What's Changed
- Bump composer/composer from 2.7.2 to 2.7.4 in /composer/helpers/v2 in the prod-dependencies group across 1 directory by @dependabot in #9590
- #5246:removing the leading underscore restriction in the package naming. by @raj-meka in #9569
- allow updating package without assemblies from
packages.configby @brettfo in #9542 - Bump library/rust from 1.75.0-bookworm to 1.77.2-bookworm in /cargo by @dependabot in #9585
- chore(python): target latest python versions 3.12.3, 3.11.9 by @nimirium in #9526
- Fix error thrown when updating dependencies in poetry non-package mode by @ewilliamson-patreon in #9400
- Update version_resolver to support yarn v4 by @jpandersen87 in #9405
- #9508: Recreating and Handling "Name contains illegal characters" in package.json by @thavaahariharangit in #9611
- don't sent dotnet telemetry by @brettfo in #9614
- Add
simplecovto track test coverage by @JamieMagee in #9595 - Add scorecards analysis by @JamieMagee in #9589
- #9555:sorbet error fix by @raj-meka in #9622
- Bump plette from 0.4.4 to 2.0.2 in /python/helpers by @dependabot in #9630
- Bump the sorbet group across 1 directory with 2 updates by @dependabot in #9632
- Sign remaining images with cosign by @JamieMagee in #9615
- Enable Docker content trust by @JamieMagee in #9620
- Bump Ruby to 3.3.1 by @jurre in #9597
- Bump toml-rb from 2.2.0 to 3.0.1 by @dependabot in #9580
- Resolve some Sorbet errors in Terraform by @JamieMagee in #9635
- Strict type
Dependabot::NpmAndYarn::FileUpdater::NpmrcBuilderby @JamieMagee in #9637 - Specify patch levels for previous Rubies by @landongrindheim in #9645
- Add support for Cargo private registries by @CodingAnarchy in #8719
- Allow NuGet dependencies to exist with duplicate names but different dependency types by @DavidBoike in #9642
- Bump the pnpm-dependencies group in /npm_and_yarn/helpers with 2 updates by @dependabot in #9562
- Bump the pnpm-dependencies group across 1 directory with 2 updates by @dependabot in #9651
- Improve handling for hashing unknown packages by @jurre in #9556
- Enable YJIT for even-numbered update jobs by @landongrindheim in #9663
- log base commit for easier debugging by @jakecoffman in #9654
- v0.255.0 by @dependabot-core-action-automation in #9649
New Contributors
- @nimirium made their first contribution in #9526
- @ewilliamson-patreon made their first contribution in #9400
- @jpandersen87 made their first contribution in #9405
- @CodingAnarchy made their first contribution in #8719
- @DavidBoike made their first contribution in #9642
Full Changelog: v0.254.0...v0.255.0