github dependabot/dependabot-core v0.304.0
on GitHub

latest releases: v0.308.0, v0.307.0, v0.306.0...
10 days ago

What's Changed

  • Pretty print the error details in the table by @jpinz in #11911
  • Add Sorbet type annotations to UpdateChecker, LatestVersionFinder, and VersionResolver for npm_and_yarn by @kbukum1 in #11903
  • Filtering out support files update. by @thavaahariharangit in #11888
  • Bump corepack to 0.32.0 by @yeikel in #11891
  • Fix Bug Caused by Sorbet Typing T.must for npm_and_yarn by @kbukum1 in #11917
  • Update OpenTelemetry related dependencies by @JamieMagee in #11895
  • Revert Sorbet Typing Changes to Fix TypeError for nil in T.must by @kbukum1 in #11924
  • Use the official Docker Login action by @jeffwidman in #11925
  • Introduce PackageLatestVersionFinder for npm_and_yarn behind feature flag Part-1 by @kbukum1 in #11900
  • Adding support for private registries for helm by @robaiken in #11912
  • Revert "Error handling of security updates for conflicting target dependencies" by @thavaahariharangit in #11932
  • Fix Sorbet/ObsoleteStrictMemoization in Dependabot::Composer::FileUpdater by @JamieMagee in #11872
  • Ignore docker_compose spec typechecking by @JamieMagee in #11936
  • fix(uv): handle top-level dependencies without requirements by @guan404ming in #11927
  • Make Sorbet strict type opt-out instead of opt-in by @JamieMagee in #11885
  • change rate limiting error in nuget updater by @sebasgomez238 in #11937
  • Update docker version to include digest if applicable by @jpinz in #11938
  • Removing docker_tag_component_comparison feature flag by @robaiken in #11942
  • Add Bundler LatestVersionFinder inherititence from PackageLatestVersionFinder by @markhallen in #11915
  • Introduce PackageLatestVersionFinder for npm_and_yarn behind feature flag Part-2 by @kbukum1 in #11929
  • Update the digest tests to better reflect real world scenarios by @robaiken in #11955
  • Ensure .core-bash_history file exists when debugging with Dependabot CLI by @jeffwidman in #11956
  • Apply Cooldown for Release Tags in npm_and_yarn Ecosystem by @kbukum1 in #11958
  • Don't coerce nil to "" if no non-vulnerable version found by @jeffwidman in #11949
  • Handle when the version is an empty string by @jeffwidman in #11950
  • Remove Incorrect Bundler Import in Common to Fix PackageLatestVersionFinder Issue by @kbukum1 in #11959
  • v0.304.0 by @dependabot-core-action-automation in #11960

New Contributors

Full Changelog: v0.303.0...v0.304.0

Check out latest releases or
releases around dependabot/dependabot-core v0.304.0

Don't miss a new dependabot-core release

NewReleases is sending notifications on new releases.

Get notifications