Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge dependabot to helpshift main #1

Open
wants to merge 6,045 commits into
base: main
Choose a base branch
from
Open

Merge dependabot to helpshift main #1

wants to merge 6,045 commits into from

Conversation

shivamhelp
Copy link
Collaborator

No description provided.

deivid-rodriguez and others added 30 commits February 22, 2024 08:37
@deivid-rodriguez
Bump to Bundler 2.5.5 (#8859)
4a81d6a
@brettfo @JamieMagee @abdulapopoola
nuget updater command is already space-enabled; allow unsafe executio…
1deb6a7 
…n (#9092)

* nuget updater command is already space-enabled; allow unsafe execution

* make sorbet happy

* strongly type credentials

Co-authored-by: Jamie Magee <jamagee@microsoft.com>

* use sorbet support for tuples

---------

Co-authored-by: Jamie Magee <jamagee@microsoft.com>
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::Clients::BitbucketWithRetries (#9087)
fb8697c 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@Nishnha
run the prepare tag step on pull_request_review (#9107)
716baa8
@dependabot-core-action-automation @github-actions
v0.245.0 (#9094)
c2eee76 
Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@bdragon
Avoid passing nil url to registry client
1be91e2
@bdragon
Merge branch 'main' into bdragon/iss-9110
76cc2c4
@bdragon
Merge pull request #9111 from dependabot/bdragon/iss-9110
f72194a 
Avoid passing nil url to registry client
@jakecoffman
make DependencySnapshot aware of multiple directories (#8963)
88be06e
@Nishnha
Set the dependabot_updater_version docker env from the build arg (#9116)
690b555 
* Pass in dependabot_updater_version as env

Fixes dependabot/dependabot-core#8885 (comment) where our sentry releases are still reporting the default value of "development" instead of the build SHA.

We were passing in the DEPENDABOT_UPDATER_VERSION env as a build arg but referencing it as an ENV in docker. Let's update these to match https://docs.docker.com/reference/cli/docker/container/run/#env

* Pass the build arg to a docker env
@JoeRobich @abdulapopoola @Nishnha
Update referenced projects during a run of NuGetUpdater. (#9097)
4229759 
* Update referenced projects during a run of NuGetUpdater.

* Fix failing test by loading Projects into separate ProjectCollections

* Move remaining SdkPackageUpdater tests in to UpdateWorkerTests.Sdk.

---------

Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
Co-authored-by: Nish Sinha <nishnha@github.com>
@JamieMagee
Strict type Dependabot::Clients::Bitbucket (#9113)
c2eb9f7
@JamieMagee @abdulapopoola
Strict type Dependabot::Clients::CodeCommit (#9121)
efde250 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::Clients::GitHubWithRetries (#9122)
c2788b7 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::Clients::GitLabWithRetries (#9129)
10cf389 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@pavera @abdulapopoola
Fetch the cargo config file so we fetch registry definitions (#9109)
3e975c5 
* fetch the cargo config file so we fetch registry definitions

* stub the .cargo dir call

* fix the .cargo dir stub to return 404 mostly

---------

Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::PullRequestCreator::MessageBuilder (#9130)
f19696b 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@brettfo @abdulapopoola
add more http redirects (#9135)
2adcebb 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@brettfo @abdulapopoola
find .nupkg URL without PackageBaseAddress (#9117)
6a32b25 
* find .nupkg URL without PackageBaseAddress

* return early if URLs could not be found

* make lint happy

---------

Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::PullRequestUpdater::Gitlab (#9132)
71580c0 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@jakecoffman
output job.json at the start of a run (#9133)
64a241e
@JamieMagee @abdulapopoola
Strict type Dependabot::PullRequestCreator::Azure (#9131)
6ddd1cb 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::PullRequestCreator::CodeCommit (#9141)
6135d59 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::PullRequestCreator::Bitbucket (#9140)
8f91adb 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Require typed: true for composer (#9139)
166a33d 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Strict type Dependabot::Elm::Requirement (#9138)
09a1c80 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @bdragon
Strict type Dependabot::UpdateCheckers::Base (#8947)
7b27803 
Co-authored-by: Bryan Dragon <25506+bdragon@users.noreply.github.com>
@JamieMagee @abdulapopoola
Enable Sorbet/TrueSigil rule in github_actions (#9137)
2a3a059 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@brettfo @abdulapopoola
make test properly fail on malformed path (#9104)
ff711f9 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@brettfo
don't fail completely if package version cannot be parsed (#9153)
3e1e925
jakecoffman and others added 30 commits March 27, 2024 13:43
@jakecoffman
test for exclude patterns (#9377)
e05bd19
@bdragon @abdulapopoola
sorbet: package_version may be nil (#9365)
db2cd23 
Updates type signature to accommodate the possibility
of a nil package_version.

Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@brettfo @abdulapopoola
don't allow global.json from repo to affect MSBuild discovery (#9374)
32aa57a 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@JamieMagee @abdulapopoola
Add require 'sorbet-runtime' where missing (#9379)
3a27e09 
Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
@brettfo
honor packageSourceMapping from NuGet.Config (#9381)
9f67b86
@jurre
Avoid including group in PR titles twice
d37c8f7
@jurre
Merge pull request #9384 from dependabot/jurre/fix-group-name-in-pr-t…
64b114a 
…itle

Avoid including `group` in PR titles twice
@github-actions @landongrindheim
v0.249.0
553f7c7 
Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.249.0
@landongrindheim
Merge pull request #9382 from dependabot/bump-to-v0.249.0
4157975 
v0.249.0
@ryanbrandenburg @abdulapopoola @JamieMagee
Update npm sorbet types (#9343)
f95f1da 
* Update npm sorbet types

* Layout lint

* Lint and tests

* Fix breaks

* Integer

* Types

* Unsafe method

* Test cleanup

* Nilable

* Fix nil

* Fix types

* Version handling

* Version string

* Versions

* converted_version

* Cleanup puts

* Feedback

* TypeError instead of messing it up

* TypeError instead of messing it up

---------

Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
Co-authored-by: Jamie Magee <jamagee@microsoft.com>
@brettfo
don't fail loading build files that don't exist (#9385)
fe6b41e 
When loading projects, we use the flag `IgnoreMissingImports` but if a project referencing the Aspire workload is loaded when that workload is not installed will fail because an attempt is made to load a generated project that isn't on disk.  The fix is to simply ensure all files exist.
@jakecoffman
remove unused boolean from input (#9401)
866b76f
@jakecoffman
fix really long branch names (#9410)
736d9bb
@dependabot-core-action-automation @github-actions
v0.250.0 (#9412)
ffd44ca 
Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.250.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@landongrindheim
Handle requests for review from dependabot
b702af6 
This isn't allowed by the GitHub API, so we should handle it inline.
@landongrindheim
Merge pull request #9398 from dependabot/handle-requesting-reviews-fr…
30b8dd0 
…om-dependabot

Handle requests for review from dependabot
@brettfo
only report dependencies whose version numbers can be resolved (#9387)
1fc9a86
@bdragon
Prevent comparison of Integer with String
1d7be41
@honeyankit
Table doesn't properly end for multi-directory GSU (#9364)
428caf1 
* refactored code to create table in pr message

* fixing the new line spaces

* fixed all the failed test cases

* the fix is adding single newline so reverting all my previous refactored code

* added test

* moved the test cases to pr_message section

* updated the test name

* added test for two tables

* added pr message test for table coming first
@jakecoffman
allow flamegraph gathering (#9423)
ffc8546
@jakecoffman
remove redundant parsing of original files (#9424)
4784dc0
@bdragon
Add a test
7cc526c
@bdragon
Merge branch 'main' into bdragon/fix-argument-err
9c9f673
@bdragon
Merge pull request #9367 from dependabot/bdragon/fix-argument-err
432c793 
Prevent comparison of Integer with String in group update creation
@bdragon
sorbet: ensure non-nil value before calling T.must
d2e6b5d
@bdragon
Merge pull request #9428 from dependabot/bdragon/iss-9325
36e67c6 
Check for nil `Dependency#previous_requirements` before passing to `T.must`
@jakecoffman
fix multi-version ecosystem security vulnerability failure (#9434)
1425ec2
@pavera
If only 1 dep in group is updated, use solo title (#9416)
d53fce0 
* If only 1 dep in group is updated, use solo title

* Fixing tests to account for new single update behavior

* copy/pasted the wrong second dependency, with the same name

* possibly updated the wrong test previously?

* Update the correct test with the single update message

* implementing the PR feedback to indicate a group in the title
@Nishnha
Better support around bundler changelogs (#9429)
005dd73 
* Support bundler changelogs that use a version in their changelog url

* Add tests for when the changelog source points to a file or directory

* Assign and return in one line
@shivamhelp
Merge remote-tracking branch
31ef475 
'https://github.com/dependabot/dependabot-core.git/main'

* sb01/main: (4356 commits)
  Better support around bundler changelogs (#9429)
  If only 1 dep in group is updated, use solo title (#9416)
  fix multi-version ecosystem security vulnerability failure (#9434)
  sorbet: ensure non-nil value before calling T.must
  Add a test
  remove redundant parsing of original files (#9424)
  allow flamegraph gathering (#9423)
  Table doesn't properly end for multi-directory GSU (#9364)
  Prevent comparison of Integer with String
  only report dependencies whose version numbers can be resolved (#9387)
  Handle requests for review from dependabot
  v0.250.0 (#9412)
  fix really long branch names (#9410)
  remove unused boolean from input (#9401)
  don't fail loading build files that don't exist (#9385)
  Update npm sorbet types (#9343)
  v0.249.0
  Avoid including `group` in PR titles twice
  honor `packageSourceMapping` from `NuGet.Config` (#9381)
  Add `require 'sorbet-runtime'` where missing (#9379)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone