chore(frontend): bump obol-stack-front-end v0.1.24 → v0.1.25-rc1 (digest-pinned)#505
Open
bussyjd wants to merge 1 commit into
Open
chore(frontend): bump obol-stack-front-end v0.1.24 → v0.1.25-rc1 (digest-pinned)#505bussyjd wants to merge 1 commit into
bussyjd wants to merge 1 commit into
Conversation
…est-pinned) Promotes the frontend pin to the v0.1.25-rc1 release candidate, which combines 10 Dependabot bumps integrated via PR #322 on the frontend repo (all 8 CI checks green on the integration branch). Multi-arch index digest: sha256:e7b38ca43771c29475d6831dbee53adb5d2685137ecb7d5878c82e4ecebee92a Per-platform digests: linux/amd64 sha256:2d39e666dd7f807e4a6b56e7f7f509cd96b8427fcabe413bbd9000da55f2cf55 linux/arm64 sha256:6afb996dd6c21e68d714f4aa1ef0c51b2a4553e24d72629529e053e611d889b3 Frontend release: https://github.com/ObolNetwork/obol-stack-front-end/releases/tag/v0.1.25-rc1 Frontend integration PR: ObolNetwork/obol-stack-front-end#322 Dep bumps included: @typescript-eslint/eslint-plugin 8.59.1 → 8.59.2 (#312) @tanstack/react-query 5.100.9 → 5.100.10 (#313) @playwright/test 1.59.1 → 1.60.0 (#314) thread-stream 4.0.0 → 4.2.0 (#315) @copilotkit/runtime 1.56.3 → 1.57.1 (#316) @types/node 25.6.2 → 25.9.0 (#317) viem 2.48.11 → 2.49.3 (#318) lint-staged 16.4.0 → 17.0.5 (#319) react-dom 19.2.5 → 19.2.6 (#320) dompurify 3.4.2 → 3.4.5 (#321)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Promotes the frontend image pin to v0.1.25-rc1, which combines 10 Dependabot dependency bumps (see frontend integration PR #322, all 8 CI checks green).
Image identity
obolnetwork/obol-stack-front-endv0.1.25-rc1sha256:e7b38ca43771c29475d6831dbee53adb5d2685137ecb7d5878c82e4ecebee92asha256:2d39e666dd7f807e4a6b56e7f7f509cd96b8427fcabe413bbd9000da55f2cf55sha256:6afb996dd6c21e68d714f4aa1ef0c51b2a4553e24d72629529e053e611d889b3Frontend release: https://github.com/ObolNetwork/obol-stack-front-end/releases/tag/v0.1.25-rc1
Bumps included via frontend PR #322
@typescript-eslint/eslint-plugin(dev)@tanstack/react-query@playwright/test(dev)thread-stream@copilotkit/runtime@types/node(dev)viemlint-staged(dev)react-domdompurifyWhy digest pin
The tag is informational; the
@sha256:…is authoritative. This eliminates the mutable-tag attack surface called out by the v0.10.0-rc2 supply-chain review. The multi-arch index covers bothlinux/amd64andlinux/arm64.Test plan
go build ./...cleango test ./internal/embed/...passThis PR is a single-file frontend pin bump; no behavioural changes to the Go side. Merge gate (flows-green + reviewer) is enforced per project policy.