[wpt-sync] Sync PR 38688 - Bump taskcluster from 47.0.2 to 47.1.2 in /tools
Categories
(Testing :: web-platform-tests, task, P4)
Tracking
(Not tracked)
People
(Reporter: wpt-sync, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 38688 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/38688
Details from upstream follow.
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> wrote:
Bump taskcluster from 47.0.2 to 47.1.2 in /tools
Bumps taskcluster from 47.0.2 to 47.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/taskcluster/taskcluster/releases">taskcluster's releases</a>.</em></p>
<blockquote>
<h2>v47.1.2</h2>
<h3>GENERAL</h3>
<p>▶ [patch]
Add error handling for docker image release process.</p>
<h2>v47.1.0</h2>
<h3>GENERAL</h3>
<p>▶ [minor]
This upgrades Node.js to the latest LTS version available, v18.13.0. Previous version was v16.19.0 and it was scheduled to hit EoL later this year.</p>
<p>View the release schedule <a href="https://github.com/nodejs/release#release-schedule">here</a>.</p>
<p>▶ [patch]
Docker worker json schema payload has been tweaked for cleaner go code generation. No functional impact anticipated.</p>
<p>▶ [patch]
Minor and patch version bumps via Dependabot using <code>pmac</code>:</p>
<p><code>pmac add 6040 6039 6038 6036 6035 6034 6032 6030 6029 6028 6027 6026 6025 6024 6023</code></p>
<h3>USERS</h3>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6014">#6014</a>
Bug fix: docker worker no longer accepts non-strings for env var values in task payloads.</p>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6021">#6021</a>
Docker Worker payload has been tightened to enforce that Docker Worker caches are string to string mappings, rather than string to anything mappings.</p>
<h2>v47.0.3</h2>
<h3>GENERAL</h3>
<p>▶ [patch]
Go update from 1.19.4 to 1.19.5.</p>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5266">#5266</a>
This patch fetches <code>https://go.dev/dl/?mode=json</code> in order to automatically update the sha256 values of each of the go binaries used in the <code>workers/generic-worker/gw-decision-task/tasks.yml</code> file.</p>
<p>▶ [patch]
Upgrade <code>git</code> to latest version to address the security vulnerabilities affecting versions 2.39 and older.</p>
<p><a href="https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/">Announcement on GitHub</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/taskcluster/taskcluster/blob/main/CHANGELOG.md">taskcluster's changelog</a>.</em></p>
<blockquote>
<h2>v47.1.2</h2>
<h3>GENERAL</h3>
<p>▶ [patch]
Add error handling for docker image release process.</p>
<h2>v47.1.1</h2>
<h3>GENERAL</h3>
<p>▶ [patch]
This upgrades Node.js to the latest LTS version available, v18.14.1. This is a security release.</p>
<h3>DEVELOPERS</h3>
<p>▶ [patch]
Replace <code>github.com/ghodss/yaml</code> with <code>sigs.k8s.io/yaml</code></p>
<p>▶ [patch]
This patch fixes the <code>yarn generate</code> command from failing from trying to fetch an older version of go that's not incluced in the <a href="https://go.dev/dl/?mode=json">https://go.dev/dl/?mode=json</a> API.</p>
<h3>OTHER</h3>
<p>▶ Additional change not described here: <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/1753249">#1753249</a>.</p>
<h2>v47.1.0</h2>
<h3>GENERAL</h3>
<p>▶ [minor]
This upgrades Node.js to the latest LTS version available, v18.13.0. Previous version was v16.19.0 and it was scheduled to hit EoL later this year.</p>
<p>View the release schedule <a href="https://github.com/nodejs/release#release-schedule">here</a>.</p>
<p>▶ [patch]
Docker worker json schema payload has been tweaked for cleaner go code generation. No functional impact anticipated.</p>
<p>▶ [patch]
Minor and patch version bumps via Dependabot using <code>pmac</code>:</p>
<p><code>pmac add 6040 6039 6038 6036 6035 6034 6032 6030 6029 6028 6027 6026 6025 6024 6023</code></p>
<h3>USERS</h3>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6014">#6014</a>
Bug fix: docker worker no longer accepts non-strings for env var values in task payloads.</p>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6021">#6021</a>
Docker Worker payload has been tightened to enforce that Docker Worker caches are string to string mappings, rather than string to anything mappings.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/taskcluster/taskcluster/commit/07ad0fc8cc063cff46f5bfcb3a77520b9d68f128"><code>07ad0fc</code></a> v47.1.2</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/7804303d34d9b46484ea5dad74372998615da006"><code>7804303</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6078">#6078</a> from taskcluster/feat/check-image</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/a5b1a5828f7bcbf1fd5ca6cca5e8e2b0932ac233"><code>a5b1a58</code></a> try handling registry error gracefuly and see what happens</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/5abfc0ddb06fc9f2a816c866ba6f261783a5b5cc"><code>5abfc0d</code></a> v47.1.1</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/d6dba6a4f7ea25d173bee4a6fee099ac178da7b5"><code>d6dba6a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6074">#6074</a> from taskcluster/matt-boris/node18.14.1</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/866f432cdf3f5f473be1cb02344d3453366774f3"><code>866f432</code></a> Merge branch 'main' into matt-boris/node18.14.1</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/7099721f0f39692654e521b7d7356af323d87813"><code>7099721</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6070">#6070</a> from Juneezee/refactor/yaml</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/5858b282108812b60ed72b343059b435bb7e4339"><code>5858b28</code></a> Add changelog</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/a225634226ac9165a2699c109e4d6b4df4e6ae3a"><code>a225634</code></a> Replace <code>github.com/ghodss/yaml</code> with <code>sigs.k8s.io/yaml</code></li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/452ff00d26161477f9fddf7bbeb355e29d53d03d"><code>452ff00</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/6076">#6076</a> from djmitche/doc-is-task-group-active</li>
<li>Additional commits viewable in <a href="https://github.com/taskcluster/taskcluster/compare/v47.0.2...v47.1.2">compare view</a></li>
</ul>
</details>
<br />Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.
<details>
<summary>Dependabot commands and options</summary>
<br />You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)</details>
Assignee | ||
Updated•2 years ago
|
Description
•