Releases: tinglesoftware/dependabot-azure-devops
Releases · tinglesoftware/dependabot-azure-devops
0.5.0
Breaking:
DEPENDABOT_ALLOW
variable renamed toDEPENDABOT_ALLOW_CONDITIONS
andDEPENDABOT_IGNORE
variable renamed toDEPENDABOT_IGNORE_CONDITIONS
. Both of these now use the default property naming forignore
andallow
nodes as per the configuration file.AZURE_WORK_ITEM_ID
variable renamed toDEPENDABOT_MILESTONE
andworkItemId
task input has been renamed tomilestone
, #130
New:
- Support for
milestone
property in dependabot.yml file, #130 - Support for specifying the raw GitHub token via
gitHubToken
input as an alternative to the service connection provided viagitHubConnection
input, #132 - Support for
update-types
used byignore
by letting the upstream dependabot implementation handle the logic, #127 .
Fixed:
ignore
andallow
are now passed from the task extension to the docker execution, #131- Finding PR to close now supports checks for pre-release versions, #127
- Strategy for
composer
is automatically corrected, 284be97 - Ensure docker arguments are fresh for each update processed, f741bb1
Dependencies
- Update dependabot-core 0.145.3 to 0.149.3 (docker)
- Update dependabot-omnibus 0.143.6 to 0.149.3 (ruby)
0.4.1
New:
- Support for OnPrem (#115 , thanks to @vmcbaptista )
- Replaced
DEPENDABOT_DOCKER_IMAGE_TAG
env variable withdockerImageTag
input (#111)
0.4.0
0.3.1
Nothing new only bug fixes:
- AZURE_SET_AUTO_COMPLETE must explicitly set to
"true"
for auto-complete to be set. Consequently, settingsetAutoComplete
input tofalse
will not result in auto-completing pull requests #93 and #92 - Failure to create a PR (response code is not 201) now raises/throws an error (#81 , #94). If you wish to continue, set the
DEPENDABOT_FAIL_ON_EXCEPTION
variable to"true"
or thefailOnException
input totrue
. - Fixed error that was thrown when setting auto-complete for new PRs because the
pull_request
variable was nil. (#94 )
0.3.0
New:
- Resolving merge conflicts (
Dependabot::PullRequestUpdater
) - Work Item Linking, #87
- Autocomplete pull requests, #89
- Override repository name , #82 thanks to @acgritt
- Support for excluding certain requirements to update, #90
- Support continuing if exceptions occur via the
DEPENDABOT_FAIL_ON_EXCEPTION
variable orfailOnException
input. #86
Fixes:
versions
can be null for DEPENDABOT_IGNORE, #91
Dependencies:
- Bump dependabot-omnibus from 0.140.2 to 0.142.1
- Bump dependabot-core from 0.140.2 to 0.142.1
Support for dependabot.yml
New:
- Support for
.azuredevops/dependabot.yml
file
Dependencies:
- Bump dependabot-omnibus from 0.129.5 to 0.133.2
- Bump dependabot-core from 0.129.5 to 0.133.2
0.2.0
New:
- Support multiple extra credentials
- Support for
versioning-strategy
. See docs for more information on options. - Support alternate values for
package_ecosystem
/package_manager
. Specifyingmix
,gitsubmodule
, orgomod
will now work. - Support for
allow
andignore
options - Environment variables are now scoped (prefix by
DEPENDABOT_
orAZURE_
respectively)
Removed:
- Private feed name (
feedName
orPRIVATE_FEED_NAME
) and packaging hostname (azurePackagingHostname
orAZURE_PACKAGING_HOSTNAME
) options are no longer supported (use extra credentials instead). - Packaging permission for Azure DevOps PAT is no longer required. It is still required for extra credentials that may be using Azure Artifacts.
Dependencies:
- Bump dependabot-omnibus from 0.129.1 to 0.129.3 for script and docker base image.
0.1.4
In this release there is now is support for limiting the number of open pull requests (#19 ), via OPEN_PULL_REQUESTS_LIMIT
environment variable and/or openPullRequestsLimit
input of the Azure DevOps extension task. When not provided, the default is 5
.
Others:
- To ease the debugging process, logs were added for the target branch, directory, and when a GitHub Access Token is provided. [Enhancement]
- Fixed issue where projects with spaces are not would fail (#18 )