Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.124.1

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.124.1 into master

Bumps dependabot-omnibus from 0.115.0 to 0.124.1.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.124.1, 22 October 2020

  • Add lowest_security_fix_version method to update checkers

v0.124.0, 20 October 2020

  • Go: Promote experimental go mod tidy support to stable (i.e., always tidy if repo_contents_path is given)
  • Go: Promote experimental go mod vendor support to stable (i.e., always vendor if repo_contents_path is given and vendor/modules.txt is present)
  • Bump jest from 26.5.3 to 26.6.0 in /npm_and_yarn/helpers
  • Bump object-path from 0.11.4 to 0.11.5 in /npm_and_yarn/helpers
  • Bump composer/composer from 1.10.10 to 1.10.15 in /composer/helpers

v0.123.1, 19 October 2020

  • Go mod: Handle cannot find module during go mod tidy
  • Python: Add 3.9.0 and upgrade pyenv to v1.2.21 (@​ulgens)
  • Bundler: Ignore changed .gemspec from vendor/cache folder

v0.123.0, 13 October 2020

  • Bundler: Refactored Dependabot's use of Bundler commands to shell out instead of running in a forked process.
    • This aligns Bundler with other package managers and will enable us to support other Bundler versions in future.

v0.122.1, 13 October 2020

  • Bump phpstan/phpstan from 0.12.48 to 0.12.49 in /composer/helpers
  • Gracefully handle gomod package import that has changed
  • Treat .bundlecache files as binary
  • Check if files are binary using the file util
  • Bump jest from 26.5.2 to 26.5.3 in /npm_and_yarn/helpers
  • Bump eslint from 7.10.0 to 7.11.0 in /npm_and_yarn/helpers
  • Update tests and fixtures for new Cargo.lock format
  • Explicitly install version of rust toolchain
  • Rust toolchain has been upgraded to 1.47.0. This means PRs will now try to upgrade the lockfile to cargo's v2 format.
  • Update rubocop requirement from ~> 0.92.0 to ~> 0.93.0 in /common
  • Add a fingerprint to generated gitconfigs
  • If there isn't a backup gitconfig, remove the generated one
  • dry-run: updater-opts via option

v0.122.0, 7 October 2020

  • Add experimental support for go mod vendor
  • Enable code coverage reporting of dependabot-core

v0.121.1, 7 October 2020

... (truncated)
Commits
  • bc6911e v0.124.1
  • 8d1a6d7 Merge pull request #2667 from dependabot/feelepxyz/explain-update-not-possibl...
  • 0e146ca Add lowest_security_fix_version to update checkers
  • 5568f01 .gitignore .envrc
  • 92ef0b2 Merge pull request #2666 from dependabot/v0.124.0-release-notes
  • fbec012 v0.124.0
  • 10f837c Merge pull request #2660 from dependabot/remove-obsolete-go-options
  • ddb4563 Don't tidy unless we have a real clone
  • 43b4047 ️ Refactor: Extract method with intention-revealing name
  • 2a1d5db Restore ability to use GoUpdater without a local clone
  • Additional commits viewable in compare view

Merge request reports