Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.130.3

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.130.3 into master

Bumps dependabot-omnibus from 0.115.0 to 0.130.3.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.130.3, 25 January 2021

  • Extract yarn/npm lockfile updater specs from FileUpdater specs
  • Bump @npmcli/arborist from 2.0.5 to 2.0.6 in /npm_and_yarn/helpers
  • Gomod: go-1.15.7
  • Composer: Check for explicit composer plugin version before invalid plugins
  • Update eslint prettier extension
  • Fix JS debugging in vscode

v0.130.2, 19 January 2021

  • gradle: repository url by assignment
  • Bump pip-tools from 5.4.0 to 5.5.0
  • Bump eslint from 7.17.0 to 7.18.0 in /npm_and_yarn/helpers
  • Bump golang.org/x/mod from 0.4.0 to 0.4.1 in /go_modules/helpers
  • Bump @npmcli/arborist from 2.0.3 to 2.0.5 in /npm_and_yarn/helpers
  • Bump phpstan/phpstan from 0.12.66 to 0.12.68 in /composer/helpers/v2
  • Bump phpstan/phpstan from 0.12.66 to 0.12.68 in /composer/helpers/v1

v0.130.1, 14 January 2021

  • npm: detect npm v7 lockfiles
  • npm: Install npm v7 (unused) alongside npm v6
  • JS: Upgrade node to v14.15.4
  • Common: Added require "set" to utils.rb (@​JohannesEH)
  • Sanitize [@​mentions](https://github.com/mentions) by wrapping them in codeblocks preventing notifications when replying to PR email notifications

v0.130.0, 13 January 2021

  • npm: Support GitLab format npm registry (@​danoe)
  • npm: move native helpers to npm6 namespace
  • Python: Use release version of pyenv (@​ulgens)
  • Gradle: Add support for Kotlin Plugins (@​busches)
  • Composer: Use composer v1 when any of the requirements are invalid on v2
  • docker-dev-shell: exclude dry-run files
  • Bump @npmcli/arborist from 2.0.2 to 2.0.3 in /npm_and_yarn/helpers
  • Bump npm from 6.14.10 to 6.14.11 in /npm_and_yarn/helpers
  • Bump phpstan/phpstan from 0.12.64 to 0.12.66 in /composer/helpers/v1 and /composer/helpers/v2
  • Update rubocop requirement from ~> 1.7.0 to ~> 1.8.0 in /common

v0.129.5, 7 January 2021

  • Bundler: support ruby 2.7 and 3.0 version requirements in gemspecs
  • Update parser requirement from ~> 2.5 to >= 2.5, < 4.0 in /common

v0.129.4, 6 January 2021

  • go_modules: raise Dependabot::GitDependenciesNotReachable for dependencies missing from github.com
  • go_modules: fix regression when parsing go.mod files without dependencies
  • Bitbucket: support for PR creation (@​iinuwa)
... (truncated)
Commits
  • 32dbc0f Merge pull request #3042 from dependabot/v0.130.3-release-notes
  • 8e734b8 v0.130.3
  • 3e332b7 Merge pull request #3037 from dependabot/jurre/extract-lockfile-updater-specs
  • 9fcd467 Extract yarn/npm lockfile updater specs from FileUpdater specs
  • 998de3b Merge pull request #3025 from dependabot/dependabot/npm_and_yarn/npm_and_yarn...
  • 55bf6a1 Bump @npmcli/arborist from 2.0.5 to 2.0.6 in /npm_and_yarn/helpers
  • bdb25ee Merge pull request #3022 from dependabot/go1157
  • 81afc65 Merge pull request #3004 from voda/composer-v2-platform-deps
  • cc31f5c Test we use composer v2 when using platform package and no lockfile
  • e9dc7fa go-1.15.7
  • Additional commits viewable in compare view

Merge request reports