What's Changed
- Revert "Migrate from
sentry-raventosentry-ruby" by @jakecoffman in #8874 - Docker parser/updater: also support files with a
.in the name by @danwkennedy in #8875 - try to perform environment variable expansion in
NuGet.Confingby @brettfo in #8879 - Enable version updates for devcontainers by @deivid-rodriguez in #8882
- Point again to latest pipenv release by @deivid-rodriguez in #8880
- Strict type
Dependabot::PullRequestCreator::PrNamePrefixerby @JamieMagee in #8866 - Strong type
Dependabot::PullRequestCreator::MessageBuilder::IssueLinkerby @JamieMagee in #8865 - Use proper discovery logic for dotnet-tools.json files. by @JoeRobich in #8889
- [gradle] Parse repositories from the top-level buildfile by @Nishnha in #8891
- only directly query
.nuspecfiles from nuget and azure devops by @brettfo in #8892 - Add a guard for nil top level buildfiles by @Nishnha in #8894
- Fix milestone type for PullRequestCreator by @andrcuns in #8890
- Migrate from
sentry-raventosentry-rubyby @JamieMagee in #8878 - search all candidate packages for compatibility in descending version order by @brettfo in #8901
- add a fake ecosystem for updater integration tests by @jakecoffman in #8871
- Strict type
Dependabot::MetadataFinders::CommitsFinderby @JamieMagee in #8893 - grouped security updates don't require an explicit group by @jakecoffman in #8907
- Strict type
Dependabot::MetadataFinders::Base::ReleaseFinderby @JamieMagee in #8897 - Strict type
Dependabot::MetadataFinders::Base::ChangelogPrunerby @JamieMagee in #8902 - clean directory at job start by @jakecoffman in #8912
- build(deps): bump pNPM to 8.14.3 by @yeikel in #8667
- Handle MSBuild property conditions that have a property wrapped in single quotes in NuGetUpdater by @bording in #8913
- Don't assume
.nuspecdependency group has atargetFrameworkattribute. by @brettfo in #8915 - fix nil directory causing NilClass exception by @jakecoffman in #8921
- tests for grouped security update rebase jobs by @jakecoffman in #8909
- Remove invalid UTF-8 characters from nuspec response body by @JamieMagee in #8929
- Always use .ruby-version for Bundler dependency resolution by @etiennebarrie in #8835
- fix token running out of API quota by @jakecoffman in #8877
- updater end-to-end helper script by @jakecoffman in #8932
- Bump the dev-dependencies group in /composer/helpers/v2 with 2 updates by @dependabot in #8920
- Bump the dev-dependencies group in /npm_and_yarn/helpers with 3 updates by @dependabot in #8820
- Retry transient git clone errors by @JamieMagee in #8926
- Surround command line arguments with quotes by @TomW-Skyline in #8695
- Strict type
Dependabot::PullRequestCreator::MessageBuilder::Metadata::Presenterby @JamieMagee in #8942 - Add codespell config and workflow to detect new typos, fix some already found typos by @yarikoptic in #8228
- add tests around incidental updates by @jakecoffman in #8941
- grouped security updates: use the group if one is defined by @jakecoffman in #8742
- always clone all the ecosystems by @jakecoffman in #8933
- fix smoke tests failing because Dir.entries order is not deterministic by @jakecoffman in #8945
- bump(deps): bump regclient from 0.5.1 to 0.5.6 by @yeikel in #8103
- add sorbet types to Dependabot::Job by @jakecoffman in #8943
- Do not swallow exception, print the message by @trejjam in #8928
- Bump the sorbet group with 2 updates by @dependabot in #8951
- Job ID type is always a String by @jakecoffman in #8953
- Bump the all-actions group with 3 updates by @dependabot in #8952
- Bump the dev-dependencies group in /composer/helpers/v1 with 1 update by @dependabot in #8520
- Bump the npm-dependencies group in /npm_and_yarn/helpers with 2 updates by @dependabot in #8934
- fix security updates getting into grouped code by @jakecoffman in #8957
- Don't recursively update projects which have already been evaluated by @ryanbrandenburg in #8940
- Add
sentry-opentelemetryand configure when OTel is enabled by @JamieMagee in #8935 - fix Go prerelease ordering by @jakecoffman in #8962
- make a Credential class by @jakecoffman in #8967
- Strict type
Dependabot::GitSubmodulesby @JamieMagee in #8970 - Strict type
Dependabot::Devcontainersby @JamieMagee in #8982 - force set
Condition="false"on Microsoft.WebApplication.targets by @brettfo in #8946 - escape nuget feed urls before querying by @brettfo in #8990
- fix TypeError: no implicit conversion of Credential into Hash by @jakecoffman in #8995
- add types to DependencySnapshot by @jakecoffman in #8986
- Allow
submodule_pathto be nilable by @JamieMagee in #8996 - Expand Sorbet usage by @ryanbrandenburg in #8958
- Update DevContainer by @ryanbrandenburg in #8968
- True type
Dependabot::Python::Versionby @JamieMagee in #9002 - True type
Dependabot::Bundler::FileFetcherto by @JamieMagee in #8997 - handle dependencies incidentally updated by @jakecoffman in #8803
- Bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /go_modules by @dependabot in #9008
- fix(gitlab): pr creator missing default for target_project_id by @THETCR in #8985
- Add info on Docker tag support by @Nishnha in #9000
- Nuget lint by @trejjam in #8930
- Filter out NuGet feeds which don't have URLs by @JamieMagee in #9011
- only consider a package a development dependency if it doesn't have any other regular dependencies by @brettfo in #9017
- allow folllowing HTTP 307 when resolving
.nupkgcontents by @brettfo in #9022 - add types to DependencyChange by @jakecoffman in #8999
- fix directories in use for non-grouped updates by @jakecoffman in #9026
- Strict type
Dependabot::MetadataFinders::Base::ChangelogFinderby @JamieMagee in #9029 - add close up-to-date updater test by @jakecoffman in #9025
- test more of the security error scenarios by @jakecoffman in #9039
- support group configs specifically for security updates or version updates by @jakecoffman in #9040
- Strict type
Dependabot::Clients::Azureby @JamieMagee in #9042 - Fix docker variant with matching digests not updating correctly by @brbayes-msft in #9043
- v0.243.0 by @dependabot-core-action-automation in #9047
New Contributors
- @bording made their first contribution in #8913
- @etiennebarrie made their first contribution in #8835
- @TomW-Skyline made their first contribution in #8695
- @yarikoptic made their first contribution in #8228
Full Changelog: v0.242.1...v0.243.0