Skip to content

Bump dependabot-omnibus from 0.115.0 to 0.133.5

NipaNipa requested to merge dependabot/bundler/dependabot-omnibus-0.133.5 into master

Bumps dependabot-omnibus from 0.115.0 to 0.133.5.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.133.5, 19 February 2021

  • Python: Raise UnexpectedExternalCode if reject_external_code: true, regardless of the update involving external code
  • Hex: Raise UnexpectedExternalCode if reject_external_code: true, regardless of the update involving external code
  • JS: fix npm file updater spec

v0.133.4, 18 February 2021

  • Elixir: support projects using Nerves extensions (@​fhunleth and @​cblavier)
  • Common: Insert zero-width space in @​mentions when sanitizing github pull request descriptions
  • Azure: raise NotFound error when response status code is 400 for fetch_commit (@​milind009)
  • JS: Switch from yarn to npm for helper deps
  • JS: Convert spec fixtures to project based
  • Bump phpstan/phpstan from 0.12.74 to 0.12.77 in /composer/helpers/v1
  • Bump phpstan/phpstan from 0.12.76 to 0.12.77 in /composer/helpers/v2
  • Update rubocop requirement from ~> 1.9.0 to ~> 1.10.0 in /common

v0.133.3, 16 February 2021

  • common: when detecting changes in vendored dependencies, assume resources are binary
  • Bump phpstan/phpstan from 0.12.74 to 0.12.76 in /composer/helpers/v2
  • Bump eslint from 7.19.0 to 7.20.0 in /npm_and_yarn/helpers
  • Bump @npmcli/arborist from 2.2.1 to 2.2.2 in /npm_and_yarn/helpers
  • Only run flake8 on python helpers folder
  • Add option to profile dry-run using Stackprof
  • Fix go_modules flaky spec accessing archive.org
  • Restore npm6/7 yanked version spec
  • npm: Convert FileParser specs to project fixtures

v0.133.2, 11 February 2021

  • Docker: Fix media types in Accept header for Docker Registry
  • Convert LockfileParserSpec to use project based fixtures

v0.133.1, 10 February 2021

  • npm: fix npm 7 workspace bug when updating nested packages
  • npm: correctly parse npm 7 version from package dependencies
  • npm: Refactor NpmLockfileUpdater
  • Update npm from 7.5.2 to 7.5.3
  • Bump @npmcli/arborist from 2.2.0 to 2.2.1 in /npm_and_yarn/helpers
  • Bump phpstan/phpstan from 0.12.71 to 0.12.74 in /composer/helpers/v2
  • Bump phpstan/phpstan from 0.12.71 to 0.12.74 in /composer/helpers/v1

v0.133.0, 9 February 2021

  • Bundler: Raise UnexpectedExternalCode if reject_external_code: true and the update involves external code

v0.132.0, 8 February 2021

... (truncated)
Commits
  • c0aff82 Merge pull request #3170 from dependabot/v0.133.5-release-notes
  • 38d2fc1 v0.133.5
  • 7ae8b04 Merge pull request #3169 from dependabot/dependabot-updates-1146
  • e918c01 hex: aggressive reject_external_code
  • e1f0a0f Fix npm file updater spec
  • e8d5063 python: aggressive reject_external_code
  • f79f172 Merge pull request #3166 from dependabot/v0.133.4-release-notes
  • 1841e4d v0.133.4
  • 44281ba Merge pull request #3164 from dependabot/feelepxyz/delete-old-npm-yarn-fixtures
  • fae72e1 Delete old npm and yarn fixtures
  • Additional commits viewable in compare view

Merge request reports