Bump dependabot-omnibus from 0.115.0 to 0.124.2
Bumps dependabot-omnibus from 0.115.0 to 0.124.2.
Changelog
Sourced from dependabot-omnibus's changelog.
v0.124.2, 26 October 2020
- Add fixes_advisory? and affects_version? to security advisory
- Bump jest from 26.6.0 to 26.6.1 in /npm_and_yarn/helpers
- Bump composer/composer from 1.10.15 to 1.10.16 in /composer/helpers
- Bump poetry from 1.1.2 to 1.1.4 in /python/helpers
- Bump eslint from 7.11.0 to 7.12.0 in /npm_and_yarn/helpers
v0.124.1, 22 October 2020
- Add lowest_security_fix_version method to update checkers
v0.124.0, 20 October 2020
- Go: Promote experimental
go mod tidy
support to stable (i.e., always tidy if repo_contents_path is given)- Go: Promote experimental
go mod vendor
support to stable (i.e., always vendor if repo_contents_path is given and vendor/modules.txt is present)- Bump jest from 26.5.3 to 26.6.0 in /npm_and_yarn/helpers
- Bump object-path from 0.11.4 to 0.11.5 in /npm_and_yarn/helpers
- Bump composer/composer from 1.10.10 to 1.10.15 in /composer/helpers
v0.123.1, 19 October 2020
- Go mod: Handle
cannot find module
during go mod tidy- Python: Add 3.9.0 and upgrade pyenv to v1.2.21 (@ulgens)
- Bundler: Ignore changed .gemspec from vendor/cache folder
v0.123.0, 13 October 2020
- Bundler: Refactored Dependabot's use of Bundler commands to shell out instead of running in a forked process.
- This aligns Bundler with other package managers and will enable us to support other Bundler versions in future.
v0.122.1, 13 October 2020
... (truncated)
- Bump phpstan/phpstan from 0.12.48 to 0.12.49 in /composer/helpers
- Gracefully handle gomod package import that has changed
- Treat .bundlecache files as binary
- Check if files are binary using the
file
util- Bump jest from 26.5.2 to 26.5.3 in /npm_and_yarn/helpers
- Bump eslint from 7.10.0 to 7.11.0 in /npm_and_yarn/helpers
- Update tests and fixtures for new Cargo.lock format
- Explicitly install version of rust toolchain
- Rust toolchain has been upgraded to 1.47.0. This means PRs will now try to upgrade the lockfile to cargo's v2 format.
- Update rubocop requirement from ~> 0.92.0 to ~> 0.93.0 in /common
- Add a fingerprint to generated gitconfigs
- If there isn't a backup gitconfig, remove the generated one
Commits
-
2fa2519
v0.124.2 -
859df9b
Merge pull request #2681 from dependabot/feelepxyz/fixes-advisory-affects-ver... -
a0ebc5c
Add fixes_advisory/affects_version to security adv -
22e4a86
Merge pull request #2674 from dependabot/dependabot/npm_and_yarn/npm_and_yarn... -
9f77a55
Bump jest from 26.6.0 to 26.6.1 in /npm_and_yarn/helpers -
a854742
Merge pull request #2675 from dependabot/dependabot/npm_and_yarn/npm_and_yarn... -
f28d73d
Merge pull request #2678 from dependabot/dependabot/composer/composer/helpers... -
4700521
Merge pull request #2676 from dependabot/dependabot/pip/python/helpers/poetry... -
55c378c
Bump composer/composer from 1.10.15 to 1.10.16 in /composer/helpers -
035c85b
Bump poetry from 1.1.2 to 1.1.4 in /python/helpers - Additional commits viewable in compare view