What's Changed
- Add test coverage for Poetry non-package mode (package-mode = false) by @markhallen in #14731
- Extract Maven repo interaction logic for JVM ecosystems reuse by @AbhishekBhaskar in #14721
- uv: Use env vars for index auth when URL matches pyproject.toml by @thavaahariharangit in #14744
- Keep pinned git references by @robaiken in #14729
- fix(github_actions): apply cooldown to ref rewrites by @shaanmajid in #14734
- feat: Populate PoetryPackageManager version metadata by @markhallen in #14745
- fix: Guard against nil dependencies in Poetry group sections by @markhallen in #14751
- Fix TypeError on VCS repository credentials missing
registryfield in Composer by @Copilot in #14732 - Fix Python libraries misclassification regression due to PR 14709 by @AbhishekBhaskar in #14747
- Extract Maven metadata lookup logic into shared metadata finder for ecosystem reuse by @AbhishekBhaskar in #14756
- cargo: Fix duplicate Cargo.lock entries for feature-gated git dependencies by @jurre in #14725
- Poetry v2 feature tests by @robaiken in #14771
- test: Add end-to-end security update tests for Poetry v2 PEP 621 projects by @markhallen in #14773
- Refactor Maven shared version finder for SBT and Gradle ecosystem reuse by @AbhishekBhaskar in #14774
- percent-encode npm releaser names in Maintainer changes section by @v-HaripriyaC in #14638
- Fix npm vulnerability auditor for workspace Link nodes by @thavaahariharangit in #14754
- Swift: support trailing commas in .package() declarations by @struuuuggle in #14755
- fix(uv): derive
--index URLs from uv.lock registry sources instead of credentialindex-urlby @thavaahariharangit in #14779 - Fix python update_not_possible error with
bump_versionsstrategy by @AbhishekBhaskar in #14785 - fix(python): filter non-requirements .txt files using filename regex patterns by @Nishnha in #14786
- add a new PackageReference element next to existing PackageReference elements by @brettfo in #14796
- Remove unused Properties from ProjectDiscoveryResult and delete Property type by @brettfo in #14776
- Fix nullability warnings in DependencyConflictResolver.cs by @brettfo in #14784
- detect file indentation characters by @brettfo in #14797
- don't do a build on legacy projects by @brettfo in #14748
- v0.371.0 by @dependabot-core-action-automation[bot] in #14800
New Contributors
- @shaanmajid made their first contribution in #14734
- @struuuuggle made their first contribution in #14755
Full Changelog: v0.370.0...v0.371.0