Bump protobuf from 4.24.2 to 4.25.8 in /client/python#299
Merged
Conversation
15 tasks
jdanieck
pushed a commit
to open-edge-platform/scenescape
that referenced
this pull request
Aug 8, 2025
## 📝 Description Trivy image scan discovered [CVE-2025-4565](https://nvd.nist.gov/vuln/detail/CVE-2025-4565) in the Controller image. The protobuf package is pulled in indirectly by vdms. The proper fix requires protobuf dependency update in the vdms and vdms upgrade on our side. Looking at the [vdms](https://github.com/IntelLabs/vdms) repo we can see both the IntelLabs/vdms#298 issue and the IntelLabs/vdms#299 PR which are not resolved since Jun 17. This PR overrides the protobuf package after vdms installation. Minor version upgrade is expected to be backward compatible, hence it should be safe to upgrade. That said it requires running regression tests on our end to make sure everything is still working fine. ``` $ trivy image scenescape-controller:1.4.0-rc1 -s CRITICAL,HIGH ... Python (python-pkg) Total: 1 (HIGH: 1, CRITICAL: 0) ┌─────────────────────┬───────────────┬──────────┬────────┬───────────────────┬────────────────────────┬─────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────────────────┼───────────────┼──────────┼────────┼───────────────────┼────────────────────────┼─────────────────────────────────────────────────────────┤ │ protobuf (METADATA) │ CVE-2025-4565 │ HIGH │ fixed │ 4.24.2 │ 4.25.8, 5.29.5, 6.31.1 │ python-protobuf: Unbounded recursion in Python Protobuf │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2025-4565 │ └─────────────────────┴───────────────┴──────────┴────────┴───────────────────┴────────────────────────┴─────────────────────────────────────────────────────────┘ ``` ``` $ docker run --entrypoint python3 -it --rm scenescape-controller-test:1.4.0-rc1 -m pipdeptree --reverse --packages protobuf ------------------------------------------------------------------------ protobuf==4.24.2 └── vdms==0.0.21 [requires: protobuf==4.24.2] ``` ## ✨ Type of Change Select the type of change your PR introduces: - [ ] 🐞 **Bug fix** – Non-breaking change which fixes an issue - [ ] 🚀 **New feature** – Non-breaking change which adds functionality - [ ] 🔨 **Refactor** – Non-breaking change which refactors the code base - [ ] 💥 **Breaking change** – Changes that break existing functionality - [ ] 📚 **Documentation update** - [x] 🔒 **Security update** - [ ] 🧪 **Tests** - [ ] 🚂 **CI** ## 🧪 Testing Scenarios Describe how the changes were tested and how reviewers can test them too: - [ ] ✅ Tested manually - [ ] 🤖 Ran automated end-to-end tests ## ✅ Checklist Before submitting the PR, ensure the following: - [ ] 🔍 PR title is clear and descriptive - [ ] 📝 For internal contributors: If applicable, include the JIRA ticket number (e.g., ITEP-123456) in the PR **title**. Do **not** include full URLs - [ ] 💬 I have commented my code, especially in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [ ] ✅ I have added tests that prove my fix is effective or my feature works --------- Co-authored-by: Sarat Poluri <sarat.chandra.poluri@intel.com> Co-authored-by: Sarthak Deva <122260074+sarthakdeva-intel@users.noreply.github.com>
54a2a8d to
f3a87f7
Compare
Contributor
|
Target CPP Coverage: 71.4335% Target Python Coverage: 97.94% |
Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.24.2 to 4.25.8. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v4.24.2...v4.25.8) --- updated-dependencies: - dependency-name: protobuf dependency-version: 4.25.8 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com>
88e8911 to
605fd87
Compare
Contributor
|
Target CPP Coverage: 68.105% Target Python Coverage: 97.94% |
cwlacewe
approved these changes
Oct 2, 2025
cwlacewe
added a commit
that referenced
this pull request
Nov 4, 2025
Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> Co-authored-by: Rohit Verma <rohit1.verma@intel.com> Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Co-authored-by: Chaunte W. Lacewell <chaunte.w.lacewell@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Updates for release (#279) * Updates for release Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Update setup script Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Update coverage from Orchestration PR Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> --------- Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Replace non-inclusive terminology (#284) * Update doxyfile comment, change name of main node detail to ControlPlaneNodeDetail Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Updated references of `master` node to `primary` or `control plane` Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * disable to deactivate excluding external references Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * dummy to placeholder Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * kill to stop excluding commands Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Automated coverage update --------- Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Neo4j configurable number of clients connection (#287) * Update Neo4j query handler to make number of client connections configurable Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Update config keyword to `neo4j_conn_pool_sz` Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Automated coverage update * Automated coverage update --------- Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Chaunte W. Lacewell <chaunte.w.lacewell@intel.com> * Bump flask from 3.1.0 to 3.1.1 in /.github (#288) Bumps [flask](https://github.com/pallets/flask) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@3.1.0...3.1.1) --- updated-dependencies: - dependency-name: flask dependency-version: 3.1.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Improve documentation (#286) * Transfer wiki to mkdocs Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Add doc deploy to workflow Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Change trigger of update docs to push Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Remove doc artifact Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * TESTING ONLY: Add push to branch as trigger Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * mod update doc workflow, add dark/light mode to mkdocs.yml Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Automated coverage update * Change theme to readthedocs and add DeepWiki links Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Automated coverage update * Organize mkdocs and add req file Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Fix workflow Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Automated coverage update * Update guides Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Rename guide section Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Format updates 1 and re-structure files Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Format update Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Pull latest wiki updates Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Change references to wiki to site https://intellabs.github.io/vdms/; remove INSTALL.md and use version in docs/ Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Cleanup; Update trigger for pushes to develop and master Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> * Automated coverage update * Automated coverage update * Spelling fixes and add conditional statement to job pushing documentation (added test trigger for branch) Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * fix workflow condition Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * fix workflow command Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * fix workflow command Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * fix workflow command Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * fix workflow command Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * fix workflow command Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * remove test text Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Remove test trigger Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Remove collections reference Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Removed *_index.md pages under commands to allow easier navigation with next and prev buttons: Fix incorrect link to Kubernetes guide Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Automated coverage update --------- Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * S3 Connection Logging: Copy-Paste errors (#290) * Update S3 connection error logs Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Minor updates to error logs Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Automated coverage update --------- Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Integrating shared connection logic for PMGD * Automated coverage update * Automated coverage update * initial implementation of filter library API and memory management for filters (#292) * initial implementation of filter library API and memory management for filters * refactor intial implementation into classes and derived classes * [pre-commit.ci lite] apply automatic fixes * Implement add functionality for filter with Cuckoo path logic and displacement * [pre-commit.ci lite] apply automatic fixes * complete Filter implementation * [pre-commit.ci lite] apply automatic fixes * add unit tests * [pre-commit.ci lite] apply automatic fixes * adding more unit tests * [pre-commit.ci lite] apply automatic fixes * make signature longer for collisions and increase coverage for tests * [pre-commit.ci lite] apply automatic fixes * Automated coverage update --------- Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Chaunte W. Lacewell <chaunte.w.lacewell@intel.com> * add test cases for collection manager (#304) * add test cases for collection manager * [pre-commit.ci lite] apply automatic fixes * Automated coverage update --------- Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * 297 transaction succeeds despite exception (#302) * Include query operation failure tests Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Check for query errors while performing operations Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Check for query errors while performing Video operations Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Update Image and Video tests to expect exception on invalid operations Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Automated coverage update --------- Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * 295 addget fast filters integration (#305) * Add and find filter stubs * filter stubs updating * Initial add filter implentation completed, WiP * Fixed missing defintion in filter.h, initial compilation of add get and list complete for filters. Moving to testing... * Tests, WiP, currently working, but need more cases * Basic test integration * [pre-commit.ci lite] apply automatic fixes * Additional test, removal of debug output * Fixing merge issue in cmakelist, test tweak addition, reduce noisiness slightly * Automated coverage update * Automated coverage update * Update include/vcl/Filter.h Co-authored-by: Chaunte W. Lacewell <chaunte.w.lacewell@intel.com> * Automated coverage update --------- Co-authored-by: kfadams <kfadams@evs-infra.jf.intel.com> Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Chaunte W. Lacewell <chaunte.w.lacewell@intel.com> * Create intel_security_scan.yaml * 196 objects not cleaned up on transaction failure (#306) * Include S3 transaction rollback test This test counts the number of objects stored in S3, then executes a query that would cause a storage leak and finally makes sure the number of objects stored in S3 is still the same. Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Implement S3 transaction rollback for PMGD handler In case of failure, the exception handler will make sure all added objects within the current query context are removed from S3. Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Implement S3 transaction rollback for Neo4j handler In case of failure, all added objects within the current query context are removed from S3. Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Automated coverage update --------- Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * 182 erroneous read only on server start (#308) * Update ImageTransactionRollback test and include new test FindImageEmptyDB This test runs a query with 2 FindImage commands on a new/empty PMGD db instance and validates the response contains the excepted message `"No entities found"`. Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Update QueryNode and QueryEdge protobuf construct handler read mode to avoid internal PMGD validation check exception A read-write validation check is performed internally by PMGD. When running a query node/edge transaction with a readOnly flag a validation check will trigger an exception. The exception message will be propagated to the query response. This change allows the validation to pass while technically the transaction is still a readOnly operation. The validation occurs in the PMGD codebase, updating it is not reasonable at this time. Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Restore previous test changes Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> --------- Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> * Adding CPP CodeQL Scanning (#309) * Add files via upload * [pre-commit.ci lite] apply automatic fixes --------- Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> * Override coverage (#310) * Change coverage reports to PR #308; Set gcovr to version of prev. scans; Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Upgrade gcovr (Changes coverage results) Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Update expected coverage Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> --------- Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Bump protobuf from 4.24.2 to 4.25.8 in /client/python (#299) * Bump protobuf from 4.24.2 to 4.25.8 in /client/python Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.24.2 to 4.25.8. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v4.24.2...v4.25.8) --- updated-dependencies: - dependency-name: protobuf dependency-version: 4.25.8 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Upgrade protobuf every else in code Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Automated coverage update --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Convert CodeQL Scan from Basic to Advanced (#311) * Update codeql_analysis.yml * [pre-commit.ci lite] apply automatic fixes * Automated coverage update --------- Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Upgrade protobuf to 5.29.5 (#312) * Upgrade protobuf to 5.29.5 Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Change google test version (compatibility issue with v1.17.0) Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * downgrade google test version to v1.13.0 for neo4j Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Revert to googletest commit 4c9a3bb62bf3ba1f1010bf96f9c8ed767b363774 Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Automated coverage update * Update googletest version to one used in protobuf v29.5 Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Automated coverage update --------- Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Release requirements (#315) * Update requirements.txt Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Update actions to latest versions Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Automated coverage update * Update UDF requirements.txt Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> * Automated coverage update --------- Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Update codeql_analysis.yml (#318) * Update codeql_analysis.yml Removing security and quality query from CodeQL to reduce the noise in the findings. * Automated coverage update --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: cwlacewe <chaunte.w.lacewell@intel.com> Signed-off-by: Lacewell, Chaunte W <chaunte.w.lacewell@intel.com> Signed-off-by: Steven Rojas <steven.rojas.cubero@intel.com> Co-authored-by: Ragaad <ragaad.altarawneh@intel.com> Co-authored-by: Michael Beale <michael.beale@intel.com> Co-authored-by: Ian Adams <ian.f.adams@intel.com> Co-authored-by: sys_vdms <sys_vdms@intel.com> Co-authored-by: Rohit Verma <rohit1.verma@intel.com> Co-authored-by: Sameh Gobriel <75963591+s-gobriel@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Stewart Blacklock <stewart.f.blacklock@intel.com> Co-authored-by: Rohit Verma <61152664+rv355@users.noreply.github.com> Co-authored-by: s-gobriel <sameh.gobriel@intel.com> Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: rolandoquesada <97552286+rolandoquesada@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Rolando Quesada <rolando.quesada.jimenez@intel.com> Co-authored-by: 100rish <sourish.chatterjee@intel.com> Co-authored-by: StevenRojasC <72471602+StevenRojasC@users.noreply.github.com> Co-authored-by: kfadams <kfadams@evs-infra.jf.intel.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps protobuf from 4.24.2 to 4.25.8.
Commits
a4cbdd3Updating version.json and repo version numbers to: 25.829445beMerge pull request #21880 from shaod2/py-25cc13b69Remove debugging code and add EOLsd31100cManually backport recursion limit enforcement to 25.x88a3b90Change pre-22 poison pill to only log once per affected message type. (#21754)320eafaWeaken vulnerable gencode poison pills to warning by default.f584fe3Merge branch 'protocolbuffers:25.x' into 25.xc710036Update test_upb.yml to use ubuntu-229721758Fix missing trailing newline.cca7b28Update test_upb.yml to use ubuntu-22You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.