Bump dependabot-omnibus from 0.115.0 to 0.130.3
Bumps dependabot-omnibus from 0.115.0 to 0.130.3.
Changelog
Sourced from dependabot-omnibus's changelog.
v0.130.3, 25 January 2021
- Extract yarn/npm lockfile updater specs from FileUpdater specs
- Bump @npmcli/arborist from 2.0.5 to 2.0.6 in /npm_and_yarn/helpers
- Gomod: go-1.15.7
- Composer: Check for explicit composer plugin version before invalid plugins
- Update eslint prettier extension
- Fix JS debugging in vscode
v0.130.2, 19 January 2021
- gradle: repository url by assignment
- Bump pip-tools from 5.4.0 to 5.5.0
- Bump eslint from 7.17.0 to 7.18.0 in /npm_and_yarn/helpers
- Bump golang.org/x/mod from 0.4.0 to 0.4.1 in /go_modules/helpers
- Bump @npmcli/arborist from 2.0.3 to 2.0.5 in /npm_and_yarn/helpers
- Bump phpstan/phpstan from 0.12.66 to 0.12.68 in /composer/helpers/v2
- Bump phpstan/phpstan from 0.12.66 to 0.12.68 in /composer/helpers/v1
v0.130.1, 14 January 2021
- npm: detect npm v7 lockfiles
- npm: Install npm v7 (unused) alongside npm v6
- JS: Upgrade node to v14.15.4
- Common: Added require "set" to utils.rb (@JohannesEH)
- Sanitize
[@mentions](https://github.com/mentions)
by wrapping them in codeblocks preventing notifications when replying to PR email notificationsv0.130.0, 13 January 2021
- npm: Support GitLab format npm registry (@danoe)
- npm: move native helpers to npm6 namespace
- Python: Use release version of pyenv (@ulgens)
- Gradle: Add support for Kotlin Plugins (@busches)
- Composer: Use composer v1 when any of the requirements are invalid on v2
- docker-dev-shell: exclude dry-run files
- Bump @npmcli/arborist from 2.0.2 to 2.0.3 in /npm_and_yarn/helpers
- Bump npm from 6.14.10 to 6.14.11 in /npm_and_yarn/helpers
- Bump phpstan/phpstan from 0.12.64 to 0.12.66 in /composer/helpers/v1 and /composer/helpers/v2
- Update rubocop requirement from ~> 1.7.0 to ~> 1.8.0 in /common
v0.129.5, 7 January 2021
- Bundler: support ruby 2.7 and 3.0 version requirements in gemspecs
- Update parser requirement from ~> 2.5 to >= 2.5, < 4.0 in /common
v0.129.4, 6 January 2021
... (truncated)
- go_modules: raise Dependabot::GitDependenciesNotReachable for dependencies missing from github.com
- go_modules: fix regression when parsing go.mod files without dependencies
- Bitbucket: support for PR creation (@iinuwa)
Commits
-
32dbc0f
Merge pull request #3042 from dependabot/v0.130.3-release-notes -
8e734b8
v0.130.3 -
3e332b7
Merge pull request #3037 from dependabot/jurre/extract-lockfile-updater-specs -
9fcd467
Extract yarn/npm lockfile updater specs from FileUpdater specs -
998de3b
Merge pull request #3025 from dependabot/dependabot/npm_and_yarn/npm_and_yarn... -
55bf6a1
Bump @npmcli/arborist from 2.0.5 to 2.0.6 in /npm_and_yarn/helpers -
bdb25ee
Merge pull request #3022 from dependabot/go1157 -
81afc65
Merge pull request #3004 from voda/composer-v2-platform-deps -
cc31f5c
Test we use composer v2 when using platform package and no lockfile -
e9dc7fa
go-1.15.7 - Additional commits viewable in compare view