v0.265.0

What's Changed

• Adds exception to handle nil buildfile issue by @sachin-sandhu in #10061
• Bump the all-actions group across 1 directory with 5 updates by @dependabot in #10165
• Enable Sorbet/StrictSigil in devcontainers by @JamieMagee in #10157
• Remove redundant call from mixfile by @JamieMagee in #10172
• Strict type github_actions by @JamieMagee in #10156
• Fix "Passed nil into T.must" error by @JamieMagee in #10159
• Improve Error Handling for JSON Parse Failures in Helper Subprocess by @kbukum1 in #10171
• Combining dependabot core version constraint (latest_allowable_version) with existing composer version constraint by @thavaahariharangit in #10150
• Bump golang.org/x/mod from 0.18.0 to 0.19.0 in /go_modules/helpers by @dependabot in #10164
• Bump library/golang from 1.22.4-bookworm to 1.22.5-bookworm in /go_modules by @dependabot in #10166
• Make HelperSubprocessFailed error class configurable in run_helper_subprocess by @kbukum1 in #10173
• Ignores timeout in .npmrc file while job update in npm_and_yarn by @sachin-sandhu in #10174
• Revert "Combining dependabot core version constraint (latest_allowable_version) with existing composer version constraint" by @thavaahariharangit in #10184
• Solution provided for ignore minor version config is not respected. by @thavaahariharangit in #10188
• v0.265.0 by @dependabot-core-action-automation in #10189

Full Changelog: v0.264.0...v0.265.0

v0.264.0

v0.264.0 (#10143)

Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.264.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

v0.263.0

What's Changed

• Bump flake8 from 7.0.0 to 7.1.0 in /python/helpers in the common group by @dependabot in #10016
• DependencyGroupChangeBatch tracks updated dependencies per file by @Nishnha in #9988
• [Fix] multi-directory grouped updates sometimes create ungrouped PRs by @Nishnha in #9938
• Disabling the RSpec IndexedLet Rubocop rule due to its negligible benefit by @GarryHurleyJr in #10056
• Bump @npmcli/arborist from 7.5.1 to 7.5.3 in /npm_and_yarn/helpers in the npm-dependencies group across 1 directory by @dependabot in #9881
• Enabling RSpec/BeforeAfterAll Rubocop rule by @GarryHurleyJr in #10043
• Enabling RSpec MultipleDescribes and renaming errors_spec.rb file by @GarryHurleyJr in #10045
• Strict type Dependabot::Bundler::PathGemSpecFinder by @raj-meka in #10027
• Strict type Dependabot::Hex::FileFetcher by @raj-meka in #9990
• Address Sorbet error by @abdulapopoola in #9973
• Remove bad newlines from EBADENGINE message by @sirreal in #10049
• Upgrade Bundler to 2.5.14 and RubyGems to 3.5.14 by @deivid-rodriguez in #9993
• Make it easier to upgrade Bundler & RubyGems in sync by @deivid-rodriguez in #9979
• fix(cargo): preserve version range using Less Than Equal by @caspermeijn in #9956
• Revert "Make it easier to upgrade Bundler & RubyGems in sync " by @kbukum1 in #10069
• Upgrade httparty to 0.22.0 by @deivid-rodriguez in #9906
• Added private repo access error catch and missing repo error capture by @sachin-sandhu in #10047
• Add HARDBREAKS to commonmarker config by @blue2cat in #6358
• Make it easier to upgrade Bundler & RubyGems in sync (take 2) by @deivid-rodriguez in #10072
• Bump sorbet-runtime from 0.5.11415 to 0.5.11444 in /updater in the sorbet group across 1 directory by @dependabot in #10064
• Bump default PNPM to 9.4.0 by @deivid-rodriguez in #10073
• Update bundler module to ruby 3.3.3 by @DuncSmith in #10038
• [NuGet] update version_finder_spec.rb by @eltociear in #9769
• Simplify docker regex by @deivid-rodriguez in #8286
• Give better error when security update not possible due to "lockfile_only" strategy by @deivid-rodriguez in #9923
• Strict type Dependabot::Gradle::SettingsFileParser by @raj-meka in #10079
• Revert "Passing the latest allowable version as package constraints" by @thavaahariharangit in #10097

New Contributors

• @sirreal made their first contribution in #10049
• @kbukum1 made their first contribution in #10069
• @eltociear made their first contribution in #9769

Full Changelog: v0.262.0...v0.263.0

v0.262.0

What's Changed

• Strict type Dependabot::Bundler::GemspecFinder by @raj-meka in #10004
• chore(python): target latest python versions 3.12.4 by @sileht in #10030
• Strict type Dependabot::Bundler::RequireRelativeFinder by @raj-meka in #10028
• Strict type Dependabot::Bundler::FilePreparer by @raj-meka in #10029
• Include directory when serializing dependencies by @landongrindheim in #10002
• Bump plette from 2.0.2 to 2.1.0 in /python/helpers by @dependabot in #9948
• Strict type Dependabot::Bundler::ChildGemFileFinder by @raj-meka in #10026
• Re-enabled NamedSubject RSpec rule which was accidentlaly overwritten by @GarryHurleyJr in #10041
• Fix Go modules prerelease by @stefanvanburen in #10022

New Contributors

• @stefanvanburen made their first contribution in #10022

Full Changelog: v0.261.1...v0.262.0

v0.261.1

What's Changed

• Enabling ScatteredSetup Rubocop rule by @GarryHurleyJr in #9980
• Enabling RSpec HooksBefore rubocop rule by @GarryHurleyJr in #9974
• Strict type Dependabot::Hex::MixFileSanitizer by @raj-meka in #9984
• Strict type Dependabot::Hex::CredentialHelpers by @raj-meka in #9989
• Strict type Dependabot::Hex::FileParser by @raj-meka in #9992
• Bump library/golang from 1.22.3-bookworm to 1.22.4-bookworm in /go_modules by @dependabot in #9942
• Strict type Dependabot::Maven::AuthHeadersFinder by @raj-meka in #10000
• Strict type Dependabot::Terraform::Requirement by @raj-meka in #10001
• Passing the latest allowable version as package constraints by @thavaahariharangit in #10018
• Fix Docker Requirement initializer type by @landongrindheim in #10021
• v0.261.1 by @dependabot-core-action-automation in #10023

Full Changelog: v0.261.0...v0.261.1

v0.261.0

What's Changed

• Strict type Dependabot::Hex::MetaDataFinder by @raj-meka in #9913
• Enabled Rubocop rule for the MetadataStyle test by @GarryHurleyJr in #9921
• Garry hurley jr/address rspec expect actual rubocop violations by @GarryHurleyJr in #9927
• Bump the all-actions group across 1 directory with 5 updates by @dependabot in #9930
• Fix comment indentation by @deivid-rodriguez in #9931
• Ignore 422 Validation Failed responses when adding assignees to a PR by @Nishnha in #9860
• don't fail when a dependency doesn't have a previous version by @jakecoffman in #9924
• Strict type Dependabot::GoModules::MetaDataFinder by @raj-meka in #9919
• Strict type Dependabot::Maven::MetadataFinder by @raj-meka in #9928
• Strict type Dependabot::Pub::MetaDataFinder by @raj-meka in #9933
• Strict type Dependabot::Terraform::MetaDataFinder by @raj-meka in #9936
• True type Dependabot::Bundler::FileUpdater::GitSourceRemover by @JamieMagee in #9912
• True type pub by @JamieMagee in #9917
• Strict type Dependabot::Bundler::FileParser::GemspecDeclarationFinder by @JamieMagee in #9911
• True type Dependabot::Bundler::UpdateChecker::SharedBundlerHelpers by @JamieMagee in #9914
• Strict type Dependabot::Bundler::FileParser::GemfileDeclarationFinder by @JamieMagee in #9907
• enabled RSpec Not To Not rubocop. by @GarryHurleyJr in #9926
• Strict type Dependabot::Swift::MetaDataFinder by @raj-meka in #9934
• Enforce true sigil in bundler by @JamieMagee in #9915
• enable receive messages by @GarryHurleyJr in #9935
• Fix code coverage merging by @deivid-rodriguez in #9922
• add Sorbet types to group update creation by @jakecoffman in #9937
• True type maven by @JamieMagee in #9953
• True type gradle by @JamieMagee in #9952
• True type terraform by @JamieMagee in #9951
• True type hex by @JamieMagee in #9950
• Enabling RSpec/ScatteredLet Rubocop by @GarryHurleyJr in #9957
• Enable RSpec/ImplicitSubject by @robaiken in #9814
• True type updater by @JamieMagee in #9929
• True type python by @JamieMagee in #9954
• Enable RSpec/MatchArray by @robaiken in #9820
• Enabling SharedExamples Rubocop rule by @GarryHurleyJr in #9970
• Strict type Dependabot::Silent::FileFetcher by @raj-meka in #9964
• Strict type Dependabot::Pub::FileParser by @raj-meka in #9969
• Strict type Dependabot::Pub::FileUpdater by @raj-meka in #9968
• Strict type Dependabot::python::NameNormaliser by @raj-meka in #9966
• Strict type Dependabot::Python::NativeHelpers by @raj-meka in #9965
• Strict type Dependabot::Silent::FileParser by @raj-meka in #9971
• Strict type Dependabot::Silent::FileUpdater by @raj-meka in #9972
• Changes made for dependabot to respect ignoring minor patch updates. by @thavaahariharangit in #9967
• Strict type Dependabot::Maven::FileFetcher by @raj-meka in #9975
• Strict type Dependabot::Hex::FileUpdater::NativeHelpers by @raj-meka in #9976
• Strict type Dependabot::Hex::MixFileGitPinUpdater by @raj-meka in #9983
• Add #directory to Dependabot::Dependency by @landongrindheim in #9982
• Revert " Changes made for dependabot to respect ignoring minor patch updates." by @jurre in #9991
• Enabling PredicateMatcher Rubocop rule on RSpec. by @GarryHurleyJr in #9960
• enabled RSpec VerifiedDoubeReference rule by @GarryHurleyJr in #9981
• v0.261.0 by @dependabot-core-action-automation in #9985

Full Changelog: v0.260.0...v0.261.0

v0.260.0

What's Changed

• TICtxtWrd-cmp: Test Improvements, Context Wording, ecosystem composer. by @thavaahariharangit in #9859
• TICtxtWrd-dcon: Test Improvements, Context Wording, ecosystem dev containers and docker. by @thavaahariharangit in #9863
• Strict-type Dependabot::Docker::Version by @raj-meka in #9864
• TICtxtWrd-github_actions:Test Improvements, Context Wording, ecosystem: github_actions. by @thavaahariharangit in #9815
• TICtxtWrd-maven: Test Improvements, Context Wording, ecosystem maven. by @thavaahariharangit in #9830
• TICtxtWrd-go: Test Improvements, Context Wording, ecosystem: go_modules. by @thavaahariharangit in #9817
• handle duplicate directories due to globs by @jakecoffman in #9792
• Adopt PR template by @jurre in #9866
• Bump library/golang from 1.22.2-bookworm to 1.22.3-bookworm in /go_modules by @dependabot in #9701
• Enable RSpec/BeEq by @robaiken in #9777
• Strict type Dependabot::Docker::FileFetcher by @raj-meka in #9870
• Strict type Docker::Requirement and Docker::Tag by @raj-meka in #9874
• Use non-deprecated spoom srb bump command by @JamieMagee in #9876
• TICtxtWrd-grdl: Test Improvements, Context Wording, For the ecosystem: Gradle by @thavaahariharangit in #9882
• TICtxtWrd-n:Test Improvements, Context Wording, for the ecosystem npm and yarn. by @thavaahariharangit in #9832
• TICtxtWrd-hex: Test Improvements, Context Wording, ecosystem hex. by @thavaahariharangit in #9868
• fail sooner when PR creation data is incomplete by @jakecoffman in #9888
• Prevent github actions with same name ending after hyphen to be updated by @abelsiqueira in #9886
• Strict type Dependabot::Docker::Requirement::Helpers by @raj-meka in #9890
• Strict type Dependabot::Docker::FileParser by @raj-meka in #9871
• TICtxtWrd-nuget: Test Improvement, Context Wording, for the ecosystem nuget by @thavaahariharangit in #9883
• Enable RSpec/DescribedClass by @robaiken in #9790
• Upgrade Bundler to 2.5.11 and RubyGems to 3.5.11 by @deivid-rodriguez in #9862
• Strict type Dependabot::Docker::Requirement::MetadataFinder by @raj-meka in #9892
• Migrate to new spoom srb coverage command by @JamieMagee in #9898
• Upgrade crack and http-party gems for ruby compatibility by @smcavallo in #9770
• Enable RSpec/LetBeforeExamples by @robaiken in #9779
• True type Dependabot::Bundler::FileUpdater by @JamieMagee in #9900
• True type Dependabot::Bundler::MetadataFinder by @JamieMagee in #9901
• Enable RSpec/ExcessiveDocstringSpacing by @robaiken in #9813
• Strict type Dependabot::Docker::Requirement::FileUpdater by @raj-meka in #9895
• Enable RSpec Example cops by @robaiken in #9811
• Strict type Dependabot::Docker::Requirement::CredentialsFinder by @raj-meka in #9889
• Enabling RSpec/VoidExpect by @robaiken in #9738
• Bump sorbet-runtime from 0.5.11353 to 0.5.11415 in /updater in the sorbet group across 1 directory by @dependabot in #9918
• v0.260.0 by @dependabot-core-action-automation in #9869

New Contributors

• @abelsiqueira made their first contribution in #9886
• @smcavallo made their first contribution in #9770

Full Changelog: v0.259.0...v0.260.0

v0.259.0

What's Changed

• Bump nokogiri from 1.16.4 to 1.16.5 in /updater by @dependabot in #9719
• Pin actions in CI workflow to commit SHA by @JamieMagee in #9755
• Revert "#6017: Address RSpec/ContextWording Rubocop violations. (#9727)" by @jurre in #9756
• Enabling RSpec/RepeatedDescription by @robaiken in #9744
• Enabling RSpec/PendingWithoutReason by @robaiken in #9739
• Enable RSpec/EmptyExampleGroup by @robaiken in #9731
• Enabling RSpec/HookArgument by @robaiken in #9742
• test-improvement-6017: Rspec/ContextWording task grouped by ecosystem. by @thavaahariharangit in #9758
• restrict C# nuget unit tests to local package feeds by @brettfo in #9694
• TICtxtWrd-Cargo: Test Improvement, Context Wording, ecosystem cargo. by @thavaahariharangit in #9768
• Pin remaining GitHub actions to SHA hash by @JamieMagee in #9761
• Fixes Alias parsing was not enabled issue while loading Psych Lib in safe_load by @sachin-sandhu in #9759
• True type Dependabot::NpmAndYarn::UpdateChecker::VersionResolver by @JamieMagee in #9754
• Cargo implementation must support Cargo sparse index file format by @honeyankit in #9783
• adding documentation to the silent ecosystem by @jakecoffman in #9794
• Enable All RSpec empty line cops by @robaiken in #9791
• Harry/text improvement, context wording, for ecosystem bundler, review comments of #9758 addressed here. by @thavaahariharangit in #9782
• Added support for .tool-versions file in Gemfile for Ruby projects by @kpumuk in #9070
• improve NuGet discovery by expanding *.proj and *.sln files by @brettfo in #9785
• Monkey patch on Bundler::materialize_for_installation for resolve Bundler::LazySpecification issue by @sachin-sandhu in #9807
• Update NuGet.Client from 6.9.1.3 to 6.10.0.100 by @JamieMagee in #9801
• fix nuget ignored package version handling by @brettfo in #9824
• update to 8.0.300 SDK by @brettfo in #9826
• Strict type Dependabot::NpmAndYarn::FileUpdater::PackageJsonUpdater by @JamieMagee in #9800
• True type remainder of npm_and_yarn by @JamieMagee in #9827
• Fix calloc-transposed-args with prism by @JamieMagee in #9810
• Limit top-level permissions for labeler workflow by @JamieMagee in #9787
• fix(cargo): handle version range using Less Than Equal by @caspermeijn in #9828
• TICtxtWrd-pub: Test Improvements, Context Wording, Ecosystem pub. by @thavaahariharangit in #9840
• TICtxtWrd-elm: Test Improvements, Context Wording, ecosystem elm by @thavaahariharangit in #9846
• TICtxtWrd-updater: TestImprovements, Context Wording, ecosystem updater by @thavaahariharangit in #9844
• TICtxtWrd-tf:Test Improvements, Context Wording, ecosystem terraform. by @thavaahariharangit in #9843
• TICtxtWrd-python:Test Improvements, Context Wording, Ecosystem python. by @thavaahariharangit in #9842
• Enable RSpec/NamedSubject by @robaiken in #9748
• TICtxtWrd-gs: Test Improvements, Context Wording, ecosystem git submodules. by @thavaahariharangit in #9849
• Enable RSpec/LeadingSubject by @robaiken in #9819
• Replace cargo registry keyword from the credentials to use new keyword registry by @honeyankit in #9853
• Enforce true sigil in npm_and_yarn ecosystem by @JamieMagee in #9847
• TICtxtWrd-cmn: Test Improvements, Context Wording, ecosystem common. by @thavaahariharangit in #9856
• v0.259.0 by @dependabot-core-action-automation in #9809

New Contributors

• @sachin-sandhu made their first contribution in #9759
• @kpumuk made their first contribution in #9070
• @caspermeijn made their first contribution in #9828

Full Changelog: v0.258.0...v0.259.0

v0.258.0

What's Changed

• Reenable RSpec/ExpectChange by @robaiken in #9716
• Reenable RSpec/MultipleSubjects by @robaiken in #9715
• Reenable RSpec/BeEmpty by @robaiken in #9714
• Update README.md by @jonjanego in #9734
• Enable RSpec/DescribeClass by @robaiken in #9730
• Enable RSpec/ExpectInHook by @robaiken in #9732
• Stop hiding exception raised by composer by @robaiken in #9657
• Bump semver from 7.6.0 to 7.6.2 in /npm_and_yarn/helpers in the npm-dependencies group by @dependabot in #9706
• #6017: Address RSpec/ContextWording Rubocop violations. by @thavaahariharangit in #9727
• Enabling RSpec/BeNil by @robaiken in #9736
• Enabling RSpec/SubjectDeclaration by @robaiken in #9737
• Enabling RSpec/ImplicitExpect by @robaiken in #9741
• Enable RSpec/ContainExactly by @robaiken in #9729
• Enabling RSpec/Focus by @robaiken in #9740
• v0.258.0 by @dependabot-core-action-automation in #9746

New Contributors

• @robaiken made their first contribution in #9716

Full Changelog: v0.257.0...v0.258.0

v0.257.0

What's Changed

• Bump @pnpm/lockfile-file from 9.0.3 to 9.0.5 in /npm_and_yarn/helpers in the pnpm-dependencies group by @dependabot in #9707
• Bump ossf/scorecard-action from 2.3.1 to 2.3.3 in the all-actions group by @dependabot in #9700
• Generate TODO file for rubocop rspec rules by @jurre in #9709
• #6016: Address RSpec/ContextMethod Rubocop violations by @thavaahariharangit in #9713
• Change dependabot-core license to MIT by @abdulapopoola in #9717
• Fixed linting error by @tiagodenoronha in #9724
• v0.257.0 by @dependabot-core-action-automation in #9723

New Contributors

• @tiagodenoronha made their first contribution in #9724

Full Changelog: v0.256.0...v0.257.0