Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.130.1

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.130.1 into master

Bumps dependabot-omnibus from 0.115.0 to 0.130.1.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.130.1, 14 January 2021

  • npm: detect npm v7 lockfiles
  • npm: Install npm v7 (unused) alongside npm v6
  • JS: Upgrade node to v14.15.4
  • Common: Added require "set" to utils.rb (@​JohannesEH)
  • Sanitize [@​mentions](https://github.com/mentions) by wrapping them in codeblocks preventing notifications when replying to PR email notifications

v0.130.0, 13 January 2021

  • npm: Support GitLab format npm registry (@​danoe)
  • npm: move native helpers to npm6 namespace
  • Python: Use release version of pyenv (@​ulgens)
  • Gradle: Add support for Kotlin Plugins (@​busches)
  • Composer: Use composer v1 when any of the requirements are invalid on v2
  • docker-dev-shell: exclude dry-run files
  • Bump @npmcli/arborist from 2.0.2 to 2.0.3 in /npm_and_yarn/helpers
  • Bump npm from 6.14.10 to 6.14.11 in /npm_and_yarn/helpers
  • Bump phpstan/phpstan from 0.12.64 to 0.12.66 in /composer/helpers/v1 and /composer/helpers/v2
  • Update rubocop requirement from ~> 1.7.0 to ~> 1.8.0 in /common

v0.129.5, 7 January 2021

  • Bundler: support ruby 2.7 and 3.0 version requirements in gemspecs
  • Update parser requirement from ~> 2.5 to >= 2.5, < 4.0 in /common

v0.129.4, 6 January 2021

  • go_modules: raise Dependabot::GitDependenciesNotReachable for dependencies missing from github.com
  • go_modules: fix regression when parsing go.mod files without dependencies
  • Bitbucket: support for PR creation (@​iinuwa)

v0.129.3, 5 January 2021

  • Bump eslint-plugin-prettier from 3.3.0 to 3.3.1 in /npm_and_yarn/helpers
  • Gradle: Handle missing required manifest file
  • Actions: Accept shortref hashes

v0.129.2, 4 January 2021

  • go_modules: return tidied go.mod contents directly
  • go_modules: fix nested module detection from a monorepo root
  • go_modules: stop parsing indirect dependencies (previous: parsed but not updated)
  • gradle: fix whitespace matching in settings (@​bountin)
  • Add token support for BitBucket (@​iinuwa)
  • Add retries for Azure client (@​GiriB)
  • CI: Add Python flake8 linting
  • Bundler: fix bundler gem when invoked as standalone gem
  • Bump friendsofphp/php-cs-fixer in /composer/helpers/v2
  • Bump friendsofphp/php-cs-fixer in /composer/helpers/v1
... (truncated)
Commits
  • b6a8746 Merge pull request #2984 from dependabot/v0.130.1-release-notes
  • c41b9f7 v0.130.1
  • 6fe14cc Merge pull request #2982 from dependabot/jurre/escape-mentions-more-aggressively
  • 88bd296 Revert "Merge pull request #2943 from relud/patch-1"
  • 28cb391 Merge pull request #2979 from dependabot/feelepxyz/detect-npm7
  • 0e35742 Merge pull request #2978 from dependabot/jurre/install-npm-7
  • 186bb06 Add Dependabot logger
  • e0865a8 Also wrap mentions in markdown links in codeblock
  • 3fecc46 Sanitize mentions more aggressively
  • 257c79d npm: detect npm 7 lockfiles
  • Additional commits viewable in compare view

Merge request reports