talk-android icon indicating copy to clipboard operation
talk-android copied to clipboard

Published 20 hours ago • verified publisher icon nextcloud

Bump hwsecurity-fido from 2.4.5 to 4.4.0

Open dependabot[bot] opened this issue 4 years ago • 7 comments

Bumps hwsecurity-fido from 2.4.5 to 4.4.0.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Apr 29 '21 22:04 dependabot[bot]

@dschuermann 2.4.x to 4.4.0 would be quite the version bump, is there anything in particular we would need to focus on when updating the version (basically 2 mayor versions)

AndyScherzinger avatar Apr 29 '21 23:04 AndyScherzinger

@AndyScherzinger Update should be easy. But it makes sense to also add FIDO2 WebAuthn support: https://github.com/nextcloud/talk-android/pull/1206

dschuermann avatar Apr 30 '21 12:04 dschuermann

see https://github.com/nextcloud/android/pull/8933 for blocking details, rather look for 4.1.0

AndyScherzinger avatar Sep 06 '21 06:09 AndyScherzinger

Lint

TypemasterPR
Warnings130130
Errors22

SpotBugs (new)

Warning Type Number
Bad practice Warnings 9
Correctness Warnings 37
Experimental Warnings 2
Internationalization Warnings 9
Malicious code vulnerability Warnings 24
Performance Warnings 24
Security Warnings 2
Dodgy code Warnings 72
Total 179

SpotBugs (master)

Warning Type Number
Bad practice Warnings 9
Correctness Warnings 37
Experimental Warnings 2
Internationalization Warnings 9
Malicious code vulnerability Warnings 24
Performance Warnings 24
Security Warnings 2
Dodgy code Warnings 72
Total 179

nextcloud-android-bot avatar May 20 '22 16:05 nextcloud-android-bot

@dependabot rebase

AndyScherzinger avatar May 29 '22 12:05 AndyScherzinger

https://github.com/nextcloud/android/issues/8585

We should either fix it with 4.4.0 or re-test it 4.1.0

tobiasKaminsky avatar Aug 24 '22 12:08 tobiasKaminsky

@dependabot rebase

AndyScherzinger avatar Oct 11 '22 22:10 AndyScherzinger

@dependabot rebase

AndyScherzinger avatar Jan 08 '23 20:01 AndyScherzinger

@dependabot rebase

AndyScherzinger avatar Jan 13 '23 10:01 AndyScherzinger

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Dec 13 '23 16:12 dependabot[bot]