Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.124.6

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.124.6 into master

Bumps dependabot-omnibus from 0.115.0 to 0.124.6.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.124.6, 2 November 2020

  • Go mod: handle major version mismatch
  • Cargo: handle caret version requirements

v0.124.5, 30 October 2020

  • Go mod: Bump gomodules-extracted from commit
  • Go mod: Add/fix specs for missing meta tag and packages that 404

v0.124.4, 30 October 2020

  • Ignore go files that start with underscore or dot
  • Go mod: handle missing package url meta tags
  • Ignore go files tagged with +build
  • Handle missing VCS when converting git_source path
  • Fix relative dir on mac where tmp is in /private
  • Handle missing directory in cloned repo
  • Improve relative path code in vendor updater
  • Correctly handle vendored updates in nested directory
  • Raise generic DependabotError when all else fails
  • Mark unknown revision errors as DependencyFileNotResolvable
  • Include backtrace from native bundler helpers
  • Mount native bundler helpers in dev shell
  • Bump friendsofphp/php-cs-fixer in /composer/helpers

v0.124.3, 27 October 2020

  • Rename fixes_advisory? to fixed_by? and handle mixed case names
  • dry-run: add security_updates_only
  • Bump eslint from 7.12.0 to 7.12.1 in /npm_and_yarn/helpers

v0.124.2, 26 October 2020

  • Add fixes_advisory? and affects_version? to security advisory
  • Bump jest from 26.6.0 to 26.6.1 in /npm_and_yarn/helpers
  • Bump composer/composer from 1.10.15 to 1.10.16 in /composer/helpers
  • Bump poetry from 1.1.2 to 1.1.4 in /python/helpers
  • Bump eslint from 7.11.0 to 7.12.0 in /npm_and_yarn/helpers

v0.124.1, 22 October 2020

  • Add lowest_security_fix_version method to update checkers

v0.124.0, 20 October 2020

  • Go: Promote experimental go mod tidy support to stable (i.e., always tidy if repo_contents_path is given)
  • Go: Promote experimental go mod vendor support to stable (i.e., always vendor if repo_contents_path is given and vendor/modules.txt is present)
... (truncated)
Commits
  • a719aed v0.124.6
  • 9643f38 Merge pull request #2711 from dependabot/feelepxyz/handle-major-version-mismatch
  • afcfb87 Merge pull request #2712 from dependabot/feelepxyz/cargo-regex-version-requir...
  • 9787bd0 Go mod: handle major version mismatch
  • 01837be Cargo: handle ^ version requirements
  • 6102627 v0.124.5
  • 75f6815 Merge pull request #2708 from dependabot/feelepxyz/handle-missing-meta-tags2
  • 9138bbe Go mod: Add/fix specs for missing meta tag and 404
  • a745214 Merge pull request #2706 from dependabot/feelepxyz/fix-not-found-package
  • 41c1736 Fix error handling for packages that 404
  • Additional commits viewable in compare view

Merge request reports