Bump dependabot-omnibus from 0.242.1 to 0.244.0 in /updater (#994)

* Bump dependabot-omnibus from 0.242.1 to 0.244.0 in /updater

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.242.1 to 0.244.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.242.1...v0.244.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* React to changes

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Maxwell <[email protected]>

updater/Gemfile

@@ -8,7 +8,7 @@ source "https://rubygems.org"
 # They are so many, our reference won't be found for it to be updated.
 # Hence adding the branch.
 
-gem "dependabot-omnibus", "~>0.242.1"
+gem "dependabot-omnibus", "~>0.244.0"
 # gem "dependabot-omnibus", github: "dependabot/dependabot-core", branch: "main"
 # gem "dependabot-omnibus", github: "dependabot/dependabot-core", tag: "v0.232.0"
 # gem "dependabot-omnibus", github: "dependabot/dependabot-core", ref: "ffde6f6"

updater/Gemfile.lock

@@ -5,14 +5,15 @@ GEM
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
     aws-eventstream (1.3.0)
-    aws-partitions (1.883.0)
+    aws-partitions (1.893.0)
     aws-sdk-codecommit (1.64.0)
       aws-sdk-core (~> 3, >= 3.191.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-core (3.191.0)
+    aws-sdk-core (3.191.2)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.651.0)
       aws-sigv4 (~> 1.8)
+      base64
       jmespath (~> 1, >= 1.6.1)
     aws-sdk-ecr (1.69.0)
       aws-sdk-core (~> 3, >= 3.191.0)
@@ -27,11 +28,11 @@ GEM
     crack (1.0.0)
       bigdecimal
       rexml
-    dependabot-bundler (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-cargo (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-common (0.242.1)
+    dependabot-bundler (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-cargo (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-common (0.244.0)
       aws-sdk-codecommit (~> 1.28)
       aws-sdk-ecr (~> 1.5)
       bundler (>= 1.16, < 3.0.0)
@@ -49,61 +50,61 @@ GEM
       psych (~> 5.0)
       sorbet-runtime (~> 0.5.11178)
       toml-rb (>= 1.1.2, < 3.0)
-    dependabot-composer (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-devcontainers (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-docker (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-elm (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-git_submodules (0.242.1)
-      dependabot-common (= 0.242.1)
+    dependabot-composer (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-devcontainers (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-docker (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-elm (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-git_submodules (0.244.0)
+      dependabot-common (= 0.244.0)
       parseconfig (~> 1.0, < 1.1.0)
-    dependabot-github_actions (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-go_modules (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-gradle (0.242.1)
-      dependabot-common (= 0.242.1)
-      dependabot-maven (= 0.242.1)
-    dependabot-hex (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-maven (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-npm_and_yarn (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-nuget (0.242.1)
-      dependabot-common (= 0.242.1)
+    dependabot-github_actions (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-go_modules (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-gradle (0.244.0)
+      dependabot-common (= 0.244.0)
+      dependabot-maven (= 0.244.0)
+    dependabot-hex (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-maven (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-npm_and_yarn (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-nuget (0.244.0)
+      dependabot-common (= 0.244.0)
       rubyzip (>= 2.3.2, < 3.0)
-    dependabot-omnibus (0.242.1)
-      dependabot-bundler (= 0.242.1)
-      dependabot-cargo (= 0.242.1)
-      dependabot-common (= 0.242.1)
-      dependabot-composer (= 0.242.1)
-      dependabot-devcontainers (= 0.242.1)
-      dependabot-docker (= 0.242.1)
-      dependabot-elm (= 0.242.1)
-      dependabot-git_submodules (= 0.242.1)
-      dependabot-github_actions (= 0.242.1)
-      dependabot-go_modules (= 0.242.1)
-      dependabot-gradle (= 0.242.1)
-      dependabot-hex (= 0.242.1)
-      dependabot-maven (= 0.242.1)
-      dependabot-npm_and_yarn (= 0.242.1)
-      dependabot-nuget (= 0.242.1)
-      dependabot-pub (= 0.242.1)
-      dependabot-python (= 0.242.1)
-      dependabot-swift (= 0.242.1)
-      dependabot-terraform (= 0.242.1)
-    dependabot-pub (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-python (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-swift (0.242.1)
-      dependabot-common (= 0.242.1)
-    dependabot-terraform (0.242.1)
-      dependabot-common (= 0.242.1)
+    dependabot-omnibus (0.244.0)
+      dependabot-bundler (= 0.244.0)
+      dependabot-cargo (= 0.244.0)
+      dependabot-common (= 0.244.0)
+      dependabot-composer (= 0.244.0)
+      dependabot-devcontainers (= 0.244.0)
+      dependabot-docker (= 0.244.0)
+      dependabot-elm (= 0.244.0)
+      dependabot-git_submodules (= 0.244.0)
+      dependabot-github_actions (= 0.244.0)
+      dependabot-go_modules (= 0.244.0)
+      dependabot-gradle (= 0.244.0)
+      dependabot-hex (= 0.244.0)
+      dependabot-maven (= 0.244.0)
+      dependabot-npm_and_yarn (= 0.244.0)
+      dependabot-nuget (= 0.244.0)
+      dependabot-pub (= 0.244.0)
+      dependabot-python (= 0.244.0)
+      dependabot-swift (= 0.244.0)
+      dependabot-terraform (= 0.244.0)
+    dependabot-pub (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-python (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-swift (0.244.0)
+      dependabot-common (= 0.244.0)
+    dependabot-terraform (0.244.0)
+      dependabot-common (= 0.244.0)
     diff-lcs (1.5.1)
     docker_registry2 (1.18.0)
       rest-client (>= 1.8.0)
@@ -150,21 +151,21 @@ GEM
       rake (~> 13.0)
     mime-types (3.5.2)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2023.1205)
+    mime-types-data (3.2024.0206)
     mini_mime (1.1.5)
     multi_xml (0.6.0)
     netrc (0.11.0)
-    nokogiri (1.16.0-aarch64-linux)
+    nokogiri (1.16.2-aarch64-linux)
       racc (~> 1.4)
-    nokogiri (1.16.0-arm64-darwin)
+    nokogiri (1.16.2-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.0-x86_64-linux)
+    nokogiri (1.16.2-x86_64-linux)
       racc (~> 1.4)
     octokit (6.1.1)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
-    opentelemetry-api (1.2.3)
-    opentelemetry-common (0.20.0)
+    opentelemetry-api (1.2.4)
+    opentelemetry-common (0.20.1)
       opentelemetry-api (~> 1.0)
     opentelemetry-exporter-otlp (0.26.3)
       google-protobuf (~> 3.14)
@@ -255,7 +256,7 @@ GEM
       faraday (>= 0.17.3, < 3)
     sentry-ruby (5.16.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-    sorbet-runtime (0.5.11219)
+    sorbet-runtime (0.5.11262)
     stringio (3.1.0)
     terminal-table (3.0.2)
       unicode-display_width (>= 1.1.1, < 3)
@@ -275,7 +276,7 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
-  dependabot-omnibus (~> 0.242.1)
+  dependabot-omnibus (~> 0.244.0)
   http (~> 5.2)
   octokit (= 6.1.1)
   opentelemetry-exporter-otlp (~> 0.26)

updater/bin/update_script.rb

@@ -486,7 +486,7 @@ def show_diff(original_file, updated_file)
 ##############################
 # Fetch the dependency files #
 ##############################
-clone = $options[:vendor_dependencies] || Dependabot::Utils.always_clone_for_package_manager?($package_manager)
+clone = true
 $options[:repo_contents_path] ||= File.expand_path(File.join("tmp", $repo_name.split("/"))) if clone
 fetcher_args = {
   source: $source,

updater/lib/dependabot/job.rb

@@ -125,8 +125,7 @@ def initialize(attributes)
     end
 
     def clone?
-      vendor_dependencies? ||
-        Dependabot::Utils.always_clone_for_package_manager?(@package_manager)
+      true
     end
 
     # Some Core components test for a non-nil repo_contents_path as an implicit

updater/spec/dependabot/job_spec.rb

@@ -418,42 +418,6 @@
     end
   end
 
-  describe "#clone?" do
-    subject { job.clone? }
-
-    it { is_expected.to eq(false) }
-
-    context "with vendoring configuration enabled" do
-      let(:vendor_dependencies) { true }
-
-      it { is_expected.to eq(true) }
-    end
-
-    context "for ecosystems that always clone" do
-      let(:vendor_dependencies) { false }
-      let(:dependencies) do
-        [
-          Dependabot::Dependency.new(
-            name: "github.com/pkg/errors",
-            package_manager: "dummy",
-            version: "v1.8.0",
-            requirements: [
-              {
-                file: "go.mod",
-                requirement: "v1.8.0",
-                groups: [],
-                source: nil
-              }
-            ]
-          )
-        ]
-      end
-      let(:package_manager) { "dummy" }
-
-      it { is_expected.to eq(true) }
-    end
-  end
-
   describe "#security_fix?" do
     subject { job.security_fix?(dependency) }
 

updater/spec/support/dummy_package_manager/dummy.rb

@@ -20,6 +20,3 @@
     groups.any? { |g| g.include?("prod") }
   end
 )
-
-require "dependabot/utils"
-Dependabot::Utils.register_always_clone("dummy")