Skip to content

Releases: tinglesoftware/dependabot-azure-devops

0.19.0

20 Jul 08:11
@github-actions github-actions
0.19.0
5a21fcc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.19.0

What's Changed

  • #710: Use the minimum billable vCPU and GB for Container Instances
  • #683: add option to use the non-default service connection
  • #711: When dependency-type is not set for allow conditions, allow all types.

New Contributors

Full Changelog: 0.18.2...0.19.0

Contributors

madmuffin1
Loading

0.18.2

10 Jul 06:26
@github-actions github-actions
0.18.2
407a96f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.18.2

What's Changed

  • Dependencies updated

Full Changelog: 0.18.1...0.18.2

Loading

0.18.1

10 Jul 06:25
@github-actions github-actions
0.18.1
60f7542
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.18.1

What's Changed

  • Dependencies updated

Full Changelog: 0.18.0...0.18.1

Loading

0.18.0

22 May 12:21
@github-actions github-actions
0.18.0
a44dff5
Compare
Choose a tag to compare
0.18.0

What's Changed

  • #601, #604, #606, #623, #627, #632: Bump dependabot-omnibus from e027185 to eb13f32
  • #617: Add missing orderby before limiting fetched jobs
  • #618, #619, #621: Allow providing own ContainerApp Environment, LogAnalytics Workspace, ServiceBus namespace, and storage account
  • #620: Fix role assignments
  • #629: Added liveness and readiness probes to server

Full Changelog: 0.17.1...0.18.0

Loading

0.17.1

18 Apr 07:38
@github-actions github-actions
0.17.1
5676499
Compare
Choose a tag to compare
0.17.1

PR number/ID should be included in the mergeCommitMessage

Full Changelog: 0.17.0...0.17.1

Loading

0.17.0

18 Apr 07:38
@github-actions github-actions
0.17.0
5a7195f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.17.0

What's Changed

  • #555: Pass mergeCommitMessage when setting auto completion
  • #560: Added support for EventBus via AzureStorage and InMemory in the server.
  • #541: Remove overrides for allow in the extension
  • #566: Use in built update_ref method to delete branches.
  • #561: Make DEPENDABOT_FAIL_ON_EXCEPTION configurable on the server.
  • #572: Added missing white space in README.md by @NenoLoje
  • #578: Explaining how to use targetRepositoryName for multiple repositories by @SchulteMarkus
  • Use inbuilt azure_client.autocomplete_pull_request
  • Print out file diffs when skipping PR creation
  • Added docs for server component
  • Double waiting time for incomplete/stale job tracking

New Contributors

Full Changelog: 0.16.0...0.17.0

Contributors

SchulteMarkus and NenoLoje
Loading

0.16.0

27 Feb 11:51
@github-actions github-actions
0.16.0
a8f504b
Compare
Choose a tag to compare
0.16.0

NEW

  • #527: New server component to run outside Azure DevOps Pipelines.

FIXES

  • #540: Remove use of blank method in filtering

Other

  • Bump dependabot-* from 0672e3b to f8c48ef

Full Changelog: 0.15.0...0.16.0

Loading

0.15.0

24 Feb 10:00
@github-actions github-actions
0.15.0
0552a95
Compare
Choose a tag to compare
0.15.0

BREAKING:

  • #522, #524: Migrate from Docker Hub to GitHub Container Registry.
  • #488: Security only updates fail when there are no credentials for GitHub.

FIXES:

  • #483: Update examples and clarify which Github token should be used.
  • #506, #526: Support all known types of registries correctly, when transforming them to extra credentials.
  • #489: Switch fetching of vulnerabilities to use Octokit instead of the graphql-client dependency.
  • #491: Also check for the path in the pull request title when deciding if to abandon.

Other

New Contributors

Full Changelog: 0.14.1...0.15.0

Contributors

skibish and HumanPrinter
Loading

0.14.1

24 Jan 06:12
@github-actions github-actions
0.14.1
b0eaf7f
Compare
Choose a tag to compare
0.14.1

Fixes

  • #482: Closing pull requests should be false by default in the task.

What's Changed

New Contributors

Full Changelog: 0.14.0...0.14.1

Contributors

WhiteOlivierus
Loading

0.14.0

17 Jan 08:09
@github-actions github-actions
0.14.0
efc465e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.14.0

Happy new year to you who readeth thy release notes

BREAKING

  • #462: Explicit inputs are no longer supported.
  • #463: Specifying DEPENDABOT_EXTRA_CREDENTIALS in the pipeline is no longer supported. Instead use the registries node in the .github/dependabot.yml configuration file.
  • #464: Specifying DEPENDABOT_IGNORE_CONDITIONS in the pipeline is no longer supported. Instead use the ignore node in the .github/dependabot.yml configuration file.
  • #465: Specifying DEPENDABOT_ALLOW_CONDITIONS in the pipeline will emit a warning. Instead use the allow node in the .github/dependabot.yml configuration file.

NEW

  • #467: Added support for vendor option which results in cloding of repository contents. Cloning is now also done for npm and terraform updates.

Fixes

  • #470: Filter out nil/blank and empty values in security advisories
  • #471: Use version class for package manager to check satisfaction when closing PRs.

Full Changelog: 0.13.2...0.14.0

Loading