-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(deps): update dependency pino to v9 #1919
Conversation
Here's the code health analysis summary for commits Analysis Summary
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The main change in this commit is the update of the 'pino' package from version 8 to version 9 in both package.json and pnpm-lock.yaml files. This is a major version change. It's important to ascertain that none of the breaking changes or deprecations affect our codebase. Make sure to thoroughly test all parts of the application that use 'pino' after this change.
package.json
Outdated
@@ -48,7 +48,7 @@ | |||
"@rustymotors/shared-packets": "workspace:^", | |||
"@sentry/esbuild-plugin": "^2.16.0", | |||
"fastify": "^4.26.2", | |||
"pino": "^8.19.0", | |||
"pino": "^9.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The 'pino' package is updated to its latest major release, v9. Ensure to consult the changelogs and migration guide of the 'pino' library as major upgrades involve breaking changes.
@@ -16,7 +16,7 @@ | |||
"author": "", | |||
"license": "ISC", | |||
"dependencies": { | |||
"pino": "^8.18.0", | |||
"pino": "^9.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here also 'pino' is updated to v9 in the shared package. Do the same verifications regarding breaking changes.
pnpm-lock.yaml
Outdated
@@ -27,8 +27,8 @@ importers: | |||
specifier: ^4.26.2 | |||
version: 4.26.2 | |||
pino: | |||
specifier: ^8.19.0 | |||
version: 8.21.0 | |||
specifier: ^9.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This 'pino' version change in pnpm-lock.yaml confirms 'pino' v9.0.0 is used instead of v8.19.0. Please ensure to run 'pnpm install' for updating the lock file corresponding to package.json changes.
pnpm-lock.yaml
Outdated
@@ -161,8 +161,8 @@ importers: | |||
packages/shared: | |||
dependencies: | |||
pino: | |||
specifier: ^8.18.0 | |||
version: 8.21.0 | |||
specifier: ^9.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The 'pino' dependency for the shared package is also updated in the pnpm-lock file. If you encounter issues, checking for compatibility may be necessary.
pnpm-lock.yaml
Outdated
@@ -3200,8 +3200,8 @@ packages: | |||
thread-stream: 2.4.1 | |||
dev: false | |||
|
|||
/pino@8.21.0: | |||
resolution: {integrity: sha512-ip4qdzjkAyDDZklUaZkcRFb2iA118H9SgRh8yzTkSQK8HilsOJF7rSY8HoW5+I0M46AZgX/pxbprf2vvzQCE0Q==} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new SHA512 hash corresponding to the 'pino' v9.0.0 version is updated. This is automatically managed by the package manager and does not require any actions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The code changes mainly revolve around upgrading the pino package version from 8.19.0 and 8.18.0 to the latest 9.0.0 version across multiple files. These changes are fine if the new version does not introduce breaking changes that would affect the current system. Always ensure backward compatibility unless the system is prepared for the breaking changes.
package.json
Outdated
@@ -48,7 +48,7 @@ | |||
"@rustymotors/shared-packets": "workspace:^", | |||
"@sentry/esbuild-plugin": "^2.16.0", | |||
"fastify": "^4.26.2", | |||
"pino": "^8.19.0", | |||
"pino": "^9.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've updated the version of the 'pino' package from '^8.21.0' to '^9.0.0'. Ensure that these changes are compatible with the rest of the application by thorough testing, specifically for any breaking changes introduced by the new version.
@@ -16,7 +16,7 @@ | |||
"author": "", | |||
"license": "ISC", | |||
"dependencies": { | |||
"pino": "^8.18.0", | |||
"pino": "^9.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've upgraded pino logging library from version 8.18.0 to 9.0.0. Note that whenever we upgrade dependencies to a new major version, we should analyse the breaking changes introduced in that version to estimate the potential impact on our application. Review the library's changelog or release notes for any breaking changes. Also, run all the tests to make sure those updates do not break the application.
pnpm-lock.yaml
Outdated
@@ -27,8 +27,8 @@ importers: | |||
specifier: ^4.26.2 | |||
version: 4.26.2 | |||
pino: | |||
specifier: ^8.19.0 | |||
version: 8.21.0 | |||
specifier: ^9.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here once again the pino version is being updated. Ensure that this change aligns with the shift in version for other packages as well, and hasn't results in any versioning conflicts.
pnpm-lock.yaml
Outdated
@@ -161,8 +161,8 @@ importers: | |||
packages/shared: | |||
dependencies: | |||
pino: | |||
specifier: ^8.18.0 | |||
version: 8.21.0 | |||
specifier: ^9.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new version of pino (version 9.0.0) is specified here. Make sure that this new version does not break anything in the code base, thoroughly test the updates.
pnpm-lock.yaml
Outdated
@@ -3200,8 +3200,8 @@ packages: | |||
thread-stream: 2.4.1 | |||
dev: false | |||
|
|||
/pino@8.21.0: | |||
resolution: {integrity: sha512-ip4qdzjkAyDDZklUaZkcRFb2iA118H9SgRh8yzTkSQK8HilsOJF7rSY8HoW5+I0M46AZgX/pxbprf2vvzQCE0Q==} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here the previous versions of pino (8.20.0 and 8.21.0) have been removed. Please validate that no part of the application was specifically dependent on the old version of pino, and make necessary adjustments if that's the case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've made a significant version jump from Pino v8 to v9. Pino v9 has several breaking changes as compared to v8, so it would be advisable to check if any of your existing functionality which relies on Pino logging is negatively affected. A comprehensive test suite would be very helpful in this context.
package.json
Outdated
@@ -48,7 +48,7 @@ | |||
"@rustymotors/shared-packets": "workspace:^", | |||
"@sentry/esbuild-plugin": "^2.16.0", | |||
"fastify": "^4.26.2", | |||
"pino": "^8.19.0", | |||
"pino": "^9.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've updated Pino to v9.0.0. Ensure that all breaking changes are properly accounted for in your application, and check the official Pino documentation for details on breaking changes.
@@ -16,7 +16,7 @@ | |||
"author": "", | |||
"license": "ISC", | |||
"dependencies": { | |||
"pino": "^8.18.0", | |||
"pino": "^9.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've updated Pino in your shared package as well. Make sure that this does not cause any incompatibility issues with other packages or applications using your shared package.
pnpm-lock.yaml
Outdated
@@ -27,8 +27,8 @@ importers: | |||
specifier: ^4.26.2 | |||
version: 4.26.2 | |||
pino: | |||
specifier: ^8.19.0 | |||
version: 8.21.0 | |||
specifier: ^9.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, ensure that you're updating the lockfile correctly. The previous version seemed to be 8.21.0, which isn't the same as in your package.json. This might suggest some inconsistencies in how dependencies are being managed.
pnpm-lock.yaml
Outdated
@@ -3200,8 +3200,8 @@ packages: | |||
thread-stream: 2.4.1 | |||
dev: false | |||
|
|||
/pino@8.21.0: | |||
resolution: {integrity: sha512-ip4qdzjkAyDDZklUaZkcRFb2iA118H9SgRh8yzTkSQK8HilsOJF7rSY8HoW5+I0M46AZgX/pxbprf2vvzQCE0Q==} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've updated the Pino version in your lock file. This is good as it ensures that the correct dependency versions are installed. However, ensure all packages which depend on Pino also support this new version.
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1919 +/- ##
=====================================
Coverage 9.74% 9.74%
=====================================
Files 133 133
Lines 9730 9730
Branches 128 132 +4
=====================================
Hits 948 948
Misses 8782 8782
*This pull request uses carry forward flags. Click here to find out more. ☔ View full report in Codecov by Sentry. |
44acd70
to
9914a3b
Compare
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/pino@8.21.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 9914a3b
pnpm-lock.yaml
Outdated
specifier: ^8.19.0 | ||
version: 8.21.0 | ||
specifier: ^9.0.0 | ||
version: 9.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You have upgraded pino to its 9.0.0 version. Make sure this change does not cause any inconsistency or version conflict with other dependencies or sub-dependencies.
9914a3b
to
58f0c15
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 58f0c15
pnpm-lock.yaml
Outdated
@@ -3197,11 +3197,11 @@ packages: | |||
real-require: 0.2.0 | |||
safe-stable-stringify: 2.4.3 | |||
sonic-boom: 3.8.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The 'thread-stream' library has also been updated from version 2.4.1 to 2.7.0. It's important to understand the implications of this version upgrade as well.
pnpm-lock.yaml
Outdated
/thread-stream@2.4.1: | ||
resolution: {integrity: sha512-d/Ex2iWd1whipbT681JmTINKw0ZwOUBZm7+Gjs64DHuX34mmw8vJL2bFAaNacaW72zYiTJxSHi5abUuOi5nsfg==} | ||
dependencies: | ||
real-require: 0.2.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems that the older version of 'thread-stream' has been completely replaced with the new one based on the lockfile. If there were any known issues with the older version, this should resolve them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 58f0c15
pnpm-lock.yaml
Outdated
@@ -3197,11 +3197,11 @@ packages: | |||
real-require: 0.2.0 | |||
safe-stable-stringify: 2.4.3 | |||
sonic-boom: 3.8.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'thread-stream' has been updated to version 2.7.0. Make sure to test and ensure no significant changes in this updated package adversely impacts your application.
pnpm-lock.yaml
Outdated
@@ -3703,12 +3703,6 @@ packages: | |||
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} | |||
dev: true | |||
|
|||
/thread-stream@2.4.1: | |||
resolution: {integrity: sha512-d/Ex2iWd1whipbT681JmTINKw0ZwOUBZm7+Gjs64DHuX34mmw8vJL2bFAaNacaW72zYiTJxSHi5abUuOi5nsfg==} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As the 'thread-stream' has been updated to a new version, the old version information is correctly removed.
58f0c15
to
6f5eb91
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 6f5eb91
pnpm-lock.yaml
Outdated
@@ -3200,8 +3200,8 @@ packages: | |||
thread-stream: 2.4.1 | |||
dev: false | |||
|
|||
/pino@8.21.0: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An update was made to the SHA512 hash resolving the pino
package. This change was expected and is correct, as the hash corresponds to the precise version of the package being pulled.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 6f5eb91
pnpm-lock.yaml
Outdated
@@ -3200,8 +3200,8 @@ packages: | |||
thread-stream: 2.4.1 | |||
dev: false | |||
|
|||
/pino@8.21.0: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The integrity hash has been updated, which suggests a successful update of 'pino' to version 9.0.0. This includes a complete download which ensures the package is not tampered with.
6f5eb91
to
8ce2487
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 8ce2487
pnpm-lock.yaml
Outdated
@@ -3795,23 +3793,6 @@ packages: | |||
resolution: {integrity: sha512-cHjPPsE+vhj/tnhCy/wiMh3M3z3h/j15zHQX+S9GkTBgqJuTuJzYJ4gUyACLhDaJ7kk9ba9iRDmbH2tJU03OiA==} | |||
dev: false | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Information about the old version of pino is removed here. Make sure no essential dependencies were lost in this change.
pnpm-lock.yaml
Outdated
@@ -4394,12 +4375,6 @@ packages: | |||
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} | |||
dev: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'thread-stream@2.6.0' dependency has been removed. If it's a deprecated version, it's generally okay to remove it. However, please ensure these changes won't affect the functioning of your code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 8ce2487
pnpm-lock.yaml
Outdated
@@ -3795,23 +3793,6 @@ packages: | |||
resolution: {integrity: sha512-cHjPPsE+vhj/tnhCy/wiMh3M3z3h/j15zHQX+S9GkTBgqJuTuJzYJ4gUyACLhDaJ7kk9ba9iRDmbH2tJU03OiA==} | |||
dev: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'pino@8.20.0' details removed here. Given that the application no longer uses this version of 'pino', this seems to be an appropriate change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 8ce2487
pnpm-lock.yaml
Outdated
quick-format-unescaped: 4.0.4 | ||
real-require: 0.2.0 | ||
safe-stable-stringify: 2.4.3 | ||
sonic-boom: 3.8.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Previously used pino@8.20.0 package with its dependencies has been removed. Please make sure the removal of these dependencies does not affect other packages that still might be using them.
pnpm-lock.yaml
Outdated
@@ -4394,12 +4375,6 @@ packages: | |||
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} | |||
dev: true | |||
|
|||
/thread-stream@2.6.0: | |||
resolution: {integrity: sha512-t4eNiKdGwd1EV6tx76mRbrOqwvkxz+ssOiQXEXw88m4p/Xp6679vg16sf39BAstRjHOiWIqp5+J2ylHk3pU30g==} | |||
dependencies: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removal of the '/thread-stream@2.6.0' dependency may affect packages that might still be using it. If other packages that still require this version, consider refraining this change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 8ce2487
pnpm-lock.yaml
Outdated
real-require: 0.2.0 | ||
safe-stable-stringify: 2.4.3 | ||
sonic-boom: 3.8.1 | ||
thread-stream: 2.6.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The packages /pino@8.20.0 and /thread-stream@2.6.0 are no longer available after these changes. If any other part of the project is still dependent on these, it could potentially cause breaking changes.
pnpm-lock.yaml
Outdated
@@ -4394,12 +4375,6 @@ packages: | |||
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} | |||
dev: true | |||
|
|||
/thread-stream@2.6.0: | |||
resolution: {integrity: sha512-t4eNiKdGwd1EV6tx76mRbrOqwvkxz+ssOiQXEXw88m4p/Xp6679vg16sf39BAstRjHOiWIqp5+J2ylHk3pU30g==} | |||
dependencies: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This removal shows that the version of 'thread-stream' has been changed. It may impact how 'pino' works - investigate any changes to this dependency as well.
8ce2487
to
3645c3d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 3645c3d
pnpm-lock.yaml
Outdated
quick-format-unescaped: 4.0.4 | ||
real-require: 0.2.0 | ||
safe-stable-stringify: 2.4.3 | ||
sonic-boom: 3.8.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It appears that several dependencies that were related to 'pino' v8.21.0, aren't present for 'pino' v9.0.0. Make sure to check the updated 'pino' documentation to be aware of any dropped dependencies and how that could affect your application.
3645c3d
to
194704e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 194704e
pnpm-lock.yaml
Outdated
@@ -3793,23 +3793,6 @@ packages: | |||
resolution: {integrity: sha512-cHjPPsE+vhj/tnhCy/wiMh3M3z3h/j15zHQX+S9GkTBgqJuTuJzYJ4gUyACLhDaJ7kk9ba9iRDmbH2tJU03OiA==} | |||
dev: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These dependency removals are a result of the 'pino' update. Ensure that removing these dependencies doesn't affect any functionality. If any functionality is affected, you might need to manually add them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 194704e
pnpm-lock.yaml
Outdated
@@ -3793,23 +3793,6 @@ packages: | |||
resolution: {integrity: sha512-cHjPPsE+vhj/tnhCy/wiMh3M3z3h/j15zHQX+S9GkTBgqJuTuJzYJ4gUyACLhDaJ7kk9ba9iRDmbH2tJU03OiA==} | |||
dev: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removal of the old version of 'pino' from the pnpm-lock.yaml file is good to keep it clean and up-to-date, but be aware of any dependencies relying on the old version.
pnpm-lock.yaml
Outdated
@@ -4392,12 +4375,6 @@ packages: | |||
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'thread-stream@2.6.0' dependency is also removed with this update, and its dependencies along with it. Again, make sure this doesn't impact your current codebase.
194704e
to
fac540b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for fac540b
pnpm-lock.yaml
Outdated
safe-stable-stringify: 2.4.3 | ||
sonic-boom: 3.8.1 | ||
thread-stream: 2.6.0 | ||
dev: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The detailed information for the previous version (8.21.0
) of pino
is still present. If 9.0.0
is the preferred version, consider removing these details to maintain consistency.
89f81f2
to
e34ea0f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for e34ea0f
pnpm-lock.yaml
Outdated
@@ -27,8 +27,8 @@ importers: | |||
specifier: ^8.11.5 | |||
version: 8.11.5 | |||
pino: | |||
specifier: ^8.21.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'pino' package is removed and updated in the lock file. This action suggests that the packages have been updated correctly.
e34ea0f
to
030351b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 030351b
pnpm-lock.yaml
Outdated
@@ -2633,9 +2625,6 @@ packages: | |||
text-table@0.2.0: | |||
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'thread-stream' version is removed from your projects. If any of your packages were depending on this version, you might face issues.
pnpm-lock.yaml
Outdated
pino-std-serializers: 6.2.2 | ||
process-warning: 3.0.0 | ||
quick-format-unescaped: 4.0.4 | ||
real-require: 0.2.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removals of dependencies in pino@8.20.0 are also significant, especially if other components in the project directly/indirectly depended on these dependencies.
pnpm-lock.yaml
Outdated
@@ -5212,10 +5173,6 @@ snapshots: | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Try to resist removing dependencies such as 'real-require' in 'thread-stream@2.6.0' unless you're absolutely sure they're not needed anywhere else in the codebase as it may cause unexpected breakage.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 030351b
pnpm-lock.yaml
Outdated
pino-std-serializers: 6.2.2 | ||
process-warning: 3.0.0 | ||
quick-format-unescaped: 4.0.4 | ||
real-require: 0.2.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please confirm if it's okay to remove all dependencies of the older version of pino. If some dependencies are still required, they should be shift to new version or kept with older version of pino.
030351b
to
8705615
Compare
ef26b38
to
b4f08bf
Compare
b4f08bf
to
94e4754
Compare
👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎ This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
29775be
to
dbd3f68
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for dbd3f68
@@ -24,7 +24,7 @@ | |||
"license": "AGPL-3.0", | |||
"dependencies": { | |||
"fastify": "^4.27.0", | |||
"pino": "^8.18.0", | |||
"pino": "^9.0.0", | |||
"pino-pretty": "^11.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please confirm 'pino-pretty' version 11.0.0 is compatible with 'pino' version 9.0.0. Although not every single major update will result in issues with dependent libraries, when it does occur it can cause unexpected behaviour.
79a4ab0
to
d724a0f
Compare
d724a0f
to
f8e8dc0
Compare
f8e8dc0
to
437ab75
Compare
Quality Gate passedIssues Measures |
This PR contains the following updates:
^8.18.0
->^9.0.0
Release Notes
pinojs/pino (pino)
v9.1.0
Compare Source
What's Changed
New Contributors
Full Changelog: pinojs/pino@v9.0.0...v9.1.0
v9.0.0
Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.