Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.125.0

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.125.0 into master

Bumps dependabot-omnibus from 0.115.0 to 0.125.0.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.125.0, 5 November 2020

  • Bundler: Explain why security update was not possible
  • Raise descriptive error when update is not possible
  • Go mod: Handle post-v0 module path updates

v0.124.8, 4 November 2020

  • Add missing python versions: 3.6.12 3.6.11 3.6.10, 3.5.10 and 3.5.8

v0.124.7, 3 November 2020

  • composer: assume a helper terminated by SIGKILL is OutOfMemory
  • dry-run: handle comma separated list of deps
  • Bump jest from 26.6.1 to 26.6.2 in /npm_and_yarn/helpers
  • Bump phpstan/phpstan from 0.12.49 to 0.12.53 in /composer/helpers
  • Bump npm-user-validate from 1.0.0 to 1.0.1 in /npm_and_yarn/helpers

v0.124.6, 2 November 2020

  • Go mod: handle major version mismatch
  • Cargo: handle caret version requirements

v0.124.5, 30 October 2020

  • Go mod: Bump gomodules-extracted from commit
  • Go mod: Add/fix specs for missing meta tag and packages that 404

v0.124.4, 30 October 2020

  • Ignore go files that start with underscore or dot
  • Go mod: handle missing package url meta tags
  • Ignore go files tagged with +build
  • Handle missing VCS when converting git_source path
  • Fix relative dir on mac where tmp is in /private
  • Handle missing directory in cloned repo
  • Improve relative path code in vendor updater
  • Correctly handle vendored updates in nested directory
  • Raise generic DependabotError when all else fails
  • Mark unknown revision errors as DependencyFileNotResolvable
  • Include backtrace from native bundler helpers
  • Mount native bundler helpers in dev shell
  • Bump friendsofphp/php-cs-fixer in /composer/helpers

v0.124.3, 27 October 2020

  • Rename fixes_advisory? to fixed_by? and handle mixed case names
  • dry-run: add security_updates_only
  • Bump eslint from 7.12.0 to 7.12.1 in /npm_and_yarn/helpers
... (truncated)
Commits
  • 8dc6ce1 Merge pull request #2724 from dependabot/v0.125.0-release-notes
  • 89d3cb4 v0.125.0
  • aa5e415 Merge pull request #2705 from dependabot/jurre/improve-bundler-helper-errors
  • 2e50b1d Fix string keys in ConflictingDependencyResolver spec
  • f8a4f1f Improve conflicting dependencies code in dry-run script
  • 3197f2f Rename blocking_parent_dependencies to conflicting_dependencies
  • 0b3aafc Remove unused let
  • 7735d84 Move local variable closer to where it's used
  • e93d7b5 Don't modify static state from constructor
  • f808848 Fix typo in bundler/spec/dependabot/bundler/update_checker/parent_dependency_...
  • Additional commits viewable in compare view

Merge request reports