Skip to content

fix: update backend and frontend dependencies for security and performance improvements#195

Merged
Roopan-Microsoft merged 4 commits into
devfrom
conmig-dhmohdep
Apr 21, 2026
Merged

fix: update backend and frontend dependencies for security and performance improvements#195
Roopan-Microsoft merged 4 commits into
devfrom
conmig-dhmohdep

Conversation

@Dhanushree-Microsoft

Copy link
Copy Markdown
Contributor

Purpose

This pull request updates several dependencies across both the backend and frontend, focusing primarily on keeping the project up to date with the latest package versions for security, compatibility, and performance improvements. The most significant changes are grouped below by backend and frontend updates.

Does this introduce a breaking change?

  • Yes
  • No

@github-actions

github-actions Bot commented Apr 21, 2026

Copy link
Copy Markdown

Coverage

Coverage Report •
FileStmtsMissCoverMissing
TOTAL265423939% 
report-only-changed-files is enabled. No files were changed during this commit :)

Tests Skipped Failures Errors Time
44 0 💤 0 ❌ 0 🔥 13.410s ⏱️

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request updates backend (Python/uv) and frontend (npm) dependencies to newer versions, aiming to address security, compatibility, and performance concerns across the repo.

Changes:

  • Bumped several Python dependencies (e.g., aiohttp, azure-identity, cryptography, python-multipart, requests) and refreshed uv.lock files accordingly.
  • Updated frontend dependencies (notably axios, js-yaml, and vite) and refreshed package-lock.json.
  • Added additional npm overrides entries to enforce minimum versions for transitive dependencies.

Reviewed changes

Copilot reviewed 3 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/processor/uv.lock Refreshes Python lockfile with updated pinned/override package versions.
src/processor/pyproject.toml Updates pinned deps and expands tool.uv.override-dependencies.
src/backend-api/uv.lock Refreshes backend API lockfile for updated aiohttp, azure-identity, cryptography, and pytest.
src/backend-api/pyproject.toml Updates pinned deps and dev dependency minimums to match the lockfile.
src/frontend/package.json Updates direct deps and adds new npm overrides constraints.
src/frontend/package-lock.json Updates resolved dependency graph to match new frontend versions and overrides.
Files not reviewed (1)
  • src/frontend/package-lock.json: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/frontend/package.json Outdated
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@Roopan-Microsoft Roopan-Microsoft merged commit 0e14fd0 into dev Apr 21, 2026
11 checks passed
@github-actions

Copy link
Copy Markdown

🎉 This PR is included in version 1.1.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@Dhanushree-Microsoft Dhanushree-Microsoft deleted the conmig-dhmohdep branch May 19, 2026 06:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants