feat(deps): bump lru-memoizer from 2.3.0 to 3.0.0#19785
feat(deps): bump lru-memoizer from 2.3.0 to 3.0.0#19785dependabot[bot] wants to merge 1 commit intodevelopfrom
Conversation
dependabot
Bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| "kafkajs": "2.2.4", | ||
| "knex": "^2.5.1", | ||
| "lru-memoizer": "2.3.0", | ||
| "lru-memoizer": "3.0.0", |
There was a problem hiding this comment.
Test dependency incompatible with OTel instrumentation version range
High Severity
Bumping lru-memoizer to 3.0.0 in the integration tests breaks compatibility with @opentelemetry/instrumentation-lru-memoizer@0.57.0, which only supports lru-memoizer versions >=1.3.0 <3. The OTel instrumentation will not patch lru-memoizer@3.0.0, so the integration test in suites/tracing/lru-memoizer/scenario.js — which verifies context propagation through the instrumentation — will either fail or silently stop testing the actual instrumentation behavior.
Bumps [lru-memoizer](https://github.com/jfromaniello/lru-memoizer) from 2.3.0 to 3.0.0. - [Commits](jfromaniello/lru-memoizer@v2.3.0...v3.0.0) --- updated-dependencies: - dependency-name: lru-memoizer dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/lru-memoizer-3.0.0
branch
from
61690df to
6951884
Compare
|
OTel instrumentation only supports >=1.3.0 < 3. Closing |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Bumps lru-memoizer from 2.3.0 to 3.0.0.
Commits
68309293.0.011c51b7Merge branch 'isidrok-master'e2f0681replace all maxAge references with ttl1039d41update lru cache and typescript (#1)b6c681cImproveREADME.md(#28)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)