Skip to content

dep: bump dependabot-omnibus from 0.132.0 to 0.133.1

George Koltsov requested to merge dependabot-bundler-dependabot-omnibus-0.133.1 into master

Bumps dependabot-omnibus from 0.132.0 to 0.133.1.

Changelog

Sourced from dependabot-omnibus's changelog.

v0.133.1, 10 February 2021

  • npm: fix npm 7 workspace bug when updating nested packages
  • npm: correctly parse npm 7 version from package dependencies
  • npm: Refactor NpmLockfileUpdater
  • Update npm from 7.5.2 to 7.5.3
  • Bump @npmcli/arborist from 2.2.0 to 2.2.1 in /npm_and_yarn/helpers
  • Bump phpstan/phpstan from 0.12.71 to 0.12.74 in /composer/helpers/v2
  • Bump phpstan/phpstan from 0.12.71 to 0.12.74 in /composer/helpers/v1

v0.133.0, 9 February 2021

  • Bundler: Raise UnexpectedExternalCode if reject_external_code: true and the update involves external code
Commits
  • 65f1ece Merge pull request #3116 from dependabot/v0.133.1-release-notes
  • 6e3947a v0.133.1
  • e000b0f Merge pull request #3106 from dependabot/feelepxyz/fix-npm-workspace-bug
  • 664bdf7 Merge pull request #3111 from dependabot/jurre/fix-npm-workspace-lockfile-par...
  • 4121d21 Add updated lockfile fixture for workspace dev spec
  • b51a955 Rename var
  • b8c0232 Merge origin/main
  • fe2411b Merge pull request #3112 from dependabot/feelepxyz/refactor-npm-lockfile-updater
  • 448fbce Refactor NpmLockfileUpdater
  • b57704d npm: fix npm workspace bug
  • Additional commits viewable in compare view

Merge request reports