Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DevOps extension task new updater commands and options #1216

Merged
merged 15 commits into from
Jul 18, 2024
Merged

DevOps extension task new updater commands and options #1216

merged 15 commits into from
Jul 18, 2024

Conversation

rhyskoedijk
Copy link

@rhyskoedijk rhyskoedijk commented Jul 16, 2024
edited
Loading

What are you trying to accomplish?

Allow the changes in 1186 to be used from the DevOps extension.

Changes

  • Bump task version from 1.5 to 1.6
  • Reorganised the task option groups and renamed a few options for better consistency (see screenshots below)
  • Added new task input for toggling between "update_script" and "update_script_vnext" commands
  • groups config is parsed from dependabot.yml and set to DEPENDABOT_DEPENDENCY_GROUPS environment var
  • directories config is parsed from dependabot.yml and set to DEPENDABOT_DIRECTORIES environment var
  • System.Debug pipeline variable is forwarded to DEPENDABOT_DEBUG environment var

Screenshots

image

Security advisories and vulnerabilities group

image

Pull request options group

image

Azure DevOps authentication group

image

GitHub authentication group

image

Advanced group

image

@rhyskoedijk rhyskoedijk marked this pull request as ready for review July 17, 2024 02:28
rhyskoedijk
rhyskoedijk commented Jul 17, 2024
View reviewed changes
extension/task/task.json Outdated
"Major": 1,
"Minor": 5,
"Major": 2,
"Minor": 0,
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mburumaxwell
I'm not sure what the implications for this are, but I figured it was probably best to separate the tasks by a major version since the options are quiet different.

My understanding is that users should be able to switch between v1 and v2 if for whatever reason v2 causes problems.

Let me know if you have any concerns about this or if you want me to dig in to it some more

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using a different major version means we need to keep both in the task otherwise it fail for everyone. Keeping both means extension/taskv1 and extension/taskv2 with duplicate steps. This is what Microsoft does in their official tasks. My recommendation is to keep the current one and make modifications there.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, makes sense. I have changed this to a minor version bump instead of a major.

@rhyskoedijk rhyskoedijk mentioned this pull request Jul 17, 2024
Closed
@rhyskoedijk rhyskoedijk mentioned this pull request Jul 18, 2024
Merged
mburumaxwell
mburumaxwell requested changes Jul 18, 2024
View reviewed changes
Copy link
Contributor

@mburumaxwell mburumaxwell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this awesome contribution and sponsorship. I would, however, like to keep the extension as simple as possible with little tunable knobs. It will be okay to change things in the future. The fewer tunable knobs we have the fewer issues will be opened/raised.
Though we are starting with updater_vnext being optional, it will be the default soon enough because it simplifies the work and aligns much better with the hosted version.

extension/task/task.json Outdated
"Major": 1,
"Minor": 5,
"Major": 2,
"Minor": 0,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using a different major version means we need to keep both in the task otherwise it fail for everyone. Keeping both means extension/taskv1 and extension/taskv2 with duplicate steps. This is what Microsoft does in their official tasks. My recommendation is to keep the current one and make modifications there.

extension/task/task.json Outdated
Comment on lines 324 to 332
{
"name": "debug",
"type": "boolean",
"groupName": "advanced",
"label": "Show debug log messages",
"defaultValue": "false",
"required": false,
"helpMarkDown": "Determines if verbose log messages are logged. Useful for diagnosing issues. Defaults to `false`."
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we use the inbuilt SYSTEM_DEBUG variable?
https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#systemdebug

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good idea, done.

extension/task/task.json Outdated
Comment on lines 117 to 154
{
"name": "branchNamePrefix",
"type": "string",
"groupName": "pull_requests",
"label": "Git branch name prefix",
"defaultValue": "",
"required": false,
"helpMarkDown": "The prefix used for Git branch names. Defaults to 'dependabot'.",
"visibleRule": "command!=update_script"
},
{
"name": "prMessageHeader",
"type": "multiLine",
"groupName": "pull_requests",
"label": "Pull request description header",
"required": false,
"helpMarkDown": "Additional pull request description text to shown before the dependency change info.",
"visibleRule": "command!=update_script"
},
{
"name": "prMessageFooter",
"type": "multiLine",
"groupName": "pull_requests",
"label": "Pull request description footer",
"required": false,
"helpMarkDown": "Additional pull request description text to shown after the dependency change info. This text will not be truncated, even when the dependency change info exceeds the PR maximum description length.",
"visibleRule": "command!=update_script"
},
{
"name": "prCompatibilityScoreBadge",
"type": "boolean",
"groupName": "pull_requests",
"label": "Show update compatibility score badges in pull request description",
"defaultValue": false,
"required": false,
"helpMarkDown": "Determines if compatibility score badges are shown in the pull request description for single dependency updates (but not group updates). This feature uses public information from GitHub and enabling it does not send any private information about your repository to GitHub other than the dependency name and version number(s) required to calculate to the compatibility score.",
"visibleRule": "command!=update_script"
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't believe there is any value in exposing these settings. Maybe later we can if there is a need. It is better to keep tunable knobs as few as possible.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no worries, I've removed them for now. It might be a bit difficult to use the PR message header/footer variables in extraEnvironmentVariables since it is only a single line text input, but as you say we can maybe revisit this later.

extension/task/task.json Outdated
Comment on lines 229 to 238
{
"name": "securityUpdatesOnly",
"type": "boolean",
"groupName": "security_updates",
"label": "Perform security updates only.",
"defaultValue": "false",
"required": false,
"helpMarkDown": "If `true`, only security updates will be processed. Defaults to `false`.",
"visibleRule": "command!=update_script"
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is an existing way to get this condition. Let us keep it so that we are very close to the official implementation.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, I have changed this to follow the official implementation

extension/task/utils/getSharedVariables.ts Outdated
@@ -7,6 +7,9 @@ import getDockerImageTag from "./getDockerImageTag";
import getGithubAccessToken from "./getGithubAccessToken";

export interface ISharedVariables {
/** Job ID */
jobId: string;

/** URL of the organization. This may lack the project name */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not see the value in making this configurable.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed.

extension/task/task.json
"required": false,
"helpMarkDown": "The custom command to run. This is only used when the command is set to 'Custom'.",
"visibleRule": "command=custom"
},
{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let us make this just a boolean input to choose between updater_script and updater_vnext

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@mburumaxwell mburumaxwell merged commit 617e453 into tinglesoftware:main Jul 18, 2024
21 checks passed
@rhyskoedijk rhyskoedijk deleted the feature/extension-vnext branch July 18, 2024 18:33
kzhuklinets added a commit to kirillcoso/dependabot-azure-devops that referenced this pull request Aug 13, 2024
@kzhuklinets @dependabot
@mburumaxwell @berendhaan
Updated to the latest original (#9)
283a2d3 
* Bump the event-bus group with 2 updates (tinglesoftware#1156)

Bumps the event-bus group with 2 updates: [Tingle.EventBus.Transports.Azure.ServiceBus](https://github.com/tinglesoftware/eventbus) and [Tingle.EventBus.Transports.InMemory](https://github.com/tinglesoftware/eventbus).


Updates `Tingle.EventBus.Transports.Azure.ServiceBus` from 0.21.2 to 0.22.0
- [Release notes](https://github.com/tinglesoftware/eventbus/releases)
- [Commits](tinglesoftware/eventbus@0.21.2...0.22.0)

Updates `Tingle.EventBus.Transports.InMemory` from 0.21.2 to 0.22.0
- [Release notes](https://github.com/tinglesoftware/eventbus/releases)
- [Commits](tinglesoftware/eventbus@0.21.2...0.22.0)

---
updated-dependencies:
- dependency-name: Tingle.EventBus.Transports.Azure.ServiceBus
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: event-bus
- dependency-name: Tingle.EventBus.Transports.InMemory
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: event-bus
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Change updates time from 04:00 to 02:00 to be consistent with our other repositories and hence ease management

* Bump the tingle group with 3 updates (tinglesoftware#1157)

* Import constants for requirements_update_strategy (tinglesoftware#1159)

* Bump rubocop-performance in /updater in the rubocop group (tinglesoftware#1165)

* Bump ts-jest from 29.1.4 to 29.1.5 in /extension in the jest group (tinglesoftware#1164)

* Bump YamlDotNet from 15.1.6 to 15.3.0 (tinglesoftware#1163)

* Bump the azure group with 2 updates (tinglesoftware#1162)

* Bump dependabot-omnibus from 0.260.0 to 0.261.0 in /updater (tinglesoftware#1166)

* Regenerate lock file which fixes vulnerabilities

* Set packageManager in package.json

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1172)

* Bump Azure.Identity from 1.11.4 to 1.12.0 in the azure group (tinglesoftware#1176)

* Bump turbo_tests from 2.2.3 to 2.2.4 in /updater (tinglesoftware#1168)

* Create groups for sentry and opentelemetry updates

* Bump the opentelemetry group in /updater with 4 updates (tinglesoftware#1177)

Bumps the opentelemetry group in /updater with 4 updates: [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-ruby), [opentelemetry-instrumentation-excon](https://github.com/open-telemetry/opentelemetry-ruby-contrib), [opentelemetry-instrumentation-faraday](https://github.com/open-telemetry/opentelemetry-ruby-contrib) and [opentelemetry-instrumentation-net_http](https://github.com/open-telemetry/opentelemetry-ruby-contrib).


Updates `opentelemetry-exporter-otlp` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp/v0.27.0...opentelemetry-exporter-otlp/v0.28.0)

Updates `opentelemetry-instrumentation-excon` from 0.22.2 to 0.22.3
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/excon/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-excon/v0.22.2...opentelemetry-instrumentation-excon/v0.22.3)

Updates `opentelemetry-instrumentation-faraday` from 0.24.3 to 0.24.5
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/faraday/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-faraday/v0.24.3...opentelemetry-instrumentation-faraday/v0.24.5)

Updates `opentelemetry-instrumentation-net_http` from 0.22.5 to 0.22.6
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/net_http/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-net_http/v0.22.5...opentelemetry-instrumentation-net_http/v0.22.6)

---
updated-dependencies:
- dependency-name: opentelemetry-exporter-otlp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-instrumentation-excon
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
- dependency-name: opentelemetry-instrumentation-faraday
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
- dependency-name: opentelemetry-instrumentation-net_http
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump typescript from 5.4.5 to 5.5.2 in /extension (tinglesoftware#1173)

* Bump typescript from 5.4.5 to 5.5.2 in /extension

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.4.5 to 5.5.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.4.5...v5.5.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update target ESLINT

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Maxwell Weru <mburumaxwell@gmail.com>

* Bump dependabot-omnibus from 0.261.0 to 0.262.0 in /updater (tinglesoftware#1170)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.261.0 to 0.262.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.261.0...v0.262.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Remove codeql workflows so that we can leverage the automatic setup

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1179)

* Bump the tingle group with 3 updates (tinglesoftware#1182)

* Bump Microsoft.VisualStudio.Azure.Containers.Tools.Targets (tinglesoftware#1183)

* Bump Microsoft.FeatureManagement.AspNetCore in the microsoft group (tinglesoftware#1181)

* Bump Azure.ResourceManager.AppContainers in the azure group (tinglesoftware#1180)

* Bump the sentry group in /updater with 2 updates (tinglesoftware#1184)

* Bump dependabot-omnibus from 0.262.0 to 0.263.0 in /updater (tinglesoftware#1185)

* Fix missing module name (tinglesoftware#1187)

* Reorganise code in to lib folder; seperate dependabot code from tinglesoftware code using unique module names (tinglesoftware#1188)

* Add developer guide documentation; ignore extension build artifacts (tinglesoftware#1189)

* Bump the sentry group in /updater with 2 updates (tinglesoftware#1193)

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1195)

* Bump typescript from 5.5.2 to 5.5.3 in /extension (tinglesoftware#1196)

* Bump dependabot-omnibus from 0.263.0 to 0.264.0 (tinglesoftware#1191)

* Use correct version of dependabot-updater base image when running the 'updater' workflow (tinglesoftware#1192)

* Fix module name (tinglesoftware#1199)

* Use latest dependabot updater code; Remove scripts from `updater/bin` that don't work (tinglesoftware#1197)

* Add some more debug statements, and validate data length before reading result (tinglesoftware#1200)

* Changes to `.rubocop*.yml`, `.ruby-version`, and `Rakefile` should trigger the updater workflow

* Update update-files.ps1 and related files (tinglesoftware#1202)

* Enable sorbet and update files (tinglesoftware#1203)

* Bump dependabot-omnibus from 0.264.0 to 0.265.0 in /updater (tinglesoftware#1205)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.264.0 to 0.265.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.264.0...v0.265.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* If allow condition "dependency-name" is nil, use "*"; Use wildcard matching instead of regex matching (tinglesoftware#1208)

* Bump the xunit group with 2 updates (tinglesoftware#1212)

* Bump the microsoft group with 8 updates (tinglesoftware#1211)

* Bump ts-jest from 29.1.5 to 29.2.2 in /extension in the jest group (tinglesoftware#1215)

* Bump dotnet-ef from 8.0.6 to 8.0.7 (tinglesoftware#1214)

* Fix allow condition logic (tinglesoftware#1209)

* Add missing early return statement

* Bump YamlDotNet from 15.3.0 to 16.0.0 (tinglesoftware#1213)

Bumps YamlDotNet from 15.3.0 to 16.0.0.

---
updated-dependencies:
- dependency-name: YamlDotNet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* New "vNext" update script using dependabot-core updater; aligns update behaviour more closely with the GitHub Dependabot service (tinglesoftware#1186)

* DevOps extension task new updater commands and options (tinglesoftware#1216)

* Bump dependabot-omnibus from 0.265.0 to 0.266.0 in /updater (tinglesoftware#1218)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.265.0 to 0.266.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.265.0...v0.266.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix error when attempting to update a pre-1.30 pull request using the new vNext script (tinglesoftware#1219)

* Fix PRs being incorrectly abandoned when using multiple package ecosystems (tinglesoftware#1221)

* Bump the tingle group with 3 updates (tinglesoftware#1229)

* Bump Azure.Messaging.ServiceBus from 7.17.5 to 7.18.0 in the azure group (tinglesoftware#1226)

* Bump the event-bus group with 2 updates (tinglesoftware#1227)

* Bump ts-jest from 29.2.2 to 29.2.3 in /extension in the jest group (tinglesoftware#1224)

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1225)

* Update groups

* Log updated file diffs when 'skip pull requests' and 'debug' options are true (tinglesoftware#1230)

* Fix for group PRs being closed on refresh when nothing has changed (tinglesoftware#1222)

* Bump Microsoft.FeatureManagement.AspNetCore (tinglesoftware#1231)

* Fix logging error when creating new PR and the open PR limit has been reached (tinglesoftware#1223)

* Automatically install the Azure Artifacts Credential Provider if DevOps NuGet feeds are configured (tinglesoftware#1233)

* Bump the sentry group in /updater with 2 updates (tinglesoftware#1235)

Bumps the sentry group in /updater with 2 updates: [sentry-opentelemetry](https://github.com/getsentry/sentry-ruby) and [sentry-ruby](https://github.com/getsentry/sentry-ruby).


Updates `sentry-opentelemetry` from 5.18.1 to 5.18.2
- [Release notes](https://github.com/getsentry/sentry-ruby/releases)
- [Changelog](https://github.com/getsentry/sentry-ruby/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-ruby@5.18.1...5.18.2)

Updates `sentry-ruby` from 5.18.1 to 5.18.2
- [Release notes](https://github.com/getsentry/sentry-ruby/releases)
- [Changelog](https://github.com/getsentry/sentry-ruby/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-ruby@5.18.1...5.18.2)

---
updated-dependencies:
- dependency-name: sentry-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
- dependency-name: sentry-ruby
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Sync files for updater version 0.266.0 (tinglesoftware#1236)

Follow up to tinglesoftware#1235

* Regenerate Gemfile.lock

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1237)

Bumps the js-ts-types group in /extension with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 20.14.11 to 20.14.12
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: js-ts-types
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump typescript from 5.5.3 to 5.5.4 in /extension (tinglesoftware#1239)

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.3 to 5.5.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.5.3...v5.5.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump gittools/actions from 1 to 2 (tinglesoftware#1238)

Bumps [gittools/actions](https://github.com/gittools/actions) from 1 to 2.
- [Release notes](https://github.com/gittools/actions/releases)
- [Commits](GitTools/actions@v1...v2)

---
updated-dependencies:
- dependency-name: gittools/actions
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump Microsoft.Azure.AppConfiguration.AspNetCore in the azure group (tinglesoftware#1240)

Bumps the azure group with 1 update: [Microsoft.Azure.AppConfiguration.AspNetCore](https://github.com/Azure/Azconfig-DotnetProvider).


Updates `Microsoft.Azure.AppConfiguration.AspNetCore` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/Azure/Azconfig-DotnetProvider/releases)
- [Commits](Azure/AppConfiguration-DotnetProvider@7.2.0...7.3.0)

---
updated-dependencies:
- dependency-name: Microsoft.Azure.AppConfiguration.AspNetCore
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: azure
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* NuGet feed auth support for Azure DevOps, Azure DevOps Server, and third-party NuGet servers (tinglesoftware#1241)

* Add `helpUrl` and `releaseNotes` to the extension task.

* Remove unused `useConfigFile` input (tinglesoftware#1244)

* Reference discussion for permission in bug report template

* Remove docker demand and rely on `tl.which` (tinglesoftware#1246)

This should allow private agents with non-standard discovery.

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1250)

* Bump dependabot-omnibus from 0.266.0 to 0.267.0 in /updater (tinglesoftware#1252)

* Bump the opentelemetry group in /updater with 6 updates (tinglesoftware#1249)

* Fix nuget.config not using correct credentials during NuGet updates of .NET Framework projects (tinglesoftware#1248)

* Sync files for updater version 0.267.0

* Enable opentelemetry in `updater_script_vnext` (tinglesoftware#1254)

This is the first step towards adding telemetry to the updater. Useful in debugging of issues and general analytics. It follows what the GitHub hosted version has.

* Enable sentry in `updater_script_vnext` (tinglesoftware#1255)

This is the second step towards monitoring the updater. Useful in debugging of issues and general analytics. It follows what the GitHub hosted version has.

OpenTelemetry was setup in tinglesoftware#1254. Next step is to connect the error handler.

* Update update_script.rb

* Backport NuGet auth fix to `update_script`; Prevent NuGet leaking passwords in logs (tinglesoftware#1256)

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Bump axios from 1.7.2 to 1.7.3 in /extension (tinglesoftware#1264)

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1262)

* Bump ts-jest from 29.2.3 to 29.2.4 in /extension in the jest group (tinglesoftware#1261)

* Bump azure-pipelines-task-lib from 4.13.0 to 4.15.0 in /extension (tinglesoftware#1263)

* Bump Azure.Messaging.ServiceBus from 7.18.0 to 7.18.1 in the azure group (tinglesoftware#1258)

* Bump dependabot-omnibus from 0.267.0 to 0.268.0 in /updater (tinglesoftware#1259)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.267.0 to 0.268.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.267.0...v0.268.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Regenerate Gemfile.lock

* Sync files for updater version 0.268.0

* Update rubocop

* Update update_script.rb

* Make use of OpenTelemetry in the updater (tinglesoftware#1268)

* Update azure.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update azure.rb

* Update azure.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update Gemfile

* Update update_script.rb

* Update Gemfile

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update GitVersion and react to changes (tinglesoftware#1270)

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update updater.yml

* revert

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* testt

* test

* test

* Update GitVersion.yml so that CI artifacts have better naming

* test

* test

* test

* test

* clean up

* clean up

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Maxwell Weru <mburumaxwell@gmail.com>
Co-authored-by: Rhys Koedijk <rhys@koedijk.co.nz>
Co-authored-by: Berend Haan <berendhaan@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mburumaxwell mburumaxwell mburumaxwell approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rhyskoedijk @mburumaxwell