chore(deps-dev): bump mkdocs-autorefs from 1.4.3 to 1.4.4#89
Closed
dependabot[bot] wants to merge 118 commits intomainfrom
Closed
chore(deps-dev): bump mkdocs-autorefs from 1.4.3 to 1.4.4#89dependabot[bot] wants to merge 118 commits intomainfrom
dependabot[bot] wants to merge 118 commits intomainfrom
Conversation
Support showing recommendation, analysis link and impact scores
Adds various modes and dashboard
feat: adds support for configuring approval policy
- Add Docker CLI and Compose usage instructions to README - Add docker-compose.yml for easy orchestration - Update Dockerfile to include .local/bin in PATH for CLI - Add [project.scripts] to pyproject.toml to install mergebot CLI - Update entrypoint to exec mergebot with passed arguments - Add test-docker-cli job to CI workflow for Docker CLI/ondemand modes - Refactor mergebot/app.py to provide a CLI entrypoint function
Update POETRY_VERSION from 2.1.2 to 2.2.1 in CI workflow and Dockerfile to align tooling and benefit from fixes/improvements in Poetry 2.2.x. Install coreutils in the Docker image to ensure GitLab Runner compatibility, as runner scripts may rely on GNU utilities not present in the slim base image. Uses --no-install-recommends and cleans apt lists to minimize image size. No application code changes.
- Added logic in GitHub and GitLab API wrappers to avoid duplicate approvals by checking if the current user has already approved a PR/MR, preventing redundant review actions and related service errors. - In decision_service, ensured user-facing feedback with comments when approval operations fail. - Updated config-gitlab.yaml for ImpactEvaluator LLM configuration. - Improved type annotations and variable declarations for clarity.
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.13.2 to 0.14.0. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.13.2...0.14.0) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.14.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Refactored import path for EventListener in flow.py for consistency with new project structure. Removed alembic, asgiref, and chroma-hnswlib from poetry.lock to clean up unused dependencies. Updated poetry.lock to be generated by Poetry 2.2.1 for improved dependency management.
* docs: add dashboard analytics for LLM token usage tracking Added documentation for a new dashboard analytics feature displaying "Total Tokens Used" and per-crew token breakdown. This provides project-wide visibility on LLM resource utilization per scan, increases transparency, and supports future extensibility and optimization efforts. * Update docs/usage/overview.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update docs/architecture/dashboard.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update mergebot/flow.py Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v4.2.0...v4.3.0) --- updated-dependencies: - dependency-name: pre-commit dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Add 'mergebot-saas' to .gitignore and .dockerignore to avoid tracking SaaS-specific files - Update poetry.lock to bump aiohttp from 3.12.13 to 3.13.0 for latest features and fixes - Update poetry.lock comment to reflect generation by Poetry 2.2.1
Co-authored-by: mergebot-dev[bot] <225918908+mergebot-dev[bot]@users.noreply.github.com>
* feat: improve the webhook server approach support secret * feat: adds support for multiple project based analysis - Update .dockerignore and .gitignore to exclude local config files, build caches, and logs - Refactor config-github.yaml and config-gitlab.yaml to use unified 'projects' structure - Move repository webhook secrets into project definitions for clarity - Improve error handling in ensure_repo_config to raise exceptions instead of sys.exit - Enhance maintainability by reducing hard-coded values and centralizing config paths * fix: remove config cached files * refactor: improve readability by reformatting long lines Reformat long function signatures and method calls for better readability by placing arguments on separate lines. No logic changes were made. * refactor(flow): improve logging to include project path during flow init Removed redundant log statement in MergeBotFlow setup and enhanced log message in run_flow to include project path, ensuring clearer tracking of flow initialization context. * docs(config): clarify LLM config to require provider-prefixed models Update LLM configuration documentation to specify use of provider-prefixed model names (e.g., openai/gpt-4o-mini) for more explicit provider selection. Add table of common provider/model string examples and update YAML snippets to reflect new format for clarity. * refactor(webhook): make webhook server fully async and improve startup Convert webhook server startup to be fully async by introducing an async serve method and removing sys.exit calls. Add _log_startup for improved logging, and update orchestration flow to use async server operations for better event loop integration and error handling.
* feat(dashboard): add review triggers section and centralize markers Introduce a "Review Triggers" section in the dashboard for better visibility of PR review statuses. Move marker constants into a dedicated constants.py module for improved maintainability and consistent usage across dashboard helpers. * feat: add comment-based review triggers and update docs/CI config - Introduce support for review triggers via `/mergebot review` comment, bot mentions, and dashboard checkbox across GitHub/GitLab - Update docs with trigger options, usage instructions, and impact assessment guidance - Track and clear trigger state automatically in dashboard after rerun or PR/MR closure - Add local pre-commit hooks for formatting, linting, and spell-check to .pre-commit-config.yaml * refactor(review): use absolute import for DashboardReviewTracker Replaced relative import with absolute import for DashboardReviewTracker to improve code clarity and maintainability in the review module.
Bumps [mkdocs-mermaid2-plugin](https://github.com/fralau/mkdocs-mermaid2-plugin) from 1.2.2 to 1.2.3. - [Release notes](https://github.com/fralau/mkdocs-mermaid2-plugin/releases) - [Changelog](https://github.com/fralau/mkdocs-mermaid2-plugin/blob/master/CHANGELOG.md) - [Commits](fralau/mkdocs-mermaid2-plugin@v1.2.2...v1.2.3) --- updated-dependencies: - dependency-name: mkdocs-mermaid2-plugin dependency-version: 1.2.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.0 to 0.14.3. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.0...0.14.3) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.14.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- cache per-project bot identities via the GitHub/GitLab wrappers - ignore bot-authored comments and parse note context for PR/MR URLs - fire review flows when Mergebot is mentioned in comments to enable manual kicks
- document steps for exposing local webhook server via tunneling tools - add security reminders to protect temporary public endpoints
- document using the Mergebot image as a job container in GitHub Actions - replace manual docker run steps with direct CLI usage and add config tips
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.3 to 0.14.4. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.3...0.14.4) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.14.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [starlette](https://github.com/Kludex/starlette) from 0.48.0 to 0.49.1. - [Release notes](https://github.com/Kludex/starlette/releases) - [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md) - [Commits](Kludex/starlette@0.48.0...0.49.1) --- updated-dependencies: - dependency-name: starlette dependency-version: 0.49.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.119.0 to 0.119.1. - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.119.0...0.119.1) --- updated-dependencies: - dependency-name: fastapi dependency-version: 0.119.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.5 to 0.14.13. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.5...0.14.13) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.14.13 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [mkdocs-autorefs](https://github.com/mkdocstrings/autorefs) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/mkdocstrings/autorefs/releases) - [Changelog](https://github.com/mkdocstrings/autorefs/blob/main/CHANGELOG.md) - [Commits](mkdocstrings/autorefs@1.4.3...1.4.4) --- updated-dependencies: - dependency-name: mkdocs-autorefs dependency-version: 1.4.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps mkdocs-autorefs from 1.4.3 to 1.4.4.
Release notes
Sourced from mkdocs-autorefs's releases.
Changelog
Sourced from mkdocs-autorefs's changelog.
Commits
73c897achore: Prepare release 1.4.41753b0aci: Ignore unused type ignore comments62cfc22chore: Symbol reorganization17665e2refactor: Register headings with a Markdown processor rather than the `on_pag...4664b97ci: Ignore type warning632d8e9chore: Update YORE comment3e9bc2fdocs: Explain how to find out the anchor of a headingDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)