Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.124.3

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.124.3 into master

Bumps dependabot-omnibus from 0.115.0 to 0.124.3.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.124.3, 27 October 2020

  • Rename fixes_advisory? to fixed_by? and handle mixed case names
  • dry-run: add security_updates_only
  • Bump eslint from 7.12.0 to 7.12.1 in /npm_and_yarn/helpers

v0.124.2, 26 October 2020

  • Add fixes_advisory? and affects_version? to security advisory
  • Bump jest from 26.6.0 to 26.6.1 in /npm_and_yarn/helpers
  • Bump composer/composer from 1.10.15 to 1.10.16 in /composer/helpers
  • Bump poetry from 1.1.2 to 1.1.4 in /python/helpers
  • Bump eslint from 7.11.0 to 7.12.0 in /npm_and_yarn/helpers

v0.124.1, 22 October 2020

  • Add lowest_security_fix_version method to update checkers

v0.124.0, 20 October 2020

  • Go: Promote experimental go mod tidy support to stable (i.e., always tidy if repo_contents_path is given)
  • Go: Promote experimental go mod vendor support to stable (i.e., always vendor if repo_contents_path is given and vendor/modules.txt is present)
  • Bump jest from 26.5.3 to 26.6.0 in /npm_and_yarn/helpers
  • Bump object-path from 0.11.4 to 0.11.5 in /npm_and_yarn/helpers
  • Bump composer/composer from 1.10.10 to 1.10.15 in /composer/helpers

v0.123.1, 19 October 2020

  • Go mod: Handle cannot find module during go mod tidy
  • Python: Add 3.9.0 and upgrade pyenv to v1.2.21 (@​ulgens)
  • Bundler: Ignore changed .gemspec from vendor/cache folder

v0.123.0, 13 October 2020

  • Bundler: Refactored Dependabot's use of Bundler commands to shell out instead of running in a forked process.
    • This aligns Bundler with other package managers and will enable us to support other Bundler versions in future.

v0.122.1, 13 October 2020

  • Bump phpstan/phpstan from 0.12.48 to 0.12.49 in /composer/helpers
  • Gracefully handle gomod package import that has changed
  • Treat .bundlecache files as binary
  • Check if files are binary using the file util
  • Bump jest from 26.5.2 to 26.5.3 in /npm_and_yarn/helpers
  • Bump eslint from 7.10.0 to 7.11.0 in /npm_and_yarn/helpers
  • Update tests and fixtures for new Cargo.lock format
... (truncated)
Commits
  • e24b5e9 v0.124.3
  • ff6034e Merge pull request #2683 from dependabot/dependabot/npm_and_yarn/npm_and_yarn...
  • 98281b3 Merge pull request #2686 from dependabot/feelepxyz/handle-mixed-case-advisory...
  • 2ba7e24 Rename fixes_advisory? to fixed_by?
  • d4ecfbc dry-run: add security_updates_only & security_fix
  • c1b92b5 Handle mixed case dependency name /w sec advisory
  • 629fec3 Bump eslint from 7.12.0 to 7.12.1 in /npm_and_yarn/helpers
  • 2fa2519 v0.124.2
  • 859df9b Merge pull request #2681 from dependabot/feelepxyz/fixes-advisory-affects-ver...
  • a0ebc5c Add fixes_advisory/affects_version to security adv
  • Additional commits viewable in compare view

Merge request reports