Skip to content

fix(ci): update trivy to v0.69.3 and bump protobuf 6.33.2 → 6.33.5#304

Merged
mlwelles merged 3 commits into
mainfrom
fix/trivy-version
Mar 13, 2026
Merged

fix(ci): update trivy to v0.69.3 and bump protobuf 6.33.2 → 6.33.5#304
mlwelles merged 3 commits into
mainfrom
fix/trivy-version

Conversation

@mlwelles

@mlwelles mlwelles commented Mar 9, 2026

Copy link
Copy Markdown
Contributor

Summary

Resolves https://github.com/dgraph-io/pydgraph/security/dependabot/12

Supersedes #294.

dependabot Bot and others added 3 commits March 5, 2026 00:52
Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 6.33.2 to 6.33.5.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: protobuf
  dependency-version: 6.33.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
mlwelles added a commit that referenced this pull request Mar 13, 2026
## Summary
- Update SPDX copyright headers in `retry.py` and `test_retry.py` from
`© 2025` to `© 2025-2026`
- Update `api.proto` SPDX header from email format to year-range format
(`© 2017-2026 Istari Digital, Inc.`)
- Remove `<dgraph-admin@istaridigital.com>` email from `__maintainer__`
and `__author__` module metadata across 21 Python files

Aligns pydgraph copyright headers with the format established in
dgraph4j PR #284.

**Stacked on top of #304** to incorporate the trivy v0.68.2 → v0.69.3
fix so CI code checks don't fail. (the old release was removed from
GitHub).

## Test plan
- [x] Verify no files contain old `<dgraph-admin@istaridigital.com>`
email in copyright headers
- [x] Verify all SPDX headers use year-range format
- [ ] CI passes (no functional changes)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@mlwelles mlwelles merged commit 42d4adf into main Mar 13, 2026
26 checks passed
@mlwelles mlwelles deleted the fix/trivy-version branch March 13, 2026 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

2 participants