Merge dependabot to helpshift main #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…n (#9092) * nuget updater command is already space-enabled; allow unsafe execution * make sorbet happy * strongly type credentials Co-authored-by: Jamie Magee <[email protected]> * use sorbet support for tuples --------- Co-authored-by: Jamie Magee <[email protected]> Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Avoid passing nil url to registry client
* Pass in dependabot_updater_version as env Fixes dependabot/dependabot-core#8885 (comment) where our sentry releases are still reporting the default value of "development" instead of the build SHA. We were passing in the DEPENDABOT_UPDATER_VERSION env as a build arg but referencing it as an ENV in docker. Let's update these to match https://docs.docker.com/reference/cli/docker/container/run/#env * Pass the build arg to a docker env
* Update referenced projects during a run of NuGetUpdater. * Fix failing test by loading Projects into separate ProjectCollections * Move remaining SdkPackageUpdater tests in to UpdateWorkerTests.Sdk. --------- Co-authored-by: AbdulFattaah Popoola <[email protected]> Co-authored-by: Nish Sinha <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
* fetch the cargo config file so we fetch registry definitions * stub the .cargo dir call * fix the .cargo dir stub to return 404 mostly --------- Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
* find .nupkg URL without PackageBaseAddress * return early if URLs could not be found * make lint happy --------- Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: Bryan Dragon <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Updates type signature to accommodate the possibility of a nil package_version. Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
Co-authored-by: AbdulFattaah Popoola <[email protected]>
…itle Avoid including `group` in PR titles twice
* Update npm sorbet types * Layout lint * Lint and tests * Fix breaks * Integer * Types * Unsafe method * Test cleanup * Nilable * Fix nil * Fix types * Version handling * Version string * Versions * converted_version * Cleanup puts * Feedback * TypeError instead of messing it up * TypeError instead of messing it up --------- Co-authored-by: AbdulFattaah Popoola <[email protected]> Co-authored-by: Jamie Magee <[email protected]>
When loading projects, we use the flag `IgnoreMissingImports` but if a project referencing the Aspire workload is loaded when that workload is not installed will fail because an attempt is made to load a generated project that isn't on disk. The fix is to simply ensure all files exist.
Release notes: https://github.com/dependabot/dependabot-core/releases/tag/v0.250.0 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This isn't allowed by the GitHub API, so we should handle it inline.
…om-dependabot Handle requests for review from dependabot
* refactored code to create table in pr message * fixing the new line spaces * fixed all the failed test cases * the fix is adding single newline so reverting all my previous refactored code * added test * moved the test cases to pr_message section * updated the test name * added test for two tables * added pr message test for table coming first
Prevent comparison of Integer with String in group update creation
Check for nil `Dependency#previous_requirements` before passing to `T.must`
* If only 1 dep in group is updated, use solo title * Fixing tests to account for new single update behavior * copy/pasted the wrong second dependency, with the same name * possibly updated the wrong test previously? * Update the correct test with the single update message * implementing the PR feedback to indicate a group in the title
* Support bundler changelogs that use a version in their changelog url * Add tests for when the changelog source points to a file or directory * Assign and return in one line
'https://github.com/dependabot/dependabot-core.git/main' * sb01/main: (4356 commits) Better support around bundler changelogs (#9429) If only 1 dep in group is updated, use solo title (#9416) fix multi-version ecosystem security vulnerability failure (#9434) sorbet: ensure non-nil value before calling T.must Add a test remove redundant parsing of original files (#9424) allow flamegraph gathering (#9423) Table doesn't properly end for multi-directory GSU (#9364) Prevent comparison of Integer with String only report dependencies whose version numbers can be resolved (#9387) Handle requests for review from dependabot v0.250.0 (#9412) fix really long branch names (#9410) remove unused boolean from input (#9401) don't fail loading build files that don't exist (#9385) Update npm sorbet types (#9343) v0.249.0 Avoid including `group` in PR titles twice honor `packageSourceMapping` from `NuGet.Config` (#9381) Add `require 'sorbet-runtime'` where missing (#9379) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.