</li>
<li>Provide <code>:column</code> on all checks</li>
<li>Fix check docs in other project's documentation</li>
<li><code>Credo.Check.Refactor.DoubleBooleanNegation</code> fixed false
positive</li>
<li><code>Credo.Check.Readability.NestedFunctionCalls</code> fixed false
positive</li>
<li><code>Credo.Check.Consistency.UnusedVariableNames</code> fixed
duplicate issues</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rrrene/credo/blob/master/CHANGELOG.md">credo's
changelog</a>.</em></p>
<blockquote>
<h2>1.7.12</h2>
<ul>
<li>Fix compatibility & compiler warnings with Elixir 1.19
(dev)</li>
<li>Provide <code>:column</code> on all checks</li>
<li>Fix check docs in other project's documentation</li>
<li><code>Credo.Check.Refactor.DoubleBooleanNegation</code> fixed false
positive</li>
<li><code>Credo.Check.Readability.NestedFunctionCalls</code> fixed false
positive</li>
<li><code>Credo.Check.Consistency.UnusedVariableNames</code> fixed
duplicate issues</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f731459d4f"><code>f731459</code></a>
Bump version to 1.7.12</li>
<li><a
href="953c7433b4"><code>953c743</code></a>
Update GitHub actions</li>
<li><a
href="25d9231ad5"><code>25d9231</code></a>
Update CHANGELOG</li>
<li><a
href="6eded9ffbd"><code>6eded9f</code></a>
Update deps for Elixir 1.19</li>
<li><a
href="3764e9df3b"><code>3764e9d</code></a>
Improve Assertitions by adding source line</li>
<li><a
href="7acc3aba19"><code>7acc3ab</code></a>
Add :test_ignore_filters for Elixir 1.19 compat</li>
<li><a
href="0dff386042"><code>0dff386</code></a>
Merge pull request <a
href="https://redirect.github.com/rrrene/credo/issues/1190">#1190</a>
from danschultzer/credo-docs-uri</li>
<li><a
href="e9b9e31b8f"><code>e9b9e31</code></a>
Merge pull request <a
href="https://redirect.github.com/rrrene/credo/issues/1191">#1191</a>
from danschultzer/update-ci-elixir-otp-versions</li>
<li><a
href="06fa242304"><code>06fa242</code></a>
Use latest Elixir and OTP versions in CI</li>
<li><a
href="9ba02a636f"><code>9ba02a6</code></a>
Link to the credo docs when app is not credo</li>
<li>Additional commits viewable in <a
href="https://github.com/rrrene/credo/compare/v1.7.11...v1.7.12">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [libcluster](https://github.com/bitwalker/libcluster) from 3.3.3
to 3.5.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bitwalker/libcluster/blob/main/CHANGELOG.md">libcluster's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>Unreleased</h2>
<ul>
<li>Add <code>kubernetes_use_cached_resources</code> option to
Kubernetes strategy</li>
</ul>
<h2>3.4.1</h2>
<ul>
<li>Use new cypher names</li>
<li>Allow Epmd strategy to reconnect after connection failures</li>
<li>Detect Self Signed Certificate Authority for Kubernetes
Strategy</li>
<li>Remove calls to deprecated <code>Logger.warn/2</code></li>
<li>Correct misspell of 'Empd' -> 'Epmd' in
<code>Cluster.Strategy.LocalEpmd</code> moduledoc</li>
</ul>
<h2>3.4.0</h2>
<h3>Added</h3>
<ul>
<li>Telemetry events added for tracking node connects and
disconnects</li>
</ul>
<h3>3.3.0</h3>
<h3>Changed</h3>
<ul>
<li>Default multicast address is now 233.252.1.32, was 230.1.1.251, <a
href="449a65e14f">commit</a></li>
</ul>
<h3>2.3.0</h3>
<h3>Added</h3>
<ul>
<li>Clustering strategy for the Rancher container platform (see: <a
href="https://github.com/rancher/rancher">https://github.com/rancher/rancher</a>)</li>
<li>LocalEpmd strategy that uses epmd to discover nodes on the local
host</li>
<li>Gossip strategy multicast interface is used for adding multicast
membership</li>
</ul>
<h2>2.0.0</h2>
<h3>Added</h3>
<ul>
<li>Configurable <code>connect</code> and <code>disconnect</code>
options for implementing strategies
on top of custom topologies</li>
<li>The ability to start libcluster for more than a single topology</li>
<li>Added <code>polling_interval</code> option to Kubernetes
strategy</li>
<li>Added ability to specify a list of hosts for the Epmd strategy to
connect to on start</li>
</ul>
<h3>Removed</h3>
<ul>
<li>Cluster.Events module, as it was redundant and unused</li>
</ul>
<h3>Changed</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bitwalker/libcluster/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[phoenix_live_reload](https://github.com/phoenixframework/phoenix_live_reload)
from 1.5.3 to 1.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_live_reload/blob/main/CHANGELOG.md">phoenix_live_reload's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.0 (2025-04-10)</h2>
<ul>
<li>
<p>Enhancements</p>
<ul>
<li>Add support for <code>__RELATIVEFILE__</code> when invoking
editors</li>
<li>Change the default target window to <code>:parent</code> to not
reload the whole page if a Phoenix app is shown inside an iframe. You
can get the old behavior back by setting the <code>:target_window</code>
option to <code>:top</code>:
<pre lang="elixir"><code>config :phoenix_live_reload, MyAppWeb.Endpoint,
target_window: :top,
...
</code></pre>
</li>
</ul>
</li>
<li>
<p>Bug fixes</p>
<ul>
<li>Inject iframe if web console logger is enabled but there are no
patterns</li>
<li>Allow web console to shutdown cleanly</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f1297101e8"><code>f129710</code></a>
Release v1.6.0</li>
<li><a
href="95c956e163"><code>95c956e</code></a>
show code example in 1.6 changelog</li>
<li><a
href="bd16ec6680"><code>bd16ec6</code></a>
Update CHANGELOG</li>
<li><a
href="e1b5d4ad98"><code>e1b5d4a</code></a>
Default window to parent</li>
<li><a
href="a685ccf99f"><code>a685ccf</code></a>
Add README.md and CHANGELOG.md to the docs (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/168">#168</a>)</li>
<li><a
href="e9160bde42"><code>e9160bd</code></a>
Add support for <strong>RELATIVEFILE</strong> (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/166">#166</a>)</li>
<li><a
href="bbc62626d2"><code>bbc6262</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/165">#165</a>
from phoenixframework/sd-gitlab-ci</li>
<li><a
href="9c6b6a4b9b"><code>9c6b6a4</code></a>
fix test for Elixir < 1.15, format</li>
<li><a
href="86a7194f8c"><code>86a7194</code></a>
add gitlab ci</li>
<li><a
href="f2fdba5b01"><code>f2fdba5</code></a>
Fix typo again, appplication -> application (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/163">#163</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/phoenix_live_reload/compare/v1.5.3...v1.6.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Our current bespoke job system, while it's worked out well so far, has
the following shortcomings:
- No retry logic
- No robust to guarantee job isolation / uniqueness without resorting to
row-level locking
- No support for cron-based scheduling
This PR adds the boilerplate required to get started with
[Oban](https://hexdocs.pm/oban/Oban.html), the job management system for
Elixir.
There was slight API change in the way LoggerJSON's configuration is
generation, so I took the time to do a little fixing and cleanup here.
Specifically, we should be using the `new/1` callback to create the
Logger config which fixes the below exception due to missing config
keys:
```
FORMATTER CRASH: {report,[{formatter_crashed,'Elixir.LoggerJSON.Formatters.GoogleCloud'},{config,[{metadata,{all_except,[socket,conn]}},{redactors,[{'Elixir.LoggerJSON.Redactors.RedactKeys',[<<"password">>,<<"secret">>,<<"nonce">>,<<"fragment">>,<<"state">>,<<"token">>,<<"public_key">>,<<"private_key">>,<<"preshared_key">>,<<"session">>,<<"sessions">>]}]}]},{log_event,#{meta => #{line => 15,pid => <0.308.0>,time => 1744145139650804,file => "lib/logger.ex",gl => <0.281.0>,domain => [elixir],application => libcluster,mfa => {'Elixir.Cluster.Logger',info,2}},msg => {string,<<"[libcluster:default] connected to :\"web@web.cluster.local\"">>},level => info}},{reason,{error,{badmatch,[{metadata,{all_except,[socket,conn]}},{redactors,[{'Elixir.LoggerJSON.Redactors.RedactKeys',[<<"password">>,<<"secret">>,<<"nonce">>,<<"fragment">>,<<"state">>,<<"token">>,<<"public_key">>,<<"private_key">>,<<"preshared_key">>,<<"session">>,<<"sessions">>]}]}]},[{'Elixir.LoggerJSON.Formatters.GoogleCloud',format,2,[{file,"lib/logger_json/formatters/google_cloud.ex"},{line,148}]}]}}]}
```
Supersedes #8714
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sentry](https://github.com/getsentry/sentry-elixir) from 10.8.1
to 10.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/releases">sentry's
releases</a>.</em></p>
<blockquote>
<h2>10.9.0</h2>
<p>This release adds a bunch of new features and fixes a few papercut
bugs.</p>
<h3>New features</h3>
<ul>
<li>Add <code>:tags_from_metadata</code> option to
<code>Sentry.LoggerHandler</code>. Use this to better structure reports
that come from logs (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/840">#840</a>
by <a
href="https://github.com/icehaunter"><code>@icehaunter</code></a>).</li>
<li>Add <code>:discard_threshold</code> option to
<code>Sentry.LoggerHandler</code> to implement load shedding when the
logger gets overloaded.</li>
<li>If you want to use Elixir 1.18's new <code>JSON</code> module, now
you can (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/845">#845</a>).</li>
<li>Add <code>:in_app_otp_apps</code> configuration option. This should
replace <code>:in_app_module_allow_list</code> for most use cases,
making configuration simpler (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/854">#854</a>
by <a href="https://github.com/solnic"><code>@solnic</code></a>).</li>
<li>Add support for per-module custom options for check ins. This means
you can now configure single Oban (or Quantum) jobs with per-worker
options such as timezones and more (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/833">#833</a>
by <a
href="https://github.com/savhappy"><code>@savhappy</code></a>).</li>
<li>Add a global <code>:extra</code> config that can be set at the
<code>:sentry</code> application level (akin to <code>:tags</code>
today).</li>
<li>Improve Oban error reporting.</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>We now deduplicate identical events significantly less, reducing the
risk of not reporting events that are not duplicates.</li>
<li>When dropping breadcrumbs (because of the limit being reached), we
now retain <em>newest</em> breadcrumbs instead of older ones (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/858">#858</a>
by <a
href="https://github.com/dajinchu"><code>@dajinchu</code></a>).</li>
<li>Ensure log messages are not captured with
<code>:capture_log_messages</code> is <code>false</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/865">#865</a>
by <a
href="https://github.com/joladev"><code>@joladev</code></a>).</li>
<li>Normalize Oban exception reasons for better reports.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/blob/master/CHANGELOG.md">sentry's
changelog</a>.</em></p>
<blockquote>
<h2>10.9.0</h2>
<p>This release adds a bunch of new features and fixes a few papercut
bugs.</p>
<h3>New features</h3>
<ul>
<li>Add <code>:tags_from_metadata</code> option to
<code>Sentry.LoggerHandler</code>. Use this to better structure reports
that come from logs (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/840">#840</a>
by <a
href="https://github.com/icehaunter"><code>@icehaunter</code></a>).</li>
<li>Add <code>:discard_threshold</code> option to
<code>Sentry.LoggerHandler</code> to implement load shedding when the
logger gets overloaded.</li>
<li>If you want to use Elixir 1.18's new <code>JSON</code> module, now
you can (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/845">#845</a>).</li>
<li>Add <code>:in_app_otp_apps</code> configuration option. This should
replace <code>:in_app_module_allow_list</code> for most use cases,
making configuration simpler (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/854">#854</a>
by <a href="https://github.com/solnic"><code>@solnic</code></a>).</li>
<li>Add support for per-module custom options for check ins. This means
you can now configure single Oban (or Quantum) jobs with per-worker
options such as timezones and more (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/833">#833</a>
by <a
href="https://github.com/savhappy"><code>@savhappy</code></a>).</li>
<li>Add a global <code>:extra</code> config that can be set at the
<code>:sentry</code> application level (akin to <code>:tags</code>
today).</li>
<li>Improve Oban error reporting.</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>We now deduplicate identical events significantly less, reducing the
risk of not reporting events that are not duplicates.</li>
<li>When dropping breadcrumbs (because of the limit being reached), we
now retain <em>newest</em> breadcrumbs instead of older ones (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/858">#858</a>
by <a
href="https://github.com/dajinchu"><code>@dajinchu</code></a>).</li>
<li>Ensure log messages are not captured with
<code>:capture_log_messages</code> is <code>false</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/865">#865</a>
by <a
href="https://github.com/joladev"><code>@joladev</code></a>).</li>
<li>Normalize Oban exception reasons for better reports.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0711b48533"><code>0711b48</code></a>
release: 10.9.0</li>
<li><a
href="b770388e72"><code>b770388</code></a>
Normalize Oban exception reasons for better reports (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/878">#878</a>)</li>
<li><a
href="5f6a0c9986"><code>5f6a0c9</code></a>
Strengthen a flaky test (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/873">#873</a>)</li>
<li><a
href="759ed98259"><code>759ed98</code></a>
Improve Oban error reporting (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/872">#872</a>)</li>
<li><a
href="df0079f1b5"><code>df0079f</code></a>
Remove extra inspect/1 for Oban errors fingerprints (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/869">#869</a>)</li>
<li><a
href="1b20581634"><code>1b20581</code></a>
Fix invalid JSON in :message (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/867">#867</a>)</li>
<li><a
href="16229ef912"><code>16229ef</code></a>
Add global :extra config (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/866">#866</a>)</li>
<li><a
href="07d0d19752"><code>07d0d19</code></a>
Ensure log messages are not captured with capture_log_messages false (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/865">#865</a>)</li>
<li><a
href="48271100e4"><code>4827110</code></a>
Add timezone to Oban Integration (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/862">#862</a>)</li>
<li><a
href="3b3ff64280"><code>3b3ff64</code></a>
Retain newest breadcrumbs (instead of oldest)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-elixir/compare/10.8.1...10.9.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tailwind](https://github.com/phoenixframework/tailwind) from
0.2.4 to 0.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/tailwind/blob/main/CHANGELOG.md">tailwind's
changelog</a>.</em></p>
<blockquote>
<h2>v0.3.1 (2025-02-28)</h2>
<ul>
<li>Support correct target for Linux MUSL with Tailwind v3.</li>
</ul>
<h2>v0.3.0 (2025-02-26)</h2>
<ul>
<li>Support Tailwind v4+. This release assumes Tailwind v4 for new
projects.</li>
</ul>
<p>Note: v0.3.0 dropped target code for handling Linux MUSL with
Tailwind v3. Use v0.3.1+ instead.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dec852e08d"><code>dec852e</code></a>
release v0.3.1</li>
<li><a
href="2bc2fdff38"><code>2bc2fdf</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/115">#115</a>
from phoenixframework/sd-musl-target-v3v4</li>
<li><a
href="c0006e254b"><code>c0006e2</code></a>
Support Linux MUSL v3 and v4</li>
<li><a
href="08629c84b8"><code>08629c8</code></a>
release v0.3.0</li>
<li><a
href="8b3247daad"><code>8b3247d</code></a>
Merge branch 'next'</li>
<li><a
href="7e1f93b284"><code>7e1f93b</code></a>
use Tailwind 4.0.9 as latest</li>
<li><a
href="44ac9014f0"><code>44ac901</code></a>
don't mention 0.3 or Tailwind v4 in README yet</li>
<li><a
href="8ad425c2da"><code>8ad425c</code></a>
Pass url as a string into fetch_body! as URI.parse would not succeed
with a c...</li>
<li><a
href="6f45cae55d"><code>6f45cae</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/97">#97</a>
from arcanemachine/main</li>
<li><a
href="22788850d2"><code>2278885</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/110">#110</a>
from phoenixframework/sd-tailwind3to4</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/tailwind/compare/v0.2.4...v0.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [bandit](https://github.com/mtrudel/bandit) from 1.6.10 to 1.6.11.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md">bandit's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.11 (31 Mar 2025)</h2>
<h3>Changes</h3>
<ul>
<li>Ensure that HTTP/1 request headers are sent to the Plug in the order
they're
sent (<a
href="https://redirect.github.com/mtrudel/bandit/issues/482">#482</a>)</li>
<li>Do not populate the <code>cookies</code> header with an empty string
if no cookies were
sent in HTTP/2 (<a
href="https://redirect.github.com/mtrudel/bandit/issues/483">#483</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3b8b1a40fb"><code>3b8b1a4</code></a>
Version bump to 1.6.11</li>
<li><a
href="5b5839234a"><code>5b58392</code></a>
Order headers (<a
href="https://redirect.github.com/mtrudel/bandit/issues/483">#483</a>)</li>
<li>See full diff in <a
href="https://github.com/mtrudel/bandit/compare/1.6.10...1.6.11">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [plug_crypto](https://github.com/elixir-plug/plug_crypto) from
2.1.0 to 2.1.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-plug/plug_crypto/blob/main/CHANGELOG.md">plug_crypto's
changelog</a>.</em></p>
<blockquote>
<h2>v2.1.1 (2025-04-03)</h2>
<ul>
<li>Fall back <code>hash_equals</code> when missing OpenSSL support</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="70af9d89e6"><code>70af9d8</code></a>
Release v2.1.1</li>
<li><a
href="84130f8915"><code>84130f8</code></a>
Fallback when hash_equals fails for missing openssl support (<a
href="https://redirect.github.com/elixir-plug/plug_crypto/issues/45">#45</a>)</li>
<li><a
href="3ff0bfe9a5"><code>3ff0bfe</code></a>
Update versions in CI (<a
href="https://redirect.github.com/elixir-plug/plug_crypto/issues/43">#43</a>)</li>
<li>See full diff in <a
href="https://github.com/elixir-plug/plug_crypto/compare/v2.1.0...v2.1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[telemetry_poller](https://github.com/beam-telemetry/telemetry_poller)
from 1.1.0 to 1.2.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/beam-telemetry/telemetry_poller/blob/main/CHANGELOG.md">telemetry_poller's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/beam-telemetry/telemetry_poller/tree/v1.2.0">1.2.0</a></h2>
<h3>Added</h3>
<ul>
<li>Support <code>persistent_term</code> measurements.</li>
<li>Require Erlang/OTP 24+.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/beam-telemetry/telemetry_poller/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [observer_cli](https://github.com/zhongwencool/observer_cli) from
1.8.1 to 1.8.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zhongwencool/observer_cli/releases">observer_cli's
releases</a>.</em></p>
<blockquote>
<h2>v1.8.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix unit of fullsweep_after by <a
href="https://github.com/binaryseed"><code>@binaryseed</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/108">zhongwencool/observer_cli#108</a></li>
<li>chore: fix typo lable -> label by <a
href="https://github.com/zmstone"><code>@zmstone</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/109">zhongwencool/observer_cli#109</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/binaryseed"><code>@binaryseed</code></a> made
their first contribution in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/108">zhongwencool/observer_cli#108</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zhongwencool/observer_cli/compare/1.8.1...v1.8.2">https://github.com/zhongwencool/observer_cli/compare/1.8.1...v1.8.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="854d5ab4fa"><code>854d5ab</code></a>
chore: bump to 1.8.2</li>
<li><a
href="d057cb3670"><code>d057cb3</code></a>
chore: fix typo lable -> label</li>
<li><a
href="13ec437b1f"><code>13ec437</code></a>
Fix unit of fullsweep_after</li>
<li>See full diff in <a
href="https://github.com/zhongwencool/observer_cli/compare/1.8.1...v1.8.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[ex_cldr_dates_times](https://github.com/elixir-cldr/cldr_dates_times)
from 2.20.3 to 2.22.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr_dates_times/releases">ex_cldr_dates_times's
releases</a>.</em></p>
<blockquote>
<h2>Cldr Dates Times version 2.22.0</h2>
<h3>Breaking Data format changes</h3>
<p>There are some changes to the underlying locale data format that will
be a breaking change for results returned from:</p>
<ul>
<li><code>Cldr.DateTime.Format.time_formats/{1,2,3}</code></li>
<li><code>MyApp.Cldr.Calendar.day_periods/{0, 1, 2}</code></li>
</ul>
<p>The data changes are summarised as:</p>
<ul>
<li>Time formats now group the <code>:default</code> and
<code>:ascii</code> alternatives.</li>
<li>Day periods used for date/time formatting now group the alternatives
for <code>am</code> and <code>pm</code> where the data is
available.</li>
<li>Day period display names now group the alternatives for
<code>am</code> and <code>pm</code> where the data is available.</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Update to <a href="https://cldr.unicode.org/downloads/cldr-47">CLDR
47</a> data.</li>
</ul>
<h2>Cldr Dates Times version 2.21.0</h2>
<h3>Enhancements</h3>
<ul>
<li>Allow configuration of <code>ex_cldr_calendars</code> version 2.0
and later.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr_dates_times/blob/main/CHANGELOG.md">ex_cldr_dates_times's
changelog</a>.</em></p>
<blockquote>
<h2>Cldr_Dates_Times v2.22.0</h2>
<p>This is the changelog for Cldr_Dates_Times v2.22.0 released on March
18th, 2025. For older changelogs please consult the release tag on <a
href="https://github.com/elixir-cldr/cldr_cldr_dates_times/tags">GitHub</a></p>
<h3>Breaking Data format changes</h3>
<p>There are some changes to the underlying locale data format that will
be a breaking change for results returned from:</p>
<ul>
<li><code>Cldr.DateTime.Format.time_formats/{1,2,3}</code></li>
<li><code>MyApp.Cldr.Calendar.day_periods/{0, 1, 2}</code></li>
</ul>
<p>The data changes are summarised as:</p>
<ul>
<li>Time formats now group the <code>:default</code> and
<code>:ascii</code> alternatives.</li>
<li>Day periods used for date/time formatting now group the alternatives
for <code>am</code> and <code>pm</code> where the data is
available.</li>
<li>Day period display names now group the alternatives for
<code>am</code> and <code>pm</code> where the data is available.</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Update to <a href="https://cldr.unicode.org/downloads/cldr-47">CLDR
47</a> data.</li>
</ul>
<h2>Cldr_Dates_Times v2.21.0</h2>
<p>This is the changelog for Cldr_Dates_Times v2.21.0 released on
January 31st, 2025. For older changelogs please consult the release tag
on <a
href="https://github.com/elixir-cldr/cldr_cldr_dates_times/tags">GitHub</a></p>
<h3>Enhancements</h3>
<ul>
<li>Allow configuration of <code>ex_cldr_calendars</code> version 2.0
and later.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c7042c4327"><code>c7042c4</code></a>
Update deps and changelog</li>
<li><a
href="0a0e56cd36"><code>0a0e56c</code></a>
Update version and changelog</li>
<li><a
href="b4dbc2cb55"><code>b4dbc2c</code></a>
Reflect CLDR 47 Beta 2 data</li>
<li><a
href="907fb8ef8d"><code>907fb8e</code></a>
Config test dependencies</li>
<li><a
href="930ad5686e"><code>930ad56</code></a>
Initial testing on CLDR47 Alpha 2</li>
<li><a
href="48aada48eb"><code>48aada4</code></a>
Support ex_cldr_calendars 2.0</li>
<li><a
href="04b4af8e67"><code>04b4af8</code></a>
Add back test locales</li>
<li><a
href="5a675305d6"><code>5a67530</code></a>
Merge pull request <a
href="https://redirect.github.com/elixir-cldr/cldr_dates_times/issues/53">#53</a>
from Munksgaard/fix-doc-comments</li>
<li><a
href="3a5a7c073f"><code>3a5a7c0</code></a>
Fix some doc comment warnings</li>
<li>See full diff in <a
href="https://github.com/elixir-cldr/cldr_dates_times/compare/v2.20.3...v2.22.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot]