Skip to content

Commit ebdac08

Browse files
robbertbosrobbertbos
committed
build(deps): bump npm, github-actions en compose-image dependencies
Combineert de drie gegroepeerde Dependabot-PR's (#372 npm, #371 github-actions, #370 compose-images) tot één update: - npm: o.a. vite 7→8, vue-router 4→5, vue-tsc 2→3, eslint 9→10, marked 17→18, @fastify/rate-limit 10→11, @fastify/swagger-ui 5→6, @types/node 24→25 en vele patches. @nl-rvo/* (component-library-css naar 4.20, design-tokens naar 2.x) is BEWUST teruggehouden op 4.8.0/1.9.0: die upgrade bevat een breaking button/link class-migratie en een design-tokens major. Apart opgepakt in #377. - github-actions: upload/download-artifact, docker/* en setup-* acties. - compose-images: alleen keycloak 26.0→26.6 (containers/compose.dev.yaml). Postgres blijft bewust op 17-alpine: ZAD/productie draait op PostgreSQL 17. dependabot.yml negeert voortaan postgres major-updates zodat de bump naar 18 niet opnieuw wordt voorgesteld. Bumpt typescript ~5.7.3 → ~5.9.3: vue-tsc 3 heft het oude TS-plafond op en @vue/tsconfig 0.9.1 vereist TypeScript >= 5.8 (libReplacement-optie). Verwijdert drie nu-overbodige @ts-expect-error directives in pdfExport.ts die @types/pdfmake 0.3.3 voortaan zelf typeert. Geverifieerd: builds (standalone/backend), 100% coverage in alle vier workspaces, eslint 10 clean, actionlint OK.
1 parent 833a083 commit ebdac08

16 files changed

Lines changed: 1921 additions & 1214 deletions

File tree

.github/dependabot.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,3 +56,8 @@ updates:
5656
compose-images:
5757
patterns:
5858
- "*"
59+
ignore:
60+
# ZAD/production runs on PostgreSQL 17; do not propose major bumps to
61+
# 18+ (the data volume does not auto-upgrade across a major version).
62+
- dependency-name: "postgres"
63+
update-types: ["version-update:semver-major"]

.github/workflows/_build-images.yaml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ jobs:
5858
--begrippen-yaml sources/begrippenkader_iama.yaml \
5959
--output-json sources/generated/IAMA.json \
6060
--definitions-once-per-page
61-
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
61+
- uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
6262
with:
6363
name: generated-sources
6464
path: sources/generated/
@@ -80,23 +80,23 @@ jobs:
8080
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
8181
with:
8282
persist-credentials: false
83-
- uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
83+
- uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
8484
with:
8585
name: generated-sources
8686
path: sources/generated/
87-
- uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
87+
- uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
8888
with:
8989
registry: ghcr.io
9090
username: ${{ github.actor }}
9191
password: ${{ secrets.GITHUB_TOKEN }}
9292
- id: meta
93-
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
93+
uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
9494
with:
9595
images: ${{ inputs.backend-image }}
9696
tags: |
9797
type=sha,prefix=${{ inputs.tag-prefix }}
9898
type=raw,value=latest,enable=${{ inputs.tag-latest }}
99-
- uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
99+
- uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
100100
with:
101101
context: .
102102
file: containers/backend/Containerfile
@@ -118,23 +118,23 @@ jobs:
118118
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
119119
with:
120120
persist-credentials: false
121-
- uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
121+
- uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
122122
with:
123123
name: generated-sources
124124
path: sources/generated/
125-
- uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
125+
- uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
126126
with:
127127
registry: ghcr.io
128128
username: ${{ github.actor }}
129129
password: ${{ secrets.GITHUB_TOKEN }}
130130
- id: meta
131-
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
131+
uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
132132
with:
133133
images: ${{ inputs.frontend-image }}
134134
tags: |
135135
type=sha,prefix=${{ inputs.tag-prefix }}
136136
type=raw,value=latest,enable=${{ inputs.tag-latest }}
137-
- uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
137+
- uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
138138
with:
139139
context: .
140140
file: containers/frontend/Containerfile
@@ -164,7 +164,7 @@ jobs:
164164
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
165165
with:
166166
persist-credentials: false
167-
- uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
167+
- uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
168168
with:
169169
registry: ghcr.io
170170
username: ${{ github.actor }}
@@ -200,7 +200,7 @@ jobs:
200200
TRIVY_USERNAME: ${{ github.actor }}
201201
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
202202
- name: Upload SBOM artifact
203-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
203+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
204204
with:
205205
name: sbom-${{ matrix.component }}
206206
path: trivy-sbom-${{ matrix.component }}.json

.github/workflows/build-standalone.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ jobs:
4646
--definitions-once-per-page
4747
4848
- name: Set up Node.js
49-
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
49+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
5050
with:
5151
node-version: '22'
5252

@@ -62,7 +62,7 @@ jobs:
6262
run: cd apps/standalone-form && pnpm build
6363

6464
- name: Upload build artifact
65-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
65+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
6666
with:
6767
name: standalone-form
6868
path: apps/standalone-form/dist/

.github/workflows/deploy-productie.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ jobs:
7070
exit 1
7171
fi
7272
73-
- uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
73+
- uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
7474
with:
7575
registry: ghcr.io
7676
username: ${{ github.actor }}

.github/workflows/pre-commit-autoupdate.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
1818

1919
- name: Set up Python
20-
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
20+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
2121
with:
2222
python-version: "3.14"
2323

.github/workflows/pre-commit.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
1515

1616
- name: Set up Python
17-
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
17+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
1818
with:
1919
python-version: '3.14'
2020

.github/workflows/release.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -117,7 +117,7 @@ jobs:
117117
--definitions-once-per-page
118118
119119
- name: Set up Node.js
120-
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
120+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
121121
with:
122122
node-version: '22'
123123

.github/workflows/test.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
3232

3333
- name: Set up Node.js
34-
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
34+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
3535
with:
3636
node-version: '22'
3737

@@ -96,7 +96,7 @@ jobs:
9696

9797
- name: Upload coverage reports
9898
if: always()
99-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
99+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
100100
with:
101101
name: coverage-reports
102102
path: |

apps/boekhouding-backend/package.json

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -17,21 +17,21 @@
1717
"dependencies": {
1818
"@fastify/cors": "^11.0.0",
1919
"@fastify/helmet": "^13.0.2",
20-
"@fastify/rate-limit": "^10.3.0",
20+
"@fastify/rate-limit": "^11.0.0",
2121
"@fastify/swagger": "^9.7.0",
22-
"@fastify/swagger-ui": "^5.2.5",
22+
"@fastify/swagger-ui": "^6.0.0",
2323
"drizzle-orm": "^0.45.2",
2424
"fastify": "^5.8.5",
25-
"jose": "^6.0.11",
26-
"nanoid": "^5.1.5",
27-
"postgres": "^3.4.7"
25+
"jose": "^6.2.3",
26+
"nanoid": "^5.1.11",
27+
"postgres": "^3.4.9"
2828
},
2929
"devDependencies": {
30-
"@types/node": "^24.0.3",
30+
"@types/node": "^25.9.3",
3131
"@vitest/coverage-istanbul": "^4.1.4",
32-
"drizzle-kit": "^0.31.1",
33-
"tsx": "^4.19.4",
34-
"typescript": "~5.7.3",
32+
"drizzle-kit": "^0.31.10",
33+
"tsx": "^4.22.4",
34+
"typescript": "~5.9.3",
3535
"vitest": "^4.1.4"
3636
}
3737
}

apps/boekhouding-frontend/package.json

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -17,23 +17,23 @@
1717
"@nl-rvo/component-library-css": "4.8.0",
1818
"@nl-rvo/design-tokens": "1.9.0",
1919
"@overheid-assessment/core": "workspace:*",
20-
"@tabler/icons-vue": "^3.40.0",
21-
"keycloak-js": "^26.0.7",
22-
"pdfmake": "^0.3.6",
20+
"@tabler/icons-vue": "^3.44.0",
21+
"keycloak-js": "^26.2.4",
22+
"pdfmake": "^0.3.11",
2323
"pinia": "^3.0.3",
24-
"vue": "^3.5.17",
25-
"vue-router": "^4.5.1"
24+
"vue": "^3.5.38",
25+
"vue-router": "^5.1.0"
2626
},
2727
"devDependencies": {
28-
"@vitejs/plugin-vue": "^6.0.1",
28+
"@vitejs/plugin-vue": "^6.0.7",
2929
"@vitest/coverage-istanbul": "^4.1.4",
3030
"@vue/test-utils": "^2.4.6",
31-
"@vue/tsconfig": "^0.7.0",
32-
"jsdom": "^29.0.1",
33-
"npm-run-all2": "^8.0.4",
34-
"typescript": "~5.7.3",
35-
"vite": "^7.3.1",
31+
"@vue/tsconfig": "^0.9.1",
32+
"jsdom": "^29.1.1",
33+
"npm-run-all2": "^9.0.2",
34+
"typescript": "~5.9.3",
35+
"vite": "^8.0.16",
3636
"vitest": "^4.1.4",
37-
"vue-tsc": "^2.2.10"
37+
"vue-tsc": "^3.3.5"
3838
}
3939
}

0 commit comments

Comments
 (0)