Skip to content

chore(deps): bump @datadog/datadog-ci from 5.4.0 to 5.6.0 in the all-minor-and-patch-updates group #661

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ava-silver merged 2 commits into from
Feb 3, 2026
Merged

chore(deps): bump @datadog/datadog-ci from 5.4.0 to 5.6.0 in the all-minor-and-patch-updates group #661

ava-silver merged 2 commits into from
Feb 3, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 3, 2026
edited
Loading

Bumps the all-minor-and-patch-updates group with 1 update: @datadog/datadog-ci.

Updates @datadog/datadog-ci from 5.4.0 to 5.5.0

Release notes

Sourced from @​datadog/datadog-ci's releases.

v5.5.0

What's Changed

Dependencies

RUM

Serverless

Chores

New Contributors

Full Changelog: DataDog/datadog-ci@v5.4.0...v5.5.0

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 3, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 3, 2026 03:42
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 3, 2026
@dependabot dependabot bot requested a review from ava-silver February 3, 2026 03:42
@dependabot dependabot bot added the javascript Pull requests that update javascript code label Feb 3, 2026
@ava-silver
Copy link
Contributor

ava-silver commented Feb 3, 2026

waiting for the new datadog-ci version to continue here

@pinglinh
Copy link

pinglinh commented Feb 3, 2026

Hi @ava-silver could this be upgraded to 5.6.0 instead because that one has the major upgrade for fast-xml-parser ^5.3.4. Currently being blocked on latest version of serverless-plugin-datadog 5.121.2 which still has the fast-xml-parse with vulnerability

More info here https://security.snyk.io/vuln/SNYK-JS-FASTXMLPARSER-15155603

@ava-silver
Copy link
Contributor

ava-silver commented Feb 3, 2026

Hi @ava-silver could this be upgraded to 5.6.0 instead because that one has the major upgrade for fast-xml-parser ^5.3.4. Currently being blocked on latest version of serverless-plugin-datadog 5.121.2 which still has the fast-xml-parse with vulnerability

More info here security.snyk.io/vuln/SNYK-JS-FASTXMLPARSER-15155603

That was my plan!

@ava-silver
Copy link
Contributor

ava-silver commented Feb 3, 2026

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 3, 2026

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@ava-silver
Copy link
Contributor

ava-silver commented Feb 3, 2026

@dependabot recreate

@dependabot
chore(deps): bump @datadog/datadog-ci
cde1858 
Bumps the all-minor-and-patch-updates group with 1 update: [@datadog/datadog-ci](https://github.com/DataDog/datadog-ci/tree/HEAD/packages/datadog-ci).


Updates `@datadog/datadog-ci` from 5.4.0 to 5.5.0
- [Release notes](https://github.com/DataDog/datadog-ci/releases)
- [Commits](https://github.com/DataDog/datadog-ci/commits/v5.5.0/packages/datadog-ci)

---
updated-dependencies:
- dependency-name: "@datadog/datadog-ci"
  dependency-version: 5.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-minor-and-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/all-minor-and-patch-updates-26442f09da branch from 1aa1fdc to cde1858 Compare February 3, 2026 18:54
@ava-silver ava-silver changed the title chore(deps): bump @datadog/datadog-ci from 5.4.0 to 5.5.0 in the all-minor-and-patch-updates group chore(deps): bump @datadog/datadog-ci from 5.4.0 to 5.6.0 in the all-minor-and-patch-updates group Feb 3, 2026
@ava-silver ava-silver merged commit 053f5e3 into main Feb 3, 2026
7 checks passed
@ava-silver ava-silver deleted the dependabot/npm_and_yarn/all-minor-and-patch-updates-26442f09da branch February 3, 2026 18:58
@pinglinh
Copy link

pinglinh commented Feb 3, 2026

@ava-silver Thank you! And do you know when the release will be scheduled for?

@ava-silver
Copy link
Contributor

ava-silver commented Feb 3, 2026

@ava-silver Thank you! And do you know when the release will be scheduled for?

I'm cutting a release right now -- hold tight :)

@ava-silver
Copy link
Contributor

ava-silver commented Feb 3, 2026

@pinglinh done!

https://github.com/DataDog/serverless-plugin-datadog/releases/tag/v5.121.3
https://www.npmjs.com/package/serverless-plugin-datadog/v/5.121.3

@pinglinh
Copy link

pinglinh commented Feb 3, 2026

You're a 🌟! Thank you @ava-silver

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ava-silver ava-silver ava-silver approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ava-silver @pinglinh