github dependabot/dependabot-core v0.365.0
on GitHub

8 hours ago

What's Changed

  • add Poetry grapher by @jakecoffman in #14362
  • fix: poetry grapher should prefer poetry.lock for relevant_dependency_file by @Copilot in #14378
  • Fix elm Elm19LatestVersionFinder to respect ignore conditions by @kbukum1 in #14372
  • Bump System.Text.Json from 9.0.11 to 10.0.3 by @dependabot[bot] in #14388
  • Bump library/golang from 1.26.0-bookworm to 1.26.1-bookworm in /go_modules by @dependabot[bot] in #14385
  • Bump @npmcli/arborist from 9.3.0 to 9.4.0 in /npm_and_yarn/helpers in the npm-dependencies group by @dependabot[bot] in #14321
  • Bump eslint from 10.0.2 to 10.0.3 in /npm_and_yarn/helpers in the dev-dependencies group by @dependabot[bot] in #14384
  • Bump the all-actions group across 1 directory with 6 updates by @dependabot[bot] in #14393
  • Bump xunit.v3 from 3.0.0 to 3.2.2 by @dependabot[bot] in #14389
  • Bump @pnpm/dependency-path from 5.1.3 to 1001.1.10 in /npm_and_yarn/helpers in the pnpm-dependencies group by @dependabot[bot] in #14322
  • Upgrade uv to v0.10.9 by @edgarrmondragon in #14381
  • Bump library/rust from 1.93.1-bookworm to 1.94.0-bookworm in /cargo by @dependabot[bot] in #14383
  • bazel: Remove Label() scanning from .bzl file fetching by @redsun82 in #14395
  • python:block constraints update that conflicts by @thavaahariharangit in #14375
  • Bump silent/tests go.mod to Go 1.26 by @jeffwidman in #14401
  • Replace gh release download with go install for Dependabot CLI by @jeffwidman in #14400
  • feat: Add Swift FileParser support for Xcode-managed SwiftPM projects by @markhallen in #14360
  • Extract TitleBuilder for PR title composition by @kbukum1 in #14285
  • gradle: fix wrapper updater crash when only some wrapper files define checksum by @pedromfmachado in #14399
  • Extract pre-commit dependency version from comment in PR description by @AbhishekBhaskar in #14403
  • Maven: skip unresolvable properties by @yeikel in #14344
  • fix(npm_and_yarn): prevent path traversal and make temp dependency file writes deterministic by @thavaahariharangit in #14405
  • Test ARM64 Docker builds in CI by @Copilot in #14396
  • fix(npm_and_yarn): pass private registry env vars to corepack fallback by @thavaahariharangit in #14413
  • don't fail if nuget feed returns unexpected 404 by @brettfo in #14409
  • Add Pipenv support to Python DependencyGrapher by @Copilot in #14402
  • v0.365.0 by @dependabot-core-action-automation[bot] in #14422

New Contributors

Full Changelog: v0.364.0...v0.365.0

Check out latest releases or
releases around dependabot/dependabot-core v0.365.0

Don't miss a new dependabot-core release

NewReleases is sending notifications on new releases.

Get notifications