v0.281.0

What's Changed

• Update python version regex and fix version ordering by @amazimbe in #10613
• Update Specs for NPM 8 as Default and Fallback Version by @kbukum1 in #10765
• allow for various xml formatting when finding runtime config file by @brettfo in #10779
• update allowed files regex by @brettfo in #10774
• handle all errors during an update job by @brettfo in #10762
• create separate loggers to make test output easier to read by @brettfo in #10748
• Fix nuget ecosystem arm build by @andrcuns in #10693
• Add sorbet typing to maven requirements updater by @amazimbe in #10778
• Update pnpm Specs with Public Git Dependency for Private Testing by @kbukum1 in #10786
• raise when an unsupported package manager version is present by @jakecoffman in #10794
• fix rebase creating PR for wrong dependency by @sachin-sandhu in #10727
• Bump the npm-dependencies group across 1 directory with 3 updates by @dependabot in #10741
• Remove Bundler v1 Deprecation and Unsupported Feature Flags and Deactivate Bundler v1 CI Tests by @kbukum1 in #10796
• Remove Bundler v1 Code by @kbukum1 in #10793
• Adds additional log for wrong dependency rebase (dependency_changed) issue by @sachin-sandhu in #10804
• Fix dependency tag filtering to use exact prefix matching by @robaiken in #10799
• v0.281.0 by @dependabot-core-action-automation in #10805

Full Changelog: v0.280.0...v0.281.0

v0.280.0

What's Changed

• Make Dependabot tolerate new "ref not found" error message from Cargo 1.80+ by @RobJellinghaus in #10719
• Add package_manager for Composer v1 deprecation warning and unsupported error by @kbukum1 in #10716
• Fix Sorbet typings for Composer file_parser and helper by @kbukum1 in #10732
• Upgrade NuGet.Client from 6.10.0.100 to 6.11.1.2 by @JamieMagee in #10718
• report specific error when project cannot be restored by @brettfo in #10720
• Sorbet support arm64 macOS natively by @JamieMagee in #10662
• Strict type Dependabot::NpmAndYarn::FileUpdater by @JamieMagee in #10651
• Strict type Dependabot::Terraform::FileUpdater by @JamieMagee in #10644
• Update NPM Default and Fallback Versions to NPM 8 by @kbukum1 in #10757
• Fix typo by @martincostello in #10723
• Patch: Enforce npm 8 for Lockfile Version 2+ by @kbukum1 in #10761
• Fixes : exception handling for client and server codes (4xx, 5xx) by @sachin-sandhu in #10770
• v0.280.0 by @dependabot-core-action-automation in #10767

New Contributors

• @RobJellinghaus made their first contribution in #10719

Full Changelog: v0.279.0...v0.280.0

v0.279.0

What's Changed

• raise specific error when no update was possible by @brettfo in #10685
• Python Dependabot::SharedHelpers::HelperSubprocessFailed issues fixes by @sachin-sandhu in #10686
• update package to fix bug in XML reader by @brettfo in #10687
• Upgrade opentelemetry related gems by @JamieMagee in #10690
• use new nuget dependency solver by default by @brettfo in #10671
• Add OpenTelemetry metrics by @JamieMagee in #10691
• escape all required characters in nuget source names by @brettfo in #10702
• Make sure process parameters are correctly quoted by @ffried in #10676
• rearrange NuGet error handling to one location in full runner by @brettfo in #10692
• only escape repo urls if necessary by @brettfo in #10710
• Support .NET 9 by @martincostello in #10593
• allow empty version after comma in a requirement by @brettfo in #10713
• Cleans up feature flag for dynamic version selector by @sachin-sandhu in #10706
• Revert "Revert "Use new implementation of Maven version standard"" by @amazimbe in #10704
• v0.279.0 by @dependabot-core-action-automation in #10721

New Contributors

• @ffried made their first contribution in #10676

Full Changelog: v0.278.0...v0.279.0

v0.278.0

What's Changed

• Fixes exception handler for file_not_parseable under file_updater and fixes error handler for package not found error by @sachin-sandhu in #10619
• Support NuGet lockfiles (Updated) by @na1307 in #9678
• add end-to-end C# update runner by @brettfo in #10521
• v0.278.0 by @dependabot-core-action-automation in #10673

Full Changelog: v0.277.0...v0.278.0

v0.277.0

What's Changed

• Bump pipenv from 2023.12.1 to 2024.0.2 in /python/helpers in the pipenv group across 1 directory by @dependabot in #10609
• Strict type Dependabot::Terraform::RequirementsUpdater by @JamieMagee in #10641
• Strict type Dependabot::Terraform::FileParser by @JamieMagee in #10640
• Run sorbet against main by @JamieMagee in #10642
• Bump gitlab version to 5.0.0 by @andrcuns in #10529
• Revert "Use new implementation of Maven version standard" by @amazimbe in #10647
• Revert smoke test branch by @amazimbe in #10648
• bump octokit to v7 by @jakecoffman in #10658
• v0.277.0 by @dependabot-core-action-automation in #10659

Full Changelog: v0.276.0...v0.277.0

v0.276.0

v0.276.0 (#10633)

Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.276.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

v0.275.0

What's Changed

• Fix showing bundler v1 deprecation warnings in PR message and logs by @kbukum1 in #10554
• Dynamic version selector for Npm and Yarn by @sachin-sandhu in #10510
• Implement maven version specification by @amazimbe in #10524
• Support retrieving workspace of path dependencies in cargo by @Jefffrey in #10550
• adds exception handlers and test cases by @sachin-sandhu in #10570
• Fix argument null exception when updating assembly references with no public key token by @rhyskoedijk in #10568
• Fixes Dependabot::Updater::SubprocessFailed issues by @sachin-sandhu in #10555
• Update CONTRIBUTING.md by @jonjanego in #10577
• Add direct link to the docs for package manager versions by @jeffwidman in #10590
• v0.275.0 by @dependabot-core-action-automation in #10591

Full Changelog: v0.274.0...v0.275.0

v0.274.0

What's Changed

• Revert "rework reporting of dependencies and requirements to better handle transitive dependencies" by @brettfo in #10472
• Error handlers for Dependabot::SharedHelpers::HelperSubprocessFailed PNPM errors by @sachin-sandhu in #10483
• Bump jason from 1.4.3 to 1.4.4 in /hex/helpers by @dependabot in #10364
• Bump rexml from 3.3.1 to 3.3.6 in /updater by @dependabot in #10488
• chore(python): target latest python 3.12.5 version by @Greesb in #10470
• Bump the dev-dependencies group across 1 directory with 3 updates by @dependabot in #10479
• Fixes unhandled couldn't find any versions for package exception by @sachin-sandhu in #10491
• Fixes Dependabot::SharedHelpers::HelperSubprocessFailed related issues by @sachin-sandhu in #10494
• Implement Logging for Bundler v1 Deprecation Warnings by @kbukum1 in #10466
• Adds handler for YARN :: YN0xx errors by @sachin-sandhu in #10505
• Fixes NPM unhandled exceptions in Dependabot::SharedHelpers::HelperSubprocessFailed by @sachin-sandhu in #10506
• Support for pub workspaces by @sigurdm in #10445
• Error handler for Dependabot::Updater::SubprocessFailed: Subprocess issues by @sachin-sandhu in #10512
• v0.273.0 by @dependabot-core-action-automation in #10514
• Fixes Yarn Dependabot::SharedHelpers::HelperSubprocessFailed issues by @sachin-sandhu in #10526
• Mount .rubocop_todo.yml to enable successful rubocop execution by @Jefffrey in #10544
• Sending Bundler v1 Deprecation Warning Alert by @kbukum1 in #10485
• Avoid using existing branches by @Nishnha in #10519
• v0.274.0 by @dependabot-core-action-automation in #10551

New Contributors

• @Greesb made their first contribution in #10470
• @Jefffrey made their first contribution in #10544

Full Changelog: v0.272.0...v0.274.0

v0.273.0

What's Changed

• Revert "rework reporting of dependencies and requirements to better handle transitive dependencies" by @brettfo in #10472
• Error handlers for Dependabot::SharedHelpers::HelperSubprocessFailed PNPM errors by @sachin-sandhu in #10483
• Bump jason from 1.4.3 to 1.4.4 in /hex/helpers by @dependabot in #10364
• Bump rexml from 3.3.1 to 3.3.6 in /updater by @dependabot in #10488
• chore(python): target latest python 3.12.5 version by @Greesb in #10470
• Bump the dev-dependencies group across 1 directory with 3 updates by @dependabot in #10479
• Fixes unhandled couldn't find any versions for package exception by @sachin-sandhu in #10491
• Fixes Dependabot::SharedHelpers::HelperSubprocessFailed related issues by @sachin-sandhu in #10494
• Implement Logging for Bundler v1 Deprecation Warnings by @kbukum1 in #10466
• Adds handler for YARN :: YN0xx errors by @sachin-sandhu in #10505
• Fixes NPM unhandled exceptions in Dependabot::SharedHelpers::HelperSubprocessFailed by @sachin-sandhu in #10506
• Support for pub workspaces by @sigurdm in #10445
• Error handler for Dependabot::Updater::SubprocessFailed: Subprocess issues by @sachin-sandhu in #10512

New Contributors

• @Greesb made their first contribution in #10470

Full Changelog: v0.272.0...v0.273.0

v0.272.0

What's Changed

• Adds outofDisk exception handler for updater by @sachin-sandhu in #10444
• Fixes illformed requirement error propagation to unknown errors by @sachin-sandhu in #10448
• Add Bundler v1 Deprecation Warning by @kbukum1 in #10421
• Reformatted Deprecation and Error Messages for Bundler v1 Support by @kbukum1 in #10450
• only discover dependencies from known project types by @brettfo in #10451
• Fixes Yarn Dependabot::Updater::SubprocessFailed issues by @sachin-sandhu in #10456
• fix handling of NuGet transitive dependencies by @brettfo in #10449
• Revert Changes to updated_files_regex method with latest regex from the API by @honeyankit in #10457
• Add semver 2 versioning in dependabot common by @amazimbe in #10434
• Fix : Dependabot::DependabotError: [YN0001] issues by @sachin-sandhu in #10473
• v0.272.0 by @dependabot-core-action-automation in #10476

Full Changelog: v0.271.0...v0.272.0