Bump dependabot-omnibus from 0.115.0 to 0.124.1
Bumps dependabot-omnibus from 0.115.0 to 0.124.1.
Changelog
Sourced from dependabot-omnibus's changelog.
v0.124.1, 22 October 2020
- Add lowest_security_fix_version method to update checkers
v0.124.0, 20 October 2020
- Go: Promote experimental
go mod tidy
support to stable (i.e., always tidy if repo_contents_path is given)- Go: Promote experimental
go mod vendor
support to stable (i.e., always vendor if repo_contents_path is given and vendor/modules.txt is present)- Bump jest from 26.5.3 to 26.6.0 in /npm_and_yarn/helpers
- Bump object-path from 0.11.4 to 0.11.5 in /npm_and_yarn/helpers
- Bump composer/composer from 1.10.10 to 1.10.15 in /composer/helpers
v0.123.1, 19 October 2020
- Go mod: Handle
cannot find module
during go mod tidy- Python: Add 3.9.0 and upgrade pyenv to v1.2.21 (@ulgens)
- Bundler: Ignore changed .gemspec from vendor/cache folder
v0.123.0, 13 October 2020
- Bundler: Refactored Dependabot's use of Bundler commands to shell out instead of running in a forked process.
- This aligns Bundler with other package managers and will enable us to support other Bundler versions in future.
v0.122.1, 13 October 2020
- Bump phpstan/phpstan from 0.12.48 to 0.12.49 in /composer/helpers
- Gracefully handle gomod package import that has changed
- Treat .bundlecache files as binary
- Check if files are binary using the
file
util- Bump jest from 26.5.2 to 26.5.3 in /npm_and_yarn/helpers
- Bump eslint from 7.10.0 to 7.11.0 in /npm_and_yarn/helpers
- Update tests and fixtures for new Cargo.lock format
- Explicitly install version of rust toolchain
- Rust toolchain has been upgraded to 1.47.0. This means PRs will now try to upgrade the lockfile to cargo's v2 format.
- Update rubocop requirement from ~> 0.92.0 to ~> 0.93.0 in /common
- Add a fingerprint to generated gitconfigs
- If there isn't a backup gitconfig, remove the generated one
- dry-run: updater-opts via option
v0.122.0, 7 October 2020
- Add experimental support for
go mod vendor
- Enable code coverage reporting of dependabot-core
v0.121.1, 7 October 2020
... (truncated)
Commits
-
bc6911e
v0.124.1 -
8d1a6d7
Merge pull request #2667 from dependabot/feelepxyz/explain-update-not-possibl... -
0e146ca
Add lowest_security_fix_version to update checkers -
5568f01
.gitignore .envrc -
92ef0b2
Merge pull request #2666 from dependabot/v0.124.0-release-notes -
fbec012
v0.124.0 -
10f837c
Merge pull request #2660 from dependabot/remove-obsolete-go-options -
ddb4563
Don't tidy unless we have a real clone -
43b4047
♻ ️ Refactor: Extract method with intention-revealing name -
2a1d5db
Restore ability to use GoUpdater without a local clone - Additional commits viewable in compare view