Skip to content

chore(deps): bump conan from 2.23.0 to 2.24.0 in /.devcontainer #1063

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump conan from 2.23.0 to 2.24.0 in /.devcontainer #1063

dependabot wants to merge 1 commit into from
+3 −3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 29, 2025

Bumps conan from 2.23.0 to 2.24.0.

Release notes

Sourced from conan's releases.

2.24.0 (15-Dec-2025)

  • Feature: MesonToolchain needs_exe_wrapper property now listens to can_run() function. (conan-io/conan#19382)
  • Feature: Workspace super-install now follows layout(). (conan-io/conan#19376). Docs: 📃
  • Feature: Make diff symbols in conan report diff ... -f=html non-selectable. (conan-io/conan#19375)
  • Feature: Add more public sub Python APIs, some more typing and fix docstrings. (conan-io/conan#19370). Docs: 📃
  • Feature: Represent missing packages in graph.html output. (conan-io/conan#19360)
  • Feature: conan cache check-integrity: new JSON output format. (conan-io/conan#19343). Docs: 📃
  • Feature: New conan workspace complete command to open/add intermediate packages to the workspace. (conan-io/conan#19331). Docs: 📃
  • Feature: Inject hashlib in the global.conf jinja2 rendering to be able to compute hashes (for paths, for example). (conan-io/conan#19319). Docs: 📃
  • Feature: Introduce new conanconfig.yml file that can store packages for multiple automatic conan config install-pkg. (conan-io/conan#17793). Docs: 📃
  • Fix: defines and frameworks now also generate CMakeConfigDeps targets. (conan-io/conan#19357)
  • Fix: Warn on version ranges in reference pattern, which have no effect (ie -o="foo/[>1]:shared=True"). (conan-io/conan#19356)
  • Fix: Improve MSBuildToolchain docstrings for compile_options. (conan-io/conan#19351). Docs: 📃
  • Fix: Conan profile detect can detect Visual Studio 18 (2026). (conan-io/conan#19348)
  • Fix: Avoid AutotoolsToolchain/GnuToolchain to define --sysroot for QNX qcc compiler, define -Wc,-isysroot instead. (conan-io/conan#18897)
  • Fix: Fixed conan_config.json storage to use only RecipeReferences (not PackageReferences). (conan-io/conan#17793). Docs: 📃
  • Fix: conan config install-pkg will report for order-changing updates to existing configuration installs, allowing to -force to change the order. (conan-io/conan#17793). Docs: 📃
  • Bugfix: Do correct scoping of conan install --requires=dep/[*] -o myoption=value. (conan-io/conan#19367)
  • Bugfix: fix new core.graph:compatibility_mode=optimized with multiple repos. (conan-io/conan#19349)
  • Bugfix: Fix crash for conan workspace build with external global editables. (conan-io/conan#19338)
  • Bugfix: Bugfix: Fix CMakeConfigDeps flags handling of generator expressions with separators. (conan-io/conan#19330)
  • Bugfix: Fix logic in EnvVars generation of .sh and .ps1 scripts for "unset" vs "empty" definition. (conan-io/conan#19328). Docs: 📃
  • Bugfix: Fix Workspace crash when passing per-package configuration. (conan-io/conan#19327)
  • Bugfix: Fix version range pattern replacement in replace_requires. (conan-io/conan#19324)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump conan from 2.23.0 to 2.24.0 in /.devcontainer
6cb9c0a 
Bumps [conan](https://github.com/conan-io/conan) from 2.23.0 to 2.24.0.
- [Release notes](https://github.com/conan-io/conan/releases)
- [Commits](conan-io/conan@2.23.0...2.24.0)

---
updated-dependencies:
- dependency-name: conan
  dependency-version: 2.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 29, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 29, 2025 08:06
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 29, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 29, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link
Contributor

github-actions bot commented Dec 29, 2025

⚠️MegaLinter analysis: Success with warnings

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 20 0 0 0.57s
✅ DOCKERFILE hadolint 2 0 0 0.74s
✅ GHERKIN gherkin-lint 6 0 0 2.38s
✅ JSON npm-package-json-lint yes no no 0.46s
✅ JSON prettier 19 4 0 0 0.5s
✅ JSON v8r 19 0 0 6.9s
✅ MARKDOWN markdownlint 11 0 0 0 0.93s
✅ MARKDOWN markdown-table-formatter 11 0 0 0 0.31s
✅ REPOSITORY checkov yes no no 17.43s
✅ REPOSITORY gitleaks yes no no 0.52s
✅ REPOSITORY git_diff yes no no 0.01s
✅ REPOSITORY grype yes no no 27.9s
✅ REPOSITORY secretlint yes no no 1.01s
✅ REPOSITORY syft yes no no 2.03s
✅ REPOSITORY trivy yes no no 5.08s
✅ REPOSITORY trivy-sbom yes no no 0.24s
✅ REPOSITORY trufflehog yes no no 2.28s
⚠️ SPELL lychee 77 1 0 21.69s
✅ YAML prettier 28 0 0 0 0.91s
✅ YAML v8r 28 0 0 7.88s
✅ YAML yamllint 28 0 0 0.84s

Detailed Issues

⚠️ SPELL / lychee - 1 error 
[IGNORED] docker://pandoc/extra:3.7.0@sha256:a703d335fa237f8fc3303329d87e2555dca5187930da38bfa9010fa4e690933a | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.7.0@sha256:a703d335fa237f8fc3303329d87e2555dca5187930da38bfa9010fa4e690933a)
[ERROR] https://slsa.dev/spec/v1.0/verifying-artifacts | Network error: error sending request for url (https://slsa.dev/spec/v1.0/verifying-artifacts) Maybe a certificate error?
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....123
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in test/cpp/features/security.feature
[ERROR] https://slsa.dev/spec/v1.0/verifying-artifacts | Network error: error sending request for url (https://slsa.dev/spec/v1.0/verifying-artifacts) Maybe a certificate error?

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.2.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,GHERKIN_GHERKIN_LINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security

@github-actions
Copy link
Contributor

github-actions bot commented Dec 29, 2025

Test Results

0 files   -  5  0 suites   - 5   0s ⏱️ - 3m 58s
0 tests  - 32  0 ✅  - 32  0 💤 ±0  0 ❌ ±0 
0 runs   - 67  0 ✅  - 67  0 💤 ±0  0 ❌ ±0 

Results for commit 6cb9c0a. ± Comparison against base commit e85df3f.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant