chore: update dependencies (#592)

[gfyrag]

No description provided.

[coderabbitai]

Walkthrough

The changes involve updates to the documentation of the Ledger API v2, which includes the introduction of new endpoints and enhancements to existing ones. New endpoints such as GET /v2/{ledger}/_info and GET /v2/{ledger}/logs have been added. The documentation for existing endpoints has been expanded with detailed descriptions of parameters and response schemas. Additionally, a new section for bulk operations has been introduced. In the test suite, a specific test case for listing accounts using address filters has been removed to simplify the overall test structure.

Changes

File	Change Summary
docs/api/README.md	Added new endpoints: GET /v2/{ledger}/_info, GET /v2/{ledger}/logs. Expanded documentation for existing endpoints, including detailed parameter descriptions and response schemas. Introduced a section for bulk operations with examples. Refined overall structure for readability.
test/e2e/api_accounts_list_test.go	Removed test case for listing accounts using address filters via query parameters. Maintained other tests for account listing and counting functionalities.

Poem

In the ledger's realm, new paths we weave,
With endpoints bright, for all to believe.
The docs now sing of bulk and more,
While tests refine, and filters soar.
Hooray for changes, let’s hop with glee,
A clearer API, for you and me! 🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 2e4fa4e and f17c4f2.

⛔ Files ignored due to path filters (2)

• openapi.yaml is excluded by !**/*.yaml
• openapi/v2.yaml is excluded by !**/*.yaml

📒 Files selected for processing (2)

• docs/api/README.md (0 hunks)
• test/e2e/api_accounts_list_test.go (0 hunks)

💤 Files with no reviewable changes (2)

• test/e2e/api_accounts_list_test.go
• docs/api/README.md

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

Earthfile (2)

Line range hint 32-32: Security consideration for JDK installation

Installing openjdk11 without a specific version might lead to security vulnerabilities. Consider pinning to a specific version.

-RUN apk update && apk add openjdk11
+RUN apk update && apk add openjdk11=11.0.18_p10-r0

---

Update mockgen to the latest v0.5.0 version for security and compatibility

The current configuration uses mockgen v0.4.0, while v0.5.0 is available. Additionally, gomarkdoc is using @latest tag which could lead to inconsistent builds. Consider:

• Update mockgen from v0.4.0 to v0.5.0
• Pin gomarkdoc to the specific version v1.1.0 instead of using @latest

🔗 Analysis chain

Line range hint 33-35: Verify versions of newly added tools

The following fixed versions should be verified for security and compatibility:

• mockgen v0.4.0
• latest version of gomarkdoc

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for latest versions and any security advisories
echo "Checking mockgen..."
gh api repos/uber-go/mock/releases/latest | jq .tag_name

echo "Checking gomarkdoc..."
gh api repos/princjef/gomarkdoc/releases/latest | jq .tag_name

Length of output: 243

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 90cb10b and 2e4fa4e.

⛔ Files ignored due to path filters (8)

• go.mod is excluded by !**/*.mod
• go.sum is excluded by !**/*.sum, !**/*.sum
• openapi.yaml is excluded by !**/*.yaml
• openapi/v2.yaml is excluded by !**/*.yaml
• test/rolling-upgrades/go.mod is excluded by !**/*.mod
• test/rolling-upgrades/go.sum is excluded by !**/*.sum, !**/*.sum
• tools/generator/go.mod is excluded by !**/*.mod
• tools/generator/go.sum is excluded by !**/*.sum, !**/*.sum

📒 Files selected for processing (8)

• Earthfile (1 hunks)
• deployments/helm/Earthfile (1 hunks)
• deployments/pulumi/Earthfile (1 hunks)
• docs/api/README.md (0 hunks)
• internal/storage/bucket/migrations_test.go (2 hunks)
• test/e2e/api_accounts_list_test.go (0 hunks)
• test/rolling-upgrades/Earthfile (1 hunks)
• tools/generator/Earthfile (1 hunks)

💤 Files with no reviewable changes (2)

• test/e2e/api_accounts_list_test.go
• docs/api/README.md

✅ Files skipped from review due to trivial changes (1)

• deployments/pulumi/Earthfile

🔇 Additional comments (8)

deployments/helm/Earthfile (1)

4-4: Verify compatibility with earthly v0.19.0

The version bump from v0.17.1 to v0.19.0 is significant.

✅ Verification successful

Version update aligns with repository-wide changes

The version bump to v0.19.0 is consistent across most of the repository's Earthfiles, with 5 out of 6 files already using v0.19.0. Only the test/performance/Earthfile is using an older version (v0.16.2), which appears intentional for testing purposes. Since this is part of a coordinated update and the version is already in use throughout the codebase, the change is likely compatible with the existing setup.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for breaking changes in earthly releases between v0.17.1 and v0.19.0
gh release view --repo earthly/earthly v0.19.0 --json body

Length of output: 78

---

Script:

#!/bin/bash
# Let's check the repository for any other Earthfile references and their versions
rg "IMPORT.*earthly.*tags/v" -A 2 -B 2

# Also check if there are any breaking changes mentioned in the codebase
rg -i "breaking.*(earthly|earth)" 

Length of output: 1458

internal/storage/bucket/migrations_test.go (2)

6-6: LGTM: Clean import additions

The new imports are properly organized and necessary for the enhanced test functionality.

Also applies to: 10-10

---

36-42: LGTM: Enhanced test coverage

Good improvement to test migrations with multiple ledgers. The implementation:

• Creates unique ledger names
• Properly handles errors
• Maintains test parallelization safety

tools/generator/Earthfile (1)

4-4: LGTM: Consistent version update

The earthly version update to v0.19.0 is consistent with other Earthfile changes in this PR.

test/rolling-upgrades/Earthfile (2)

4-4: Verify compatibility with earthly v0.19.0

The upgrade from v0.17.1 to v0.19.0 is a significant version jump. Please ensure all earthly features used in the build are compatible with the new version.

✅ Verification successful

Based on the analysis of the Earthfiles in the codebase, I can now generate the final response:

Earthly v0.19.0 upgrade is safe to proceed

The codebase primarily uses basic Earthly features that are stable across versions:

• Standard FROM, COPY, and SAVE ARTIFACT commands
• Basic ARG and ENV declarations
• Common CACHE directives
• Standard BUILD and WITH DOCKER commands

No deprecated or breaking-change sensitive features are used in the Earthfiles.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check earthly changelog for breaking changes
gh api repos/earthly/earthly/releases | jq -r '.[] | select(.tag_name | contains("v0.18") or contains("v0.19")) | .body' | grep -i "breaking"

Length of output: 141

---

Script:

#!/bin/bash
# Let's check the actual usage of earthly features in the codebase
fd "Earthfile$" --exec cat {} \; 

Length of output: 15651

---

Line range hint 89-89: Verify vcluster version security

The fixed version v0.20.4 of vcluster should be verified for known vulnerabilities.

Earthfile (2)

4-4: Duplicate earthly version upgrade

This change is consistent with the upgrade in test/rolling-upgrades/Earthfile.

---

Line range hint 95-111: Well-structured test configuration

The test configuration with conditional coverage settings is well-organized and comprehensive. The coverage configuration properly excludes debug files and includes relevant packages.