Skip to content

fix(deps): update rhdh bulk import dependencies (minor)#2095

Open
renovate[bot] wants to merge 3 commits intomainfrom
renovate/rhdh-bulk-import-dependencies-(minor)
Open

fix(deps): update rhdh bulk import dependencies (minor)#2095
renovate[bot] wants to merge 3 commits intomainfrom
renovate/rhdh-bulk-import-dependencies-(minor)

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 15, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@openapitools/openapi-generator-cli 2.20.22.28.3 age confidence
@playwright/test (source) 1.57.01.58.2 age confidence
@red-hat-developer-hub/backstage-plugin-orchestrator (source) 5.3.05.4.1 age confidence
@red-hat-developer-hub/backstage-plugin-orchestrator-form-widgets (source) 1.5.01.6.2 age confidence
@red-hat-developer-hub/backstage-plugin-theme (source) ^0.11.0^0.12.0 age confidence

Release Notes

OpenAPITools/openapi-generator-cli (@​openapitools/openapi-generator-cli)

v2.28.3

Compare Source

Bug Fixes

v2.28.2

Compare Source

Bug Fixes

v2.28.1

Compare Source

Bug Fixes

v2.28.0

Compare Source

Features

v2.27.0

Compare Source

Features
  • config: add support for environment variable placeholders in config (#​1031) (1cd2614)

v2.26.0

Compare Source

Bug Fixes
Features

v2.25.2

Compare Source

Bug Fixes

v2.25.1

Compare Source

Bug Fixes

v2.25.0

Compare Source

Features
  • release: trigger a release (2a8a011)

v2.24.0

Compare Source

Features

v2.23.4

Compare Source

Bug Fixes

v2.23.3

Compare Source

Bug Fixes

v2.23.2

Compare Source

Bug Fixes

v2.23.1

Compare Source

Bug Fixes

v2.23.0

Compare Source

Features

v2.22.0

Compare Source

Features

v2.21.5

Compare Source

Bug Fixes

v2.21.4

Compare Source

Bug Fixes
  • deps: update dependency axios to v1.11.0 [security] (#​956) (e517c31)

v2.21.3

Compare Source

Bug Fixes

v2.21.2

Compare Source

Bug Fixes

v2.21.1

Compare Source

Bug Fixes

v2.21.0

Compare Source

Features

v2.20.6

Compare Source

Bug Fixes

v2.20.5

Compare Source

Bug Fixes

v2.20.4

Compare Source

Bug Fixes

v2.20.3

Compare Source

Bug Fixes
microsoft/playwright (@​playwright/test)

v1.58.2

Compare Source

v1.58.1

Compare Source

Highlights

#​39036 fix(msedge): fix local network permissions
#​39037 chore: update cft download location
#​38995 chore(webkit): disable frame sessions on fronzen builds

Browser Versions
  • Chromium 145.0.7632.6
  • Mozilla Firefox 146.0.1
  • WebKit 26.0

v1.58.0

Compare Source

redhat-developer/rhdh-plugins (@​red-hat-developer-hub/backstage-plugin-orchestrator)

v5.4.1

Compare Source

Patch Changes

  • 24ff5f4: Make the workflow run Details card title bold and consistent with other InfoCard titles.

  • 85b873d: Exclude omitFromWorkflowInput fields from execution payloads and add a review
    toggle to show hidden parameters.

  • 0f60a00: feat: Improve permission denied error handling for workflow instances

    • Add PermissionDeniedPanel component for clean access denied UI
    • Improve backend error messages when user lacks instanceAdminView permission
    • Provide detailed error messages explaining why access is denied:
      • When instance has no ownership info (external/legacy runs)
      • When instance was created by another user

  • 9c17c36: Updated dependency prettier to 3.8.0.

  • aaac497: Updated dependency prettier to 3.8.1.

  • Updated dependencies [858963d]

  • Updated dependencies [e16baff]

  • Updated dependencies [85b873d]

  • Updated dependencies [9c17c36]

  • Updated dependencies [aaac497]

v5.4.0

Compare Source

Minor Changes
  • 3e2c3f7: Adding Workflow Logs endpoint. Loki provider added
Patch Changes

v5.3.1

Compare Source

Patch Changes

  • 8524940: Fix TypeScript compilation errors in orchestrator plugins

  • 48fb7f2: Fix browser tab showing [object Object] on workflow instance page

    Replace <Trans> component with t() function for page title to ensure a string is returned instead of an element, which was causing [object Object] to appear in the browser tab title.

  • cc27a4b: Migrate from Moment.js to Luxon for date/time handling

    Breaking Change: Removed deprecated Moment.js dependency

    • Replace moment and react-moment with luxon for all date/time operations
    • Add formatDuration utility function that mimics moment's .humanize() behavior
    • Add comprehensive unit tests for duration formatting

  • Updated dependencies [5771568]

  • Updated dependencies [c35d07c]

  • Updated dependencies [f030878]

  • Updated dependencies [8524940]

  • Updated dependencies [2be9dcc]

  • Updated dependencies [d91ef65]

redhat-developer/rhdh-plugins (@​red-hat-developer-hub/backstage-plugin-orchestrator-form-widgets)

v1.6.2

Compare Source

Patch Changes
  • db243d1: Allow ActiveDropdown fetch selectors to reference current form data via the combined response/current context.
  • bb02bdb: Allow ActiveDropdown fetch:response:default to be a JSONata selector evaluated against the fetch response.
  • 8fabecd: Clarify ActiveText retrigger loading by showing a spinner while dependencies resolve.
  • 2adc3d8: Add fetch:error:silent support to suppress fetch errors in widgets.
  • e6987f1: Fixed ActiveMultiSelect Enter key behavior when ui:allowNewItems is enabled. Pressing Enter now adds a new chip instead of submitting the form to the next step.
  • 6877513: Evaluate JSONata expressions in fetch/validate request bodies on the client before sending.
  • 490d0a3: Add fetch:skipInitialValue to keep fields empty until user input and treat empty-string defaults as valid.
  • Updated dependencies [858963d]
  • Updated dependencies [9c17c36]
  • Updated dependencies [aaac497]

v1.6.1

Compare Source

Patch Changes

v1.6.0

Compare Source

Minor Changes

  • c35d07c: Add fetch:error:ignoreUnready and fetch:response:default options for form widgets

    Feature 1: fetch:error:ignoreUnready

    When using widgets with fetch:retrigger dependencies, the initial fetch often fails because dependent fields don't have values yet. This results in HTTP errors being displayed during initial load.

    • Add fetch:error:ignoreUnready option to suppress fetch error display until all fetch:retrigger dependencies have non-empty values
    • Errors are only suppressed when dependencies are empty; once filled, real errors are shown
    • Supported by: ActiveTextInput, ActiveDropdown, ActiveMultiSelect, SchemaUpdater

    Feature 2: fetch:response:default

    Widgets previously required fetch:response:value for defaults, meaning fetch must succeed. This adds static fallback defaults.

    • Add fetch:response:default option for static default values applied immediately on form initialization
    • Defaults are applied at form initialization level in OrchestratorForm, ensuring controlled components work correctly
    • Static defaults act as fallback when fetch fails, hasn't completed, or returns empty
    • Fetched values only override defaults when non-empty
    • Supported by: ActiveTextInput (string), ActiveDropdown (string), ActiveMultiSelect (string[])

    Usage Examples:

    {
  "action": {
    "ui:widget": "ActiveTextInput",
    "ui:props": {
      "fetch:url": "...",
      "fetch:retrigger": ["current.appName"],
      "fetch:error:ignoreUnready": true,
      "fetch:response:default": "create"
    }
  }
}

  • 5c9f044: Add object type support in ui:props for fetch:response:* properties (RHIDP-11054)

    Type System Enhancement:

    • Updated UiProps type to accept JsonValue instead of string for fetch:response:* properties
    • Enables using objects, arrays, and other JSON types in ui:props, not just strings
    • Maintains full backward compatibility with existing string-based selectors

    Runtime Safety:

    • Added runtime validation in useTemplateUnitEvaluator to ensure selectors are strings when evaluated as JSONata expressions
    • Provides clear error messages when invalid types are used

    Documentation:

    • Updated orchestratorFormWidgets.md to document object type support
    • Added examples showing flexible ui:props configurations

    This change allows users to reference object attributes more easily in ui:props while maintaining type safety and backward compatibility.

Patch Changes
redhat-developer/rhdh-plugins (@​red-hat-developer-hub/backstage-plugin-theme)

v0.12.0

Compare Source

Minor Changes
  • f66ba99: Backstage version bump to v1.45.3

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the bulk-import label Jan 15, 2026
@renovate renovate bot requested a review from rm3l as a code owner January 15, 2026 21:18
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jan 15, 2026
@renovate renovate bot requested a review from debsmita1 as a code owner January 15, 2026 21:18
@renovate renovate bot added the team/rhdh label Jan 15, 2026
@renovate renovate bot requested review from a team and its-mitesh-kumar as code owners January 15, 2026 21:18
@rhdh-gh-app
Copy link

rhdh-gh-app bot commented Jan 15, 2026
edited
Loading

Changed Packages

Package Name Package Path Changeset Bump Current Version
app workspaces/bulk-import/packages/app none v0.0.3
backend workspaces/bulk-import/packages/backend none v0.0.0
@red-hat-developer-hub/backstage-plugin-bulk-import-backend workspaces/bulk-import/plugins/bulk-import-backend patch v7.1.0
@red-hat-developer-hub/backstage-plugin-bulk-import workspaces/bulk-import/plugins/bulk-import patch v7.1.0

@renovate renovate bot force-pushed the renovate/rhdh-bulk-import-dependencies-(minor) branch from 6528da5 to c6f0b5a Compare January 16, 2026 08:41
@alizard0
Copy link
Member

alizard0 commented Jan 16, 2026

/retest

@renovate renovate bot force-pushed the renovate/rhdh-bulk-import-dependencies-(minor) branch 6 times, most recently from 5cf70af to 63b7e25 Compare January 16, 2026 11:31
@alizard0
Copy link
Member

alizard0 commented Jan 16, 2026

If the dedupe is run on the each dependency one by one, the issue does not appear. However when it is run yarn dedupe it fails. I believe this is a yarn bug.

@renovate renovate bot force-pushed the renovate/rhdh-bulk-import-dependencies-(minor) branch 12 times, most recently from 400b7e8 to 009944d Compare January 19, 2026 16:13
@renovate renovate bot force-pushed the renovate/rhdh-bulk-import-dependencies-(minor) branch 22 times, most recently from bb48232 to e14dc3d Compare January 28, 2026 09:29
@rhdh-qodo-merge
Copy link

rhdh-qodo-merge bot commented Feb 3, 2026

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Workspace bulk-import, CI step for node 22.x

Failed stage: yarn install [❌]

Failed test name: ""

Failure summary:

The action failed during yarn install --immutable because Yarn detected that the install would
modify yarn.lock, which is forbidden in immutable mode.
- Error: YN0028: The lockfile would have
been modified by this install, which is explicitly forbidden.
- This is typically caused by
dependency changes (or resolution/peer-dependency adjustments) not being reflected in the committed
lockfile, so the CI install cannot proceed without updating yarn.lock.

Relevant error logs: 
1:  ##[group]Runner Image Provisioner
2:  Hosted Compute Agent
...

212:  ##[endgroup]
213:  ##[group]Run yarn install --immutable
214:  �[36;1myarn install --immutable�[0m
215:  shell: /usr/bin/bash -e {0}
216:  env:
217:  CI: true
218:  NODE_OPTIONS: --max-old-space-size=8192
219:  NPM_CONFIG_USERCONFIG: /home/runner/work/_temp/.npmrc
220:  NODE_AUTH_TOKEN: XXXXX-XXXXX-XXXXX-XXXXX
221:  ##[endgroup]
222:  �[94m➤�[39m �[90mYN0000�[39m: ┌ Resolution step
223:  ##[group]Resolution step
224:  �[93m➤�[39m YN0002: │ �[38;5;166m@aws-sdk/�[39m�[38;5;173mcredential-provider-node�[39m�[38;5;111m@�[39m�[38;5;111mnpm:3.682.0�[39m doesn't provide �[38;5;166m@aws-sdk/�[39m�[38;5;173mclient-sts�[39m (�[38;5;111mpb82e3�[39m), requested by �[38;5;166m@aws-sdk/�[39m�[38;5;173mcredential-provider-web-identity�[39m
225:  �[93m➤�[39m YN0002: │ �[38;5;166m@aws-sdk/�[39m�[38;5;173mcredential-provider-node�[39m�[38;5;111m@�[39m�[38;5;111mnpm:3.682.0�[39m doesn't provide �[38;5;166m@aws-sdk/�[39m�[38;5;173mclient-sts�[39m (�[38;5;111mp90aad�[39m), requested by �[38;5;166m@aws-sdk/�[39m�[38;5;173mcredential-provider-ini�[39m
226:  �[93m➤�[39m YN0002: │ �[38;5;166m@aws-sdk/�[39m�[38;5;173mcredential-provider-sso�[39m�[38;5;111m@�[39m�[38;5;111mnpm:3.682.0�[39m doesn't provide �[38;5;166m@aws-sdk/�[39m�[38;5;173mclient-sso-oidc�[39m (�[38;5;111mp3696f�[39m), requested by �[38;5;166m@aws-sdk/�[39m�[38;5;173mtoken-providers�[39m
227:  �[93m➤�[39m YN0002: │ �[38;5;166m@backstage-community/�[39m�[38;5;173mplugin-rbac�[39m�[38;5;111m@�[39m�[38;5;111mnpm:1.47.2 [f87a9]�[39m doesn't provide �[38;5;166m@backstage/�[39m�[38;5;173merrors�[39m (�[38;5;111mp19cac�[39m), requested by �[38;5;166m@backstage-community/�[39m�[38;5;173mplugin-rbac-common�[39m
228:  �[93m➤�[39m YN0002: │ �[38;5;166m@backstage-community/�[39m�[38;5;173mplugin-rbac�[39m�[38;5;111m@�[39m�[38;5;111mnpm:1.47.2 [f87a9]�[39m doesn't provide �[38;5;166m@emotion/�[39m�[38;5;173mreact�[39m (�[38;5;111mp21a85�[39m), requested by �[38;5;166m@rjsf/�[39m�[38;5;173mmui�[39m
...

341:  �[93m➤�[39m YN0002: │ �[38;5;173mbackend�[39m�[38;5;111m@�[39m�[38;5;111mworkspace:packages/backend�[39m doesn't provide �[38;5;166m@janus-idp/�[39m�[38;5;173mbackstage-plugin-audit-log-node�[39m (�[38;5;111mp2d0e4�[39m), requested by �[38;5;166m@red-hat-developer-hub/�[39m�[38;5;173mbackstage-plugin-orchestrator-backend�[39m
342:  �[93m➤�[39m YN0060: │ �[38;5;173mbackend�[39m�[38;5;111m@�[39m�[38;5;111mworkspace:packages/backend�[39m provides �[38;5;173mprettier�[39m (�[38;5;111mp7a45e�[39m) with version �[38;5;111m3.8.1�[39m, which doesn't satisfy what �[38;5;166m@spotify/�[39m�[38;5;173mprettier-config�[39m requests
343:  �[93m➤�[39m YN0002: │ �[38;5;173mexpress-openapi-validator�[39m�[38;5;111m@�[39m�[38;5;111mnpm:5.6.0 [f0956]�[39m doesn't provide �[38;5;166m@types/�[39m�[38;5;173mjson-schema�[39m (�[38;5;111mp2acec�[39m), requested by �[38;5;166m@apidevtools/�[39m�[38;5;173mjson-schema-ref-parser�[39m
344:  �[93m➤�[39m YN0002: │ �[38;5;173mnotistack�[39m�[38;5;111m@�[39m�[38;5;111mnpm:3.0.2 [290e9]�[39m doesn't provide �[38;5;173mcsstype�[39m (�[38;5;111mp5663a�[39m), requested by �[38;5;173mgoober�[39m
345:  �[93m➤�[39m YN0002: │ �[38;5;173mopenapicmd�[39m�[38;5;111m@�[39m�[38;5;111mnpm:2.7.0�[39m doesn't provide �[38;5;173mopenapi-types�[39m (�[38;5;111mp7c8f9�[39m), requested by �[38;5;166m@apidevtools/�[39m�[38;5;173mswagger-parser�[39m
346:  �[93m➤�[39m YN0002: │ �[38;5;173mreact-resizable�[39m�[38;5;111m@�[39m�[38;5;111mnpm:3.0.5 [99f42]�[39m doesn't provide �[38;5;173mreact-dom�[39m (�[38;5;111mp08f42�[39m), requested by �[38;5;173mreact-draggable�[39m
347:  �[93m➤�[39m YN0000: │ Some peer dependencies are incorrectly met; run �[38;5;111myarn explain peer-requirements <hash>�[39m for details, where �[38;5;111m<hash>�[39m is the six-letter p-prefixed code
348:  ##[endgroup]
349:  �[94m➤�[39m �[90mYN0000�[39m: └ Completed in 1s 886ms
350:  �[94m➤�[39m �[90mYN0000�[39m: ┌ Post-resolution validation
351:  ##[group]Post-resolution validation
352:  �[91m➤�[39m YN0028: │ The lockfile would have been modified by this install, which is explicitly forbidden.
353:  ##[endgroup]
354:  �[91m➤�[39m YN0028: The lockfile would have been modified by this install, which is explicitly forbidden.
355:  �[94m➤�[39m �[90mYN0000�[39m: └ Completed
356:  �[91m➤�[39m YN0000: Failed with errors in 2s 73ms
357:  ##[error]Process completed with exit code 1.
358:  Post job cleanup.

@renovate
Copy link
Contributor Author

renovate bot commented Feb 6, 2026

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@alizard0
Copy link
Member

alizard0 commented Feb 10, 2026

/retest

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 18, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link
Contributor

github-actions bot commented Mar 4, 2026

This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rm3l rm3l Awaiting requested review from rm3l rm3l is a code owner

@debsmita1 debsmita1 Awaiting requested review from debsmita1 debsmita1 is a code owner

@its-mitesh-kumar its-mitesh-kumar Awaiting requested review from its-mitesh-kumar its-mitesh-kumar is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bulk-import dependencies Pull requests that update a dependency file stale team/rhdh

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alizard0 @ciiay