Bump the production-dependencies group with 3 updates #20

dependabot · 2025-12-01T04:49:38Z

Bumps the production-dependencies group with 3 updates: ash, ex_cmd and req.

Updates ash from 3.7.6 to 3.10.0

Release notes

v3.10.0

Features:

allow update actions for undo in reactor create steps (#2387) by @barnabasJ [(#2387)](ash-project/ash#2387)

calculation verifier (#2439) by @barnabasJ [(#2439)](ash-project/ash#2439)

add verifier to warn if load is used with expr calc by @barnabasJ [(#2439)](ash-project/ash#2439)

Bug Fixes:

only return :ok from reactors when actions have no return type by @zachdaniel

respect read-action in rel check (#2448) by @barnabasJ [(#2448)](ash-project/ash#2448)

handle soft destroy return type in managed relationships by @zachdaniel

Update typespec for deprecated can/3 on domain (#2443) by @Munksgaard [(#2443)](ash-project/ash#2443)

error on non existend action (#2435) by @barnabasJ [(#2435)](ash-project/ash#2435)

provide context-aware error messages for manage_relationship on_no_match errors (#2415) by @barnabasJ [(#2415)](ash-project/ash#2415)

Improvements:

don't squish code interface double newlines by @zachdaniel

significantly optimize code interface generation by @zachdaniel

Allow overriding Ash.Type.NewType cast_input_array/2 (#2438) by Christopher Bonhage [(#2438)](ash-project/ash#2438)

use regexes again now that otp 28.1 is out by @zachdaniel

v3.9.0

Features:

keep tenant in query when using :bypass and :bypass_all (#2429) by @Malian [(#2429)](ash-project/ash#2429)

Bug Fixes:

added bulk_action_ref for changeset lookups (#2411) by Daniel Gollings [(#2411)](ash-project/ash#2411)

Changelog

Sourced from ash's changelog.

v3.10.0 (2025-11-25)

Features:

allow update actions for undo in reactor create steps (#2387) by @barnabasJ [(#2387)](ash-project/ash#2387)

calculation verifier (#2439) by @barnabasJ [(#2439)](ash-project/ash#2439)

add verifier to warn if load is used with expr calc by @barnabasJ [(#2439)](ash-project/ash#2439)

Bug Fixes:

only return :ok from reactors when actions have no return type by @zachdaniel

respect read-action in rel check (#2448) by @barnabasJ [(#2448)](ash-project/ash#2448)

handle soft destroy return type in managed relationships by @zachdaniel

Update typespec for deprecated can/3 on domain (#2443) by @Munksgaard [(#2443)](ash-project/ash#2443)

error on non existend action (#2435) by @barnabasJ [(#2435)](ash-project/ash#2435)

provide context-aware error messages for manage_relationship on_no_match errors (#2415) by @barnabasJ [(#2415)](ash-project/ash#2415)

Improvements:

don't squish code interface double newlines by @zachdaniel

significantly optimize code interface generation by @zachdaniel

Allow overriding Ash.Type.NewType cast_input_array/2 (#2438) by Christopher Bonhage [(#2438)](ash-project/ash#2438)

use regexes again now that otp 28.1 is out by @zachdaniel

v3.9.0 (2025-11-09)

Features:

keep tenant in query when using :bypass and :bypass_all (#2429) by @Malian [(#2429)](ash-project/ash#2429)

Bug Fixes:

added bulk_action_ref for changeset lookups (#2411) by Daniel Gollings [(#2411)](ash-project/ash#2411)

... (truncated)

Commits

f815e2c chore: release version v3.10.0
38daa8a chore: fix warnings in test
4eceaa6 fix: only return :ok from reactors when actions have no return type
d73a538 chore: fix invalid generic action return error
164a4c0 feat: allow update actions for undo in reactor create steps (#2387)
aca98e5 fix: respect read-action in rel check (#2448)
6b1e417 feat: calculation verifier (#2439)
1a8243d docs: Fix typo (#2447)
f14935e test: Improved test coverage of complex aggregates and calculations usage (#2...
1b8b3d3 chore: fix typo
Additional commits viewable in compare view

Updates ex_cmd from 0.16.0 to 0.17.0

Release notes

Sourced from ex_cmd's releases.

v0.17.0

What's Changed

Fix compilation warnings by @akash-akya in akash-akya/ex_cmd#49

Do not send close_pipe cmd if we have received eof by @akash-akya in akash-akya/ex_cmd#48

Full Changelog: akash-akya/ex_cmd@v0.16.0...v0.17.0

Commits

4bebd4c Bump to v0.17.0
579f383 Merge pull request #48 from akash-akya/dev
db003e4 Do not send close_pipe cmd if we have received eof
3cb5df8 Merge pull request #49 from akash-akya/fix-warnings
b7d7c21 Update github actions
e815d2b Fix Elixir v19 compilation warnings
a8d27f0 Bump deps
See full diff in compare view

Updates req from 0.5.15 to 0.5.16

Release notes

Sourced from req's releases.

v0.5.16

Req.Test: Fix verify_on_exit! accidentally using Mox name

auth: Support MFArgs

auth: Support digest auth

put_aws_sigv4: Support MFArgs

put_path_params: Encode :path_params even with reserved characters

put_path_params: Set :path_params_template on empty params

run_plug: Handle compressed request body

Changelog

Sourced from req's changelog.

v0.5.16 (2025-11-10)

[Req.Test]: Fix verify_on_exit! accidentally using Mox name

[auth]: Support MFArgs

[auth]: Support digest auth

[put_aws_sigv4]: Support MFArgs

[put_path_params]: Encode :path_params even with reserved characters

[put_path_params]: Set :path_params_template on empty params

[run_plug]: Handle compressed request body

Commits

de1992a Release v0.5.16
f0225a7 run_plug: Handle compressed request body (#496)
2a365ac Fix tests
3cb0a53 Update ex_doc
4c850fa auth: Support MFArgs (#519)
536880a fix: tiny typo (#514)
158165c auth: Support digest auth (#511)
3edef76 put_aws_sigv4: Allow providing an mfa tuple (#510)
8517f1d Fix warnings
5797455 Fix test
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group with 3 updates: [ash](https://github.com/ash-project/ash), [ex_cmd](https://github.com/akash-akya/ex_cmd) and [req](https://github.com/wojtekmach/req). Updates `ash` from 3.7.6 to 3.10.0 - [Release notes](https://github.com/ash-project/ash/releases) - [Changelog](https://github.com/ash-project/ash/blob/main/CHANGELOG.md) - [Commits](ash-project/ash@v3.7.6...v3.10.0) Updates `ex_cmd` from 0.16.0 to 0.17.0 - [Release notes](https://github.com/akash-akya/ex_cmd/releases) - [Commits](akash-akya/ex_cmd@v0.16.0...v0.17.0) Updates `req` from 0.5.15 to 0.5.16 - [Release notes](https://github.com/wojtekmach/req/releases) - [Changelog](https://github.com/wojtekmach/req/blob/main/CHANGELOG.md) - [Commits](wojtekmach/req@v0.5.15...v0.5.16) --- updated-dependencies: - dependency-name: ash dependency-version: 3.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: ex_cmd dependency-version: 0.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: req dependency-version: 0.5.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code labels Dec 1, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the production-dependencies group with 3 updates #20

Bump the production-dependencies group with 3 updates #20

Uh oh!

dependabot bot commented on behalf of github Dec 1, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the production-dependencies group with 3 updates #20

Are you sure you want to change the base?

Bump the production-dependencies group with 3 updates #20

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.10.0

Features:

Bug Fixes:

Improvements:

v3.9.0

Features:

Bug Fixes:

v3.10.0 (2025-11-25)

Features:

Bug Fixes:

Improvements:

v3.9.0 (2025-11-09)

Features:

Bug Fixes:

v0.17.0

What's Changed

v0.5.16

v0.5.16 (2025-11-10)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Dec 1, 2025 •

edited

Loading