Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Latest merge from dependabot-core #307

Merged
merged 978 commits into from
Oct 6, 2021
Merged

Latest merge from dependabot-core #307

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
978 commits
Select commit Hold shift + click to select a range
328b63a
Raise on ruby 2.7 deprecation warnings
feelepxyz Jun 16, 2021
969443e
Fix ruby 2.7 deprecations
feelepxyz Jun 16, 2021
694ffc0
Add `--no-install-recommends` to all `apt-get install` in Dockerfile
PeterDaveHello Jun 16, 2021
a59d52a
Double quote variables in shellscript
PeterDaveHello Jun 15, 2021
a16d67b
Merge pull request #3913 from dependabot/feelepxyz/raise-on-warnings
feelepxyz Jun 16, 2021
24af1eb
v0.154.1
feelepxyz Jun 16, 2021
72a4558
Merge pull request #3918 from dependabot/v0.154.1-release-notes
feelepxyz Jun 16, 2021
df00c3d
Merge pull request #3916 from PeterDaveHelloKitchen/MakeDockerImageSm…
feelepxyz Jun 16, 2021
c7523c8
Merge pull request #3917 from PeterDaveHelloKitchen/ImproveShellScript
feelepxyz Jun 16, 2021
74e65e9
Double quote variables in Dockerfile's shellscript, cc #3917
PeterDaveHello Jun 16, 2021
7adbe7c
build(deps): bump @npmcli/arborist in /npm_and_yarn/helpers
dependabot[bot] Jun 17, 2021
6ce69f8
Bundler: attempt to isolate flaky test
feelepxyz Jun 17, 2021
e4716e1
Add more failing specs
feelepxyz Jun 17, 2021
2326605
Fix ruby 2.7 deprecations in python
feelepxyz Jun 17, 2021
a8f51f4
Add more flaky test candidates
feelepxyz Jun 17, 2021
6e876d0
Github actions: Handle no latest version found
feelepxyz Jun 16, 2021
c35256e
Strip auth headers from VCR cassettes
feelepxyz Jun 17, 2021
e2c1408
Fix spec
feelepxyz Jun 17, 2021
e5dbfbe
Remove nil guard
feelepxyz Jun 17, 2021
2721620
Fix cops
feelepxyz Jun 17, 2021
1a9e69f
Merge pull request #3921 from dependabot/feelepxyz/handle-no-github-a…
feelepxyz Jun 17, 2021
0aa729a
Terraform: Handle 401 registry responses
feelepxyz Jun 17, 2021
9857957
Merge pull request #3927 from dependabot/feelepxyz/handle-terraform-401
feelepxyz Jun 17, 2021
2797b89
Merge pull request #3926 from dependabot/feelepxyz/bundler-flaky-test…
feelepxyz Jun 17, 2021
31ee0ad
v0.154.2
feelepxyz Jun 17, 2021
f021165
Merge pull request #3928 from dependabot/v0.154.2-release-notes
feelepxyz Jun 17, 2021
d6e0d6f
Merge pull request #3923 from PeterDaveHelloKitchen/ImproveDockerfile
feelepxyz Jun 17, 2021
b3ebaf1
Merge pull request #3925 from dependabot/dependabot/npm_and_yarn/npm_…
feelepxyz Jun 17, 2021
ea63e01
Terraform: handle dependencies without a namespace
feelepxyz Jun 17, 2021
dadd9bb
Merge pull request #3930 from dependabot/feelepxyz/handle-unknown-dep
feelepxyz Jun 17, 2021
224451e
chore: add lint job to check shell scripts
xlgmokha Jun 17, 2021
b6a7359
fix shellcheck errors in shellcheck linter script
xlgmokha Jun 17, 2021
91ce888
chore: break out files to each line
xlgmokha Jun 17, 2021
d0b3d55
chore: use sudo to install apt packages
xlgmokha Jun 17, 2021
34342bc
chore: allow passing args to shellscript. e.g ./bin/lint -f diff
xlgmokha Jun 17, 2021
4629948
chore: fix SC2006
xlgmokha Jun 17, 2021
997f482
chore: fix SC2086 in docker-dev-shell
xlgmokha Jun 17, 2021
1fe439b
chore: fix SC2006
xlgmokha Jun 17, 2021
fa3deec
chore: ignore existing shellcheck issues
xlgmokha Jun 17, 2021
37402cd
chore: add ecosystem specific script files to linter list
xlgmokha Jun 17, 2021
0acfd05
chore: remove unnecessary headers
xlgmokha Jun 17, 2021
ca3f24f
rake rubocop:sort
thepwagner Jun 17, 2021
84a82a6
enable Style/* and autofix
thepwagner Jun 17, 2021
c07b6cd
enable Lint/* and autoformat
thepwagner Jun 17, 2021
64e338b
final rubocop warnings
thepwagner Jun 17, 2021
c43a566
Merge pull request #3935 from xlgmokha/remove-headers
xlgmokha Jun 17, 2021
ab8f421
Replace wget with curl for minimized dependency
PeterDaveHello Jun 18, 2021
cb5d1ac
Merge pull request #3932 from xlgmokha/turtles-in-a-half-shellcheck
xlgmokha Jun 18, 2021
e2ad9b9
Merge pull request #3936 from dependabot/rubocop-warnings
thepwagner Jun 18, 2021
dfadf00
Fetches upload-pack using git if http fails
lorengordon Jun 17, 2021
d816d36
test: pin constraint to ensure deterministic test results
xlgmokha Jun 18, 2021
c0b2fd9
test: update declared constraints in expectation
xlgmokha Jun 18, 2021
1cd3823
test: tweak assertion to match new constraint
xlgmokha Jun 18, 2021
b891c11
test: update fixture constraint to ensure resolution falls within a d…
xlgmokha Jun 18, 2021
d16dd58
Merge pull request #3937 from xlgmokha/fix-build
xlgmokha Jun 18, 2021
e68f7ec
Merge remote-tracking branch 'origin/main' into bundler-auth-uri
thepwagner Jun 18, 2021
e5f7479
Merge pull request #3922 from PeterDaveHelloKitchen/DropWgetDependency
thepwagner Jun 18, 2021
15fbe52
chore: install shellcheck in the dev container
xlgmokha Jun 18, 2021
4bfda04
Updates existing error handling tests to mock capture3 call
lorengordon Jun 18, 2021
9742c74
Adds tests for fallback where HTTP fails but git ls-remote succeeds
lorengordon Jun 18, 2021
b0c7b6d
fix url in test
thepwagner Jun 18, 2021
ae545fe
Reformats lines to accomodate line-length lint finding
lorengordon Jun 18, 2021
9d360d2
Streamlines git ls-remote fallback logic to remove unused response va…
lorengordon Jun 18, 2021
8caa80a
Merge pull request #3938 from xlgmokha/install-shellcheck
xlgmokha Jun 18, 2021
504e979
Updates github pull request tests to mock-fail git ls-remote fallback
lorengordon Jun 18, 2021
4b73ce5
Updates metadata commits finder tests to mock-fail git ls-remote fall…
lorengordon Jun 18, 2021
b66d0a1
Updates git commit checker tests to mock-fail git ls-remote fallback
lorengordon Jun 19, 2021
1b17a40
Merge pull request #3934 from lorengordon/fallback-ls-remote
xlgmokha Jun 19, 2021
40baefd
Returns basename and relative path in CodeCommit file fetcher
lorengordon Jun 18, 2021
5da4bb5
build(deps-dev): bump eslint in /npm_and_yarn/helpers
dependabot[bot] Jun 21, 2021
780725d
build(deps): update commonmarker requirement from >= 0.20.1, < 0.22.0…
dependabot[bot] Jun 21, 2021
f422d2f
build(deps-dev): bump phpstan/phpstan in /composer/helpers/v2
dependabot[bot] Jun 21, 2021
fe560b2
Clarify support policies in README and Issue template
jurre Jun 21, 2021
0dbea68
Merge pull request #3947 from dependabot/dependabot/bundler/common/co…
jurre Jun 21, 2021
df81209
Merge pull request #3948 from dependabot/dependabot/composer/composer…
jurre Jun 21, 2021
636819c
build(deps-dev): bump phpstan/phpstan in /composer/helpers/v1
dependabot[bot] Jun 21, 2021
9aceb9d
Merge pull request #3946 from dependabot/dependabot/npm_and_yarn/npm_…
jurre Jun 21, 2021
297f50e
Merge pull request #3950 from dependabot/jurre/github-support
jurre Jun 21, 2021
908d03e
Terraform: handle unreachable private module proxy
feelepxyz Jun 21, 2021
26423fe
Merge pull request #3931 from lorengordon/file-fetcher
thepwagner Jun 21, 2021
53d41a4
Merge remote-tracking branch 'origin/main' into bundler-auth-uri
thepwagner Jun 21, 2021
d7ef08b
Terraform: handle missing source
feelepxyz Jun 21, 2021
5ce4f2c
Merge pull request #3952 from dependabot/feelepxyz/terraform-handle-p…
feelepxyz Jun 21, 2021
711faa1
Merge pull request #3953 from dependabot/feelepxyz/handle-missing-source
feelepxyz Jun 21, 2021
22dce4c
Merge pull request #3949 from dependabot/dependabot/composer/composer…
feelepxyz Jun 21, 2021
f59ef11
v0.154.3
feelepxyz Jun 21, 2021
eb77891
Merge pull request #3957 from dependabot/v0.154.3-release-notes
feelepxyz Jun 21, 2021
8940d70
expected credentials
thepwagner Jun 21, 2021
8cfd465
Merge pull request #3911 from dependabot/bundler-auth-uri
thepwagner Jun 21, 2021
8adc610
bin/ci-test
thepwagner Jun 21, 2021
29e814f
Add version_filter module to common, remove from ecosystem update_che…
Nishnha Jun 15, 2021
930c66a
Check if the version is a Gem::Version, not the advisory
Nishnha Jun 15, 2021
9fc7f94
Run rubocop
Nishnha Jun 15, 2021
64b7619
Run rubocop
Nishnha Jun 15, 2021
d8b242a
Move include up in class hierarchy
Nishnha Jun 18, 2021
b627b21
Make filter_vulnerable_versions stateless
Nishnha Jun 18, 2021
9fb5fac
Rubocop
Nishnha Jun 18, 2021
dd077f9
Remove VersionFilters include
Nishnha Jun 21, 2021
772ec26
Reorder #lowest_security_fix_version filters
Nishnha Jun 21, 2021
a4b0205
Rubocop
Nishnha Jun 21, 2021
1672755
ci-test: shellcheck yourself
thepwagner Jun 21, 2021
7aa2197
docker-dev-shell: do not rename gemspec
thepwagner Jun 21, 2021
527ad39
devcontainer: do not rename gemspec
thepwagner Jun 21, 2021
130b90d
Merge pull request #3905 from dependabot/nishnha/consolidate-filter_v…
Nishnha Jun 21, 2021
e3352ac
Add fetch_lowest_security_fix_version and test
Nishnha Jun 15, 2021
f8edf1a
Working security advisory test
Nishnha Jun 15, 2021
3a56d6f
Add lowest_resolvable_security_fix_version
Nishnha Jun 15, 2021
e66bcfa
Update LatestVersionFinder tests to use new fixture tags
Nishnha Jun 15, 2021
6597c67
Update test suite, add lowest_security_fix_version tests
Nishnha Jun 16, 2021
6b36fb7
Rubocop
Nishnha Jun 16, 2021
c273b5b
temp commit
Nishnha Jun 17, 2021
43e9822
Initialize :security_advsiories as an empty array, remove pending test
Nishnha Jun 18, 2021
71f36cd
Add latest_version_checker to UpdateChecker, add tests for security a…
Nishnha Jun 18, 2021
55c01be
Use stateless filter_vulnerable_versions
Nishnha Jun 18, 2021
1cae3fd
Add missing assignment
Nishnha Jun 21, 2021
d68c097
Clarifying external contribution guidelines
asciimike Jun 21, 2021
7d0b62c
Move `#filter_vulnerable_version` to come before `#filter_ignored_ver…
Nishnha Jun 22, 2021
e68cef6
Terraform: handle nested module sources
feelepxyz Jun 21, 2021
b439fc8
Merge pull request #3958 from dependabot/feelepxyz/handle-nested-modules
feelepxyz Jun 22, 2021
1185172
Merge pull request #3962 from dependabot/nishnha/preserve_filter_order
feelepxyz Jun 22, 2021
86dd56f
v0.154.4
feelepxyz Jun 22, 2021
8b32a68
Create changelog from merge commits
feelepxyz May 5, 2021
dfd9539
Add link to pr
feelepxyz May 5, 2021
c3d6f9d
Check out branch before committing changes
feelepxyz Jun 22, 2021
45ab2e5
Merge pull request #3965 from dependabot/v0.154.4-release-notes
feelepxyz Jun 22, 2021
48a795f
Update bin/bump-version.rb
feelepxyz Jun 22, 2021
db86efa
Swap version filters
Nishnha Jun 22, 2021
9e48daf
Terraform: install modules when updating lockfile
feelepxyz Jun 22, 2021
db5170e
Update test to reflect dependency version after update
Nishnha Jun 22, 2021
005039f
Merge pull request #3968 from dependabot/feelepxyz/run-terraform-init
feelepxyz Jun 22, 2021
56eff27
v0.154.5
feelepxyz Jun 22, 2021
64a0abf
Add test for indirect dependencies to `#lowest_resolvable_security_fix`
Nishnha Jun 22, 2021
ec7ae51
Merge pull request #3969 from dependabot/v0.154.5-release-notes
feelepxyz Jun 22, 2021
c8cbfa4
Merge pull request #3961 from dependabot/dev-shell-gemspecs
thepwagner Jun 22, 2021
b99b102
Merge pull request #3910 from dependabot/go-module-security-advisories
Nishnha Jun 22, 2021
9cf158c
v0.155.0
Nishnha Jun 22, 2021
99a6a5f
Merge pull request #3970 from dependabot/v0.155.0-release-notes
Nishnha Jun 22, 2021
f8686f5
GemspecSanitizer replace interpolated strings
thepwagner Jun 22, 2021
3ebeb11
nuget: RepositoryFinder might not find PackageBaseAddress
thepwagner Jun 22, 2021
83c02a8
nuget: handle RepositoryDetails without BaseAddress
thepwagner Jun 23, 2021
1063eb0
autoformat fixture
thepwagner Jun 23, 2021
8a3d5ec
build(deps-dev): bump jest in /npm_and_yarn/helpers
dependabot[bot] Jun 23, 2021
0bda77f
build(deps): bump pip-tools from 6.1.0 to 6.2.0 in /python/helpers
dependabot[bot] Jun 23, 2021
44a5b08
Terraform: fix module updates with a lockfile
feelepxyz Jun 23, 2021
df81fa6
Merge pull request #3976 from dependabot/feelepxyz/handle-modules-wit…
feelepxyz Jun 23, 2021
2c638b6
Merge pull request #3959 from dependabot/bin-ci-test
thepwagner Jun 23, 2021
4926e65
Merge pull request #3973 from dependabot/dependabot/npm_and_yarn/npm_…
feelepxyz Jun 23, 2021
aef66fd
Merge pull request #3972 from dependabot/nuget-no-package-base-address
thepwagner Jun 23, 2021
9ceef03
Merge pull request #3971 from dependabot/bundler-gemspec-sanitize-rep…
thepwagner Jun 23, 2021
8547639
v0.155.1
thepwagner Jun 23, 2021
82d63ca
Merge pull request #3977 from dependabot/v0.155.1-release-notes
thepwagner Jun 23, 2021
15ff589
feature: Add support for Hex sub-projects
gjsduarte Jun 20, 2021
c312099
clean: Refactor tests to use new pattern
gjsduarte Jun 23, 2021
8dad7ac
Terraform: clone repository contents for update
feelepxyz Jun 23, 2021
0f5966d
Stop double writing dependecy files
feelepxyz Jun 23, 2021
139de1a
Merge pull request #3944 from gjsduarte/main
feelepxyz Jun 23, 2021
ce4ba4d
Merge pull request #3974 from dependabot/dependabot/pip/python/helper…
feelepxyz Jun 23, 2021
da10802
Merge pull request #3978 from dependabot/feelepxuz/always-clone-terra…
feelepxyz Jun 23, 2021
06a4788
Merge pull request #3642 from dependabot/feelepxyz/test-bump-version
feelepxyz Jun 23, 2021
ca3c010
v0.155.2
feelepxyz Jun 23, 2021
7284b27
Update CHANGELOG.md
feelepxyz Jun 23, 2021
63c8ac7
Merge pull request #3979 from dependabot/v0.155.2-release-notes
feelepxyz Jun 23, 2021
49e91ba
Bump minor for change to cloning
feelepxyz Jun 23, 2021
f80b847
Merge pull request #3981 from dependabot/feelepxz/update-changelog
feelepxyz Jun 23, 2021
1356bd9
Exclude release note merges in changelog
feelepxyz Jun 23, 2021
ec9187e
Merge pull request #3980 from dependabot/feelepxyz/exclude-release-no…
feelepxyz Jun 24, 2021
80ee2e6
build(deps-dev): update rubocop requirement from ~> 1.16.0 to ~> 1.17.0
dependabot[bot] Jun 16, 2021
3eb0a62
Enable new cops
feelepxyz Jun 17, 2021
2a1e102
Fix cops
feelepxyz Jun 17, 2021
07243bf
Merge pull request #3912 from dependabot/dependabot/bundler/common/ru…
feelepxyz Jun 24, 2021
9c981dc
Terraform: Configure git for `terraform init` and capture errors
jurre Jun 24, 2021
3d9701e
Merge pull request #3983 from dependabot/jurre/handle-tf-mod-access-i…
jurre Jun 24, 2021
705fdf2
v0.156.1
jurre Jun 24, 2021
dce1b23
Merge pull request #3984 from dependabot/v0.156.1-release-notes
jurre Jun 24, 2021
4198283
Terraform: Prevent `terraform init` from initializing backends
hfurubotten Jun 24, 2021
aa37d81
remove `strip_terminal_colors`
hfurubotten Jun 25, 2021
d9ef7ce
pin azurerm versions in test fixtures
hfurubotten Jun 25, 2021
5042e9c
Merge pull request #3986 from hfurubotten/fix/terraform-with-backend
jurre Jun 25, 2021
d5f91a7
prefer Dependabot::Python::FileParser::PoetryFilesParser::POETRY_DEPE…
thepwagner Jun 25, 2021
4e2d14c
poetry_files_parser ignore paths
thepwagner Jun 25, 2021
ab5c78f
poetry ignore url dependencies too
thepwagner Jun 25, 2021
3a8e412
linter
thepwagner Jun 25, 2021
5ed3f7f
Merge pull request #3990 from dependabot/poetry-prefer-constant
thepwagner Jun 25, 2021
9123a17
Merge remote-tracking branch 'origin/main' into poetry-skip-path-depe…
thepwagner Jun 25, 2021
c8e7b74
outdated test
thepwagner Jun 25, 2021
95913a0
Merge pull request #3991 from dependabot/poetry-skip-path-dependencies
thepwagner Jun 25, 2021
4a9f21f
v0.156.2
thepwagner Jun 25, 2021
279956f
Merge pull request #3994 from dependabot/v0.156.2-release-notes
thepwagner Jun 25, 2021
7f52713
build(deps-dev): bump prettier in /npm_and_yarn/helpers
dependabot[bot] Jun 28, 2021
4dc28da
build(deps): bump poetry from 1.1.6 to 1.1.7 in /python/helpers
dependabot[bot] Jun 28, 2021
b5da45d
build(deps): bump pip from 21.1.2 to 21.1.3 in /python/helpers
dependabot[bot] Jun 28, 2021
f21f24f
PR Updater: Handle required status checks
jurre Jun 28, 2021
7729f28
Merge pull request #3998 from dependabot/jurre/handle-required-checks…
jurre Jun 28, 2021
213403b
Merge pull request #3997 from dependabot/dependabot/pip/python/helper…
xlgmokha Jun 28, 2021
eea1638
Merge pull request #3996 from dependabot/dependabot/pip/python/helper…
xlgmokha Jun 28, 2021
2f25529
Merge pull request #3995 from dependabot/dependabot/npm_and_yarn/npm_…
xlgmokha Jun 28, 2021
216dbb5
build(deps): bump @npmcli/arborist in /npm_and_yarn/helpers
dependabot[bot] Jun 28, 2021
7ce61b6
build(deps-dev): bump jest in /npm_and_yarn/helpers
dependabot[bot] Jun 29, 2021
c094a1f
build(deps-dev): update rubocop requirement from ~> 1.17.0 to ~> 1.18.0
dependabot[bot] Jun 29, 2021
6e61a37
Add support for fetching extensions.xml files
britter Mar 26, 2021
0544126
Add support for extensions.xml to parser
britter Mar 26, 2021
dce25b4
Add update support for extension.xml files
britter Mar 26, 2021
47e2103
Fix rubocop violations
britter Mar 26, 2021
3dbfcf1
Use `if` instead `unless nil`
britter May 8, 2021
22f2498
Simplify using `fetch_file_if_present`
britter May 8, 2021
a2e3769
Simplify updated files check
britter May 8, 2021
c8034ab
Make sure code works even if `.mvn` directory is missing
britter Jun 14, 2021
7284339
Always require a pom.xml file
britter Jun 17, 2021
272b33b
Remove empty line
britter Jun 17, 2021
9881b96
Remove empty line
britter Jun 17, 2021
40cca46
Fix linter error
britter Jun 29, 2021
e4ade61
Fix linter error
britter Jun 29, 2021
e60e0d9
v0.156.3
jurre Jun 29, 2021
483793a
Merge pull request #4005 from dependabot/v0.156.3-release-notes
jurre Jun 29, 2021
980d7b8
Fix spec stubs
feelepxyz Jun 29, 2021
1a5caf4
Merge pull request #3366 from britter/britter/maven-extensions-xml-su…
feelepxyz Jun 29, 2021
ba6ed12
Merge pull request #4004 from dependabot/dependabot/bundler/common/ru…
xlgmokha Jun 29, 2021
02a5948
Merge pull request #3988 from dependabot/dependabot/npm_and_yarn/npm_…
xlgmokha Jun 29, 2021
2da33c3
add Unauthorized exception to azure.rb
wolf-cola Jun 30, 2021
58ce00b
add tests for azure client
wolf-cola Jun 30, 2021
58682e1
v0.156.4
xlgmokha Jun 30, 2021
9333b7c
fix trailing whitespace
wolf-cola Jun 30, 2021
ae8813a
fix trailing whitespace
wolf-cola Jun 30, 2021
b1c969e
Merge pull request #4013 from xlgmokha/v0.156.4-release-notes
xlgmokha Jun 30, 2021
0185a9f
test: place upper bound on version constraint
xlgmokha Jun 30, 2021
6c51eba
Merge pull request #4015 from xlgmokha/fix-build
jurre Jul 1, 2021
6c18425
Gomod: Handle unrecognized import path error
jurre Jul 1, 2021
49a23ba
Merge pull request #4012 from wolf-cola/azure-client-catch-401
jurre Jul 1, 2021
4c53ceb
Merge pull request #4016 from dependabot/jurre/go-unrecognized-import…
jurre Jul 1, 2021
eea196e
test: reproduce a defect with relative paths using poetry
xlgmokha Jul 2, 2021
065c4b0
test: ensure both the pyproject and lock file are updated
xlgmokha Jul 2, 2021
3ed029d
fix(poetry): copy all project files when generating lockfile hash
xlgmokha Jul 2, 2021
65fc274
style: fix linter errors
xlgmokha Jul 2, 2021
a7ae543
build(deps-dev): bump eslint in /npm_and_yarn/helpers
dependabot[bot] Jul 5, 2021
62f22a2
add response 200 context block for #create_commit test
wolf-cola Jul 2, 2021
6c54681
add 403 test for Azure.create_commit
wolf-cola Jul 6, 2021
d7f7d1f
add test for fetch_commit
wolf-cola Jul 6, 2021
ce4a8cd
fix trailing whitespace
wolf-cola Jul 6, 2021
7034dee
build(deps-dev): bump phpstan/phpstan in /composer/helpers/v2
dependabot[bot] Jul 12, 2021
775fffd
build(deps-dev): bump phpstan/phpstan in /composer/helpers/v1
dependabot[bot] Jul 12, 2021
031d9b6
Merge pull request #4037 from dependabot/dependabot/composer/composer…
feelepxyz Jul 12, 2021
b25f669
Merge pull request #4021 from dependabot/dependabot/npm_and_yarn/npm_…
feelepxyz Jul 12, 2021
2a6b911
Merge pull request #4003 from dependabot/dependabot/npm_and_yarn/npm_…
feelepxyz Jul 12, 2021
306c857
Merge pull request #4036 from dependabot/dependabot/composer/composer…
feelepxyz Jul 12, 2021
f4a4129
Merge pull request #4029 from wolf-cola/azure-catch-403
feelepxyz Jul 12, 2021
adf78d6
Merge pull request #4018 from xlgmokha/updates-1600
xlgmokha Jul 12, 2021
0abe577
v0.156.5
xlgmokha Jul 12, 2021
2bccebb
Merge pull request #4039 from xlgmokha/v0.156.5-release-notes
xlgmokha Jul 12, 2021
de51ac5
latest merge from dependabot-core main
milind009 Jul 13, 2021
2bef0e1
syntax error
milind009 Jul 13, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .devcontainer/devcontainer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
"-v", "${localWorkspaceFolder}/bundler/Gemfile:/home/dependabot/dependabot-core/bundler/Gemfile",
"-v", "${localWorkspaceFolder}/bundler/lib:/home/dependabot/dependabot-core/bundler/lib",
"-v", "${localWorkspaceFolder}/bundler/spec:/home/dependabot/dependabot-core/bundler/spec",
"-v", "${localWorkspaceFolder}/cargo/dependabot-cargo.gemspec:/home/dependabot/dependabot-core/cargo/dependabot-core.gemspec",
"-v", "${localWorkspaceFolder}/cargo/dependabot-cargo.gemspec:/home/dependabot/dependabot-core/cargo/dependabot-cargo.gemspec",
"-v", "${localWorkspaceFolder}/cargo/Gemfile:/home/dependabot/dependabot-core/cargo/Gemfile",
"-v", "${localWorkspaceFolder}/cargo/lib:/home/dependabot/dependabot-core/cargo/lib",
"-v", "${localWorkspaceFolder}/cargo/spec:/home/dependabot/dependabot-core/cargo/spec",
Expand All @@ -42,11 +42,11 @@
"-v", "${localWorkspaceFolder}/elm/Gemfile:/home/dependabot/dependabot-core/elm/Gemfile",
"-v", "${localWorkspaceFolder}/elm/lib:/home/dependabot/dependabot-core/elm/lib",
"-v", "${localWorkspaceFolder}/elm/spec:/home/dependabot/dependabot-core/elm/spec",
"-v", "${localWorkspaceFolder}/git_submodules/dependabot-git_submodules.gemspec:/home/dependabot/dependabot-core/git_submodules/dependabot-core.gemspec",
"-v", "${localWorkspaceFolder}/git_submodules/dependabot-git_submodules.gemspec:/home/dependabot/dependabot-core/git_submodules/dependabot-git_submodules.gemspec",
"-v", "${localWorkspaceFolder}/git_submodules/Gemfile:/home/dependabot/dependabot-core/git_submodules/Gemfile",
"-v", "${localWorkspaceFolder}/git_submodules/lib:/home/dependabot/dependabot-core/git_submodules/lib",
"-v", "${localWorkspaceFolder}/git_submodules/spec:/home/dependabot/dependabot-core/git_submodules/spec",
"-v", "${localWorkspaceFolder}/github_actions/dependabot-github_actions.gemspec:/home/dependabot/dependabot-core/github_actions/dependabot-core.gemspec",
"-v", "${localWorkspaceFolder}/github_actions/dependabot-github_actions.gemspec:/home/dependabot/dependabot-core/github_actions/dependabot-github_actions.gemspec",
"-v", "${localWorkspaceFolder}/github_actions/Gemfile:/home/dependabot/dependabot-core/github_actions/Gemfile",
"-v", "${localWorkspaceFolder}/github_actions/lib:/home/dependabot/dependabot-core/github_actions/lib",
"-v", "${localWorkspaceFolder}/github_actions/spec:/home/dependabot/dependabot-core/github_actions/spec",
Expand All @@ -62,15 +62,15 @@
"-v", "${localWorkspaceFolder}/hex/Gemfile:/home/dependabot/dependabot-core/hex/Gemfile",
"-v", "${localWorkspaceFolder}/hex/lib:/home/dependabot/dependabot-core/hex/lib",
"-v", "${localWorkspaceFolder}/hex/spec:/home/dependabot/dependabot-core/hex/spec",
"-v", "${localWorkspaceFolder}/maven/dependabot-maven.gemspec:/home/dependabot/dependabot-core/maven/dependabot-core.gemspec",
"-v", "${localWorkspaceFolder}/maven/dependabot-maven.gemspec:/home/dependabot/dependabot-core/maven/dependabot-maven.gemspec",
"-v", "${localWorkspaceFolder}/maven/Gemfile:/home/dependabot/dependabot-core/maven/Gemfile",
"-v", "${localWorkspaceFolder}/maven/lib:/home/dependabot/dependabot-core/maven/lib",
"-v", "${localWorkspaceFolder}/maven/spec:/home/dependabot/dependabot-core/maven/spec",
"-v", "${localWorkspaceFolder}/npm_and_yarn/dependabot-npm_and_yarn.gemspec:/home/dependabot/dependabot-core/npm_and_yarn/dependabot-npm_and_yarn.gemspec",
"-v", "${localWorkspaceFolder}/npm_and_yarn/Gemfile:/home/dependabot/dependabot-core/npm_and_yarn/Gemfile",
"-v", "${localWorkspaceFolder}/npm_and_yarn/lib:/home/dependabot/dependabot-core/npm_and_yarn/lib",
"-v", "${localWorkspaceFolder}/npm_and_yarn/spec:/home/dependabot/dependabot-core/npm_and_yarn/spec",
"-v", "${localWorkspaceFolder}/nuget/dependabot-nuget.gemspec:/home/dependabot/dependabot-core/nuget/dependabot-core.gemspec",
"-v", "${localWorkspaceFolder}/nuget/dependabot-nuget.gemspec:/home/dependabot/dependabot-core/nuget/dependabot-nuget.gemspec",
"-v", "${localWorkspaceFolder}/nuget/Gemfile:/home/dependabot/dependabot-core/nuget/Gemfile",
"-v", "${localWorkspaceFolder}/nuget/lib:/home/dependabot/dependabot-core/nuget/lib",
"-v", "${localWorkspaceFolder}/nuget/spec:/home/dependabot/dependabot-core/nuget/spec",
Expand Down
8 changes: 3 additions & 5 deletions .github/ISSUE_TEMPLATE/bug-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
---
name: "\U0001F41B Bug report"
about: Report a bug in Dependabot to help us fix it
about: Report a bug in dependabot-core to help us fix it
title: ''
labels: 'T: bug 🐞'
assignees: ''

---

<!-- Please search existing issues to avoid creating duplicates. -->

<!-- The Dependabot team is currently at reduced capacity, because of this our
response times on issues will be slower than we'd like. -->
<!-- For support on the GitHub-integrated Dependabot service, please contact [GitHub support](https://support.github.com/) -->
<!-- This issue-tracker is meant for issues related to Dependabot's updating logic, a good rule of thumb is that if you have questions about the _diff_ in a PR, it belongs here, otherwise the GitHub support team is best equipped to help you -->

<!-- The more information you can provide, the easier it will be to reproduce the issue and find a fix -->

Expand Down
8 changes: 8 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,15 @@ jobs:
run: |
docker run \
--env "CI=true" \
--env "RAISE_ON_WARNINGS=true" \
--env "DEPENDABOT_TEST_ACCESS_TOKEN=${{ secrets.GITHUB_TOKEN }}" \
--env "SUITE_NAME=${{ matrix.suite.name }}" \
--rm "$CORE_CI_IMAGE" bash -c \
"cd /home/dependabot/dependabot-core/${{ matrix.suite.path }} && ./script/ci-test"
lint:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- run: sudo apt-get update -y && sudo apt-get install --no-install-recommends shellcheck
- run: ./bin/lint
Loading