v0.238.0
What's Changed
- Update error message matching by @pavera in #8408
- yarn:update add a handled error for missing tags by @pavera in #8389
- Contribute changes to NuGet updater from Azure team by @brettfo in #8179
- Strictly type
GitMetadataFetcherby @JamieMagee in #8441 - Strictly type
Dependabot::Dependencyby @JamieMagee in #8418 - Bump
nugetfiles type strictness by @JamieMagee in #8468 - Sanitize
.yanrc.ymlwhen missing environment variables prevent yarn from running by @deivid-rodriguez in #8446 - Remove unused licensed gem and artifacts by @deivid-rodriguez in #8466
- Capture dependencies groups with inline comments in pyproject files by @dsuleimenov in #8423
- build(deps): bump pNPM to 8.11.0 by @yeikel in #8471
- Bump the dev-dependencies group in /npm_and_yarn/helpers with 2 updates by @dependabot in #8438
- Bump the npm-dependencies group in /npm_and_yarn/helpers with 2 updates by @dependabot in #8336
- Fix pipenv upgrades when star requirement is used by @deivid-rodriguez in #8452
- Bump cython from 3.0.4 to 3.0.5 in /python/helpers by @dependabot in #8337
- fix #8414 follow poetry source constraint by @lucemia in #8422
- Handle 403 Forbidden errors from PNPM by @deivid-rodriguez in #8447
- Bump poetry from 1.6.1 to 1.7.1 in /python/helpers by @dependabot in #8437
- Fix type issues detected in GitHub Actions ecosystem by @deivid-rodriguez in #8472
- Bump pipenv from 2023.8.28 to 2023.11.15 in /python/helpers by @dependabot in #8087
- fix individual PRs being created that should be in the group by @jakecoffman in #8264
- Bump the dev-dependencies group in /composer/helpers/v2 with 2 updates by @dependabot in #8462
- Bump the dev-dependencies group in /composer/helpers/v1 with 1 update by @dependabot in #8459
- Fix encoding changes when truncating PR descriptions by @mburumaxwell in #8077
- fix grouped update PRs are missing current -> updated version message by @jakecoffman in #8478
- Bump opentelemetry-sdk from 1.3.0 to 1.3.1 in /updater by @dependabot in #8342
- Bump the dev-dependencies group in /updater with 1 update by @dependabot in #8340
- Use a pipenv fork for now to fix tomlkit issues in pipenv by @deivid-rodriguez in #8477
- Bump sorbet-runtime from 0.5.11094 to 0.5.11142 in /updater by @dependabot in #8461
- Ignore repo access issues while parsing actions dependencies by @deivid-rodriguez in #8454
- Fix missing codecommit require by @deivid-rodriguez in #8479
- Handle 401 Unauthorized errors from PNPM by @deivid-rodriguez in #8476
- Bump type strictness by @JamieMagee in #8482
- Refactor error handling by @deivid-rodriguez in #8486
- Enforce LF line endings on checkout by @JamieMagee in #8487
- Raise user error when Yarn is misconfigured by @deivid-rodriguez in #8326
- Fix NPM yanked package detection by @deivid-rodriguez in #8489
- Fix private registry authentication for NPM 8 or higher by @deivid-rodriguez in #8453
- add support for refreshing a grouped security update by @jakecoffman in #8497
- Honor NuGet.config sources and search all build files for properties by @brettfo in #8498
- port Docker updater improvements from Azure DevOps by @brettfo in #8192
- Teach Dependabot how to present multi-directory PRs by @Nishnha in #8494
- fix regression in json gem by using an older version by @jakecoffman in #8509
- Choose closest Nuget.Config by @ryanbrandenburg in #8501
- Update contribution information by @carogalvin in #8507
- fix NuGet smoke test by properly locating
Directory.Packages.propsby @brettfo in #8511 - clean up smoke.yml by @jakecoffman in #8525
- Fix issue with parsing docker images with a tag in the _. format by @jpinz in #8500
- require correct FileFetcher by @jakecoffman in #8527
- Skip Maven snapshots repositories from versions checking by @slawekjaranowski in #8514
- don't attempt to update a package if no versions could be found by @brettfo in #8502
- Include the directory name in multi-directory PR summaries by @Nishnha in #8528
- Create feature flag for Grouped security updates by @ryanbrandenburg in #8529
- fix group update creation failure when a dependency is ignored by @jakecoffman in #8535
- properly resolve nuget search query when the api is versioned by @brettfo in #8534
- only run suites that have changes by @jakecoffman in #8536
- Skip Maven snapshots repositories from versions checking - fix 2 by @slawekjaranowski in #8542
- Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /go_modules by @TomSellers in #8548
- Use upstream pipenv again by @deivid-rodriguez in #8547
- Don't escape dependency names in tarball URLs since it doesn't always work by @deivid-rodriguez in #8546
- dynamically discover smoke tests by @jakecoffman in #8551
- improvements to querying nuget apis for versions by @brettfo in #8538
- Prioritize detection of sha suffixed tags over date tags by @mctofu in #8553
- Fix docker updates for tags with a v prefix by @mctofu in #8561
- v0.238.0 by @dependabot-core-action-automation in #8448
New Contributors
- @dsuleimenov made their first contribution in #8423
- @ryanbrandenburg made their first contribution in #8501
- @jpinz made their first contribution in #8500
- @slawekjaranowski made their first contribution in #8514
- @TomSellers made their first contribution in #8548
Full Changelog: v0.237.0...v0.238.0
Contributors
lucemia, pavera, and 15 other contributors