Use https://github.com/dependabot/dependabot-core/pull/1848 dry run to identify outdated dependencies in Cake scripts:
/:
[dependabot-core-dev] ~/dependabot-core $ bin/dry-run.rb --dir / cake cake-build/cake
warning: parser/current is loading parser/ruby26, which recognizes
warning: 2.6.6-compliant syntax, but you are running 2.6.5.
warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
=> fetching dependency files
=> dumping fetched dependency files: ./dry-run/cake-build/cake/
=> parsing dependency files
=> updating 11 dependencies
=== Cake.DotNetTool.Module (0.4.0)
=> checking for updates
=> latest version from registry is 0.4.0
=> latest resolvable version is 0.4.0
(no update needed)
=== Cake.Coveralls (0.10.1)
=> checking for updates
=> latest version from registry is 0.10.2
=> latest resolvable version is 0.10.2
=> requirements to unlock: own
=> requirements update strategy:
=> updating Cake.Coveralls from 0.10.1 to 0.10.2
卤 build.cake
~~~
5c5
< #addin "nuget:https://api.nuget.org/v3/index.json?package=Cake.Coveralls&version=0.10.1"
---
> #addin "nuget:https://api.nuget.org/v3/index.json?package=Cake.Coveralls&version=0.10.2"
~~~
=== Cake.Twitter (0.10.1)
=> checking for updates
=> latest version from registry is 0.10.1
=> latest resolvable version is 0.10.1
(no update needed)
=== Cake.Gitter (0.11.1)
=> checking for updates
=> latest version from registry is 0.11.1
=> latest resolvable version is 0.11.1
(no update needed)
=== coveralls.io (1.4.2)
=> checking for updates
=> latest version from registry is 1.4.2
=> latest resolvable version is 1.4.2
(no update needed)
=== OpenCover (4.7.922)
=> checking for updates
=> latest version from registry is 4.7.922
=> latest resolvable version is 4.7.922
(no update needed)
=== ReportGenerator (4.5.8)
=> checking for updates
=> latest version from registry is 4.7.1
=> latest resolvable version is 4.7.1
=> requirements to unlock: own
=> requirements update strategy:
=> updating ReportGenerator from 4.5.8 to 4.7.1
卤 build.cake
~~~
12c12
< #tool "nuget:https://api.nuget.org/v3/index.json?package=ReportGenerator&version=4.5.8"
---
> #tool "nuget:https://api.nuget.org/v3/index.json?package=ReportGenerator&version=4.7.1"
~~~
=== nuget.commandline (5.5.1)
=> checking for updates
=> latest version from registry is 5.7.0
=> latest resolvable version is 5.7.0
=> requirements to unlock: own
=> requirements update strategy:
=> updating nuget.commandline from 5.5.1 to 5.7.0
卤 build.cake
~~~
13c13
< #tool "nuget:https://api.nuget.org/v3/index.json?package=nuget.commandline&version=5.5.1"
---
> #tool "nuget:https://api.nuget.org/v3/index.json?package=nuget.commandline&version=5.7.0"
~~~
=== GitVersion.Tool (5.1.2)
=> checking for updates
=> latest version from registry is 5.5.0
=> latest resolvable version is 5.5.0
=> requirements to unlock: own
=> requirements update strategy:
=> updating GitVersion.Tool from 5.1.2 to 5.5.0
卤 build.cake
~~~
16c16
< #tool "dotnet:https://api.nuget.org/v3/index.json?package=GitVersion.Tool&version=5.1.2"
---
> #tool "dotnet:https://api.nuget.org/v3/index.json?package=GitVersion.Tool&version=5.5.0"
~~~
=== SignClient (1.2.109)
=> checking for updates
=> latest version from registry is 1.2.109
=> latest resolvable version is 1.2.109
(no update needed)
=== GitReleaseManager.Tool (0.11.0)
=> checking for updates
=> latest version from registry is 0.11.0
=> latest resolvable version is 0.11.0
(no update needed)
/tests/integration:
[dependabot-core-dev] ~/dependabot-core $ bin/dry-run.rb --dir /tests/integration cake cake-build/cake
warning: parser/current is loading parser/ruby26, which recognizes
warning: 2.6.6-compliant syntax, but you are running 2.6.5.
warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
=> fetching dependency files
=> dumping fetched dependency files: ./dry-run/cake-build/cake/tests/integration
=> parsing dependency files
=> updating 3 dependencies
=== xunit.assert (2.4.1)
=> checking for updates
=> latest version from registry is 2.4.1
=> latest resolvable version is 2.4.1
(no update needed)
=== nuget.commandline (5.5.1)
=> checking for updates
=> latest version from registry is 5.7.0
=> latest resolvable version is 5.7.0
=> requirements to unlock: own
=> requirements update strategy:
=> updating nuget.commandline from 5.5.1 to 5.7.0
卤 Cake.Common/Tools/NuGet/NuGetAliases.cake
~~~
1c1
< #tool "nuget:https://api.nuget.org/v3/index.json?package=nuget.commandline&version=5.5.1"
---
> #tool "nuget:https://api.nuget.org/v3/index.json?package=nuget.commandline&version=5.7.0"
~~~
=== Cake.Kudu.Client (0.9.0)
=> checking for updates
=> latest version from registry is 0.9.0
=> latest resolvable version is 0.9.0
(no update needed)
Semi related to this...
@gitfool have you seen what @nils-a has been playing with? 馃槃
https://github.com/nils-org/dependabot-cake-action
You can see it in action here:
@gep13 Nice! I missed that. Sounds like what we use for our private GitLab repo. 馃槃
@gitfool could you do a not dry run too and create a PR? 馃槈
@devlead about to push the manual PR... and can retire after that it seems. 馃榿
Well, "official" dependabot support would be awesome though.
@gitfool @devlead using "my" version (really, it's also using the code from the dependabot PR - I simply slapped a docker container around it) it would have looked like this: https://github.com/nils-a/cake/pulls :-)
@nils-a yeah, on GitLab we schedule a modified dependabot/dependabot-script in a Docker container.
:tada: This issue has been resolved in version v1.0.0 :tada:
The release is available on:
Your GitReleaseManager bot :package::rocket: