Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Automatically install the Azure Artifacts Credential Provider if DevOps NuGet feeds are configured #1233

Conversation

rhyskoedijk
Copy link
Contributor

@rhyskoedijk rhyskoedijk commented Jul 23, 2024

What are you trying to accomplish?

Allow users to authenticate with private Azure DevOps NuGet feeds without any additional configuration or complicated workarounds. Ideally auth should "just work" like it did in v1.24.

Reduce the number of issues users are having with private NuGet feed auth. e.g. see comments in:

Changes

If DEPENDABOT_EXTRA_CREDENTIALS contains credentials for an Azure DevOps NuGet feed, the workaround detailed in #921 (comment) will be applied-- more specifically, VSS_NUGET_EXTERNAL_FEED_ENDPOINTS will be set using the configured credentials, then the Azure Artifacts Credential Provider is installed to the container.

This automatically runs for both update_script.rb and update_script_vnext.rb.

This module can be easily deleted once dependabot/dependabot-core#8927 or some other dependabot-core native auth solution becomes available.

@rgrace-puck
Copy link

There is an existing task in Azure Pipelines that installs & configures NuGet authentication:
https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/nuget-authenticate-v1

Would it be possible to glean information from that automatically instead of requiring another environment variable to be set?

@rhyskoedijk
Copy link
Contributor Author

rhyskoedijk commented Jul 23, 2024

There is an existing task in Azure Pipelines that installs & configures NuGet authentication: https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/nuget-authenticate-v1

Would it be possible to glean information from that automatically instead of requiring another environment variable to be set?

Unfortunately that task doesn't have any impact on the update process since Dependabot is run inside a Docker container which is isolated from the Azure pipeline. Any information configured or provided by that task cannot be accessed from within the Dependabot container instance.

With this change, the user does not need to set any additional environment variables; the script will use the auth provided in your dependabot.yml registries and pass it through to the Azure Artifacts Credential Provider so that NuGet and MSBuild have access to them.

@rhyskoedijk rhyskoedijk changed the title Automatically install the NuGet credential provider if NuGet feeds are configured Automatically install the Azure Artifacts Credential Provider if DevOps NuGet feeds are configured Jul 23, 2024
Copy link
Contributor

@mburumaxwell mburumaxwell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is good. Still, I think we'll never be able to solve permissions issues given the complex permissions in AzDO and its OnPrem server

{
"endpoint" => cred["url"],
"username" => "unused",
"password" => cred["token"].delete_prefix("PAT:") # Credentials provider expects the raw token
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In some cases it is only ":{PAT}" or ":{PAT}". I think we should check for colon then split and take second entry, otherwise take as is.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, I also didn't consider username/password auth either.
It should now support all of these configs:

  • {"type":"nuget_feed","url":"https://dev.azure.com/...","token":"PAT:abc123"}
  • {"type":"nuget_feed","url":"https://dev.azure.com/...","token":":abc123"}
  • {"type":"nuget_feed","url":"https://dev.azure.com/...","token":"abc123"}
  • {"type":"nuget_feed","url":"https://dev.azure.com/...","username":"joeblogs","password":"letmein"}

@mburumaxwell mburumaxwell merged commit b5da88f into tinglesoftware:main Jul 24, 2024
19 checks passed
@rhyskoedijk rhyskoedijk deleted the feature/auto-install-nuget-cred-provider branch July 24, 2024 03:11
kzhuklinets added a commit to kirillcoso/dependabot-azure-devops that referenced this pull request Aug 13, 2024
* Bump the event-bus group with 2 updates (tinglesoftware#1156)

Bumps the event-bus group with 2 updates: [Tingle.EventBus.Transports.Azure.ServiceBus](https://github.com/tinglesoftware/eventbus) and [Tingle.EventBus.Transports.InMemory](https://github.com/tinglesoftware/eventbus).


Updates `Tingle.EventBus.Transports.Azure.ServiceBus` from 0.21.2 to 0.22.0
- [Release notes](https://github.com/tinglesoftware/eventbus/releases)
- [Commits](tinglesoftware/eventbus@0.21.2...0.22.0)

Updates `Tingle.EventBus.Transports.InMemory` from 0.21.2 to 0.22.0
- [Release notes](https://github.com/tinglesoftware/eventbus/releases)
- [Commits](tinglesoftware/eventbus@0.21.2...0.22.0)

---
updated-dependencies:
- dependency-name: Tingle.EventBus.Transports.Azure.ServiceBus
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: event-bus
- dependency-name: Tingle.EventBus.Transports.InMemory
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: event-bus
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Change updates time from 04:00 to 02:00 to be consistent with our other repositories and hence ease management

* Bump the tingle group with 3 updates (tinglesoftware#1157)

* Import constants for requirements_update_strategy (tinglesoftware#1159)

* Bump rubocop-performance in /updater in the rubocop group (tinglesoftware#1165)

* Bump ts-jest from 29.1.4 to 29.1.5 in /extension in the jest group (tinglesoftware#1164)

* Bump YamlDotNet from 15.1.6 to 15.3.0 (tinglesoftware#1163)

* Bump the azure group with 2 updates (tinglesoftware#1162)

* Bump dependabot-omnibus from 0.260.0 to 0.261.0 in /updater (tinglesoftware#1166)

* Regenerate lock file which fixes vulnerabilities

* Set packageManager in package.json

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1172)

* Bump Azure.Identity from 1.11.4 to 1.12.0 in the azure group (tinglesoftware#1176)

* Bump turbo_tests from 2.2.3 to 2.2.4 in /updater (tinglesoftware#1168)

* Create groups for sentry and opentelemetry updates

* Bump the opentelemetry group in /updater with 4 updates (tinglesoftware#1177)

Bumps the opentelemetry group in /updater with 4 updates: [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-ruby), [opentelemetry-instrumentation-excon](https://github.com/open-telemetry/opentelemetry-ruby-contrib), [opentelemetry-instrumentation-faraday](https://github.com/open-telemetry/opentelemetry-ruby-contrib) and [opentelemetry-instrumentation-net_http](https://github.com/open-telemetry/opentelemetry-ruby-contrib).


Updates `opentelemetry-exporter-otlp` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp/v0.27.0...opentelemetry-exporter-otlp/v0.28.0)

Updates `opentelemetry-instrumentation-excon` from 0.22.2 to 0.22.3
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/excon/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-excon/v0.22.2...opentelemetry-instrumentation-excon/v0.22.3)

Updates `opentelemetry-instrumentation-faraday` from 0.24.3 to 0.24.5
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/faraday/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-faraday/v0.24.3...opentelemetry-instrumentation-faraday/v0.24.5)

Updates `opentelemetry-instrumentation-net_http` from 0.22.5 to 0.22.6
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/net_http/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-net_http/v0.22.5...opentelemetry-instrumentation-net_http/v0.22.6)

---
updated-dependencies:
- dependency-name: opentelemetry-exporter-otlp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-instrumentation-excon
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
- dependency-name: opentelemetry-instrumentation-faraday
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
- dependency-name: opentelemetry-instrumentation-net_http
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump typescript from 5.4.5 to 5.5.2 in /extension (tinglesoftware#1173)

* Bump typescript from 5.4.5 to 5.5.2 in /extension

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.4.5 to 5.5.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.4.5...v5.5.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update target ESLINT

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Maxwell Weru <[email protected]>

* Bump dependabot-omnibus from 0.261.0 to 0.262.0 in /updater (tinglesoftware#1170)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.261.0 to 0.262.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.261.0...v0.262.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Remove codeql workflows so that we can leverage the automatic setup

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1179)

* Bump the tingle group with 3 updates (tinglesoftware#1182)

* Bump Microsoft.VisualStudio.Azure.Containers.Tools.Targets (tinglesoftware#1183)

* Bump Microsoft.FeatureManagement.AspNetCore in the microsoft group (tinglesoftware#1181)

* Bump Azure.ResourceManager.AppContainers in the azure group (tinglesoftware#1180)

* Bump the sentry group in /updater with 2 updates (tinglesoftware#1184)

* Bump dependabot-omnibus from 0.262.0 to 0.263.0 in /updater (tinglesoftware#1185)

* Fix missing module name (tinglesoftware#1187)

* Reorganise code in to lib folder; seperate dependabot code from tinglesoftware code using unique module names (tinglesoftware#1188)

* Add developer guide documentation; ignore extension build artifacts (tinglesoftware#1189)

* Bump the sentry group in /updater with 2 updates (tinglesoftware#1193)

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1195)

* Bump typescript from 5.5.2 to 5.5.3 in /extension (tinglesoftware#1196)

* Bump dependabot-omnibus from 0.263.0 to 0.264.0 (tinglesoftware#1191)

* Use correct version of dependabot-updater base image when running the 'updater' workflow (tinglesoftware#1192)

* Fix module name (tinglesoftware#1199)

* Use latest dependabot updater code; Remove scripts from `updater/bin` that don't work (tinglesoftware#1197)

* Add some more debug statements, and validate data length before reading result (tinglesoftware#1200)

* Changes to `.rubocop*.yml`, `.ruby-version`, and `Rakefile` should trigger the updater workflow

* Update update-files.ps1 and related files (tinglesoftware#1202)

* Enable sorbet and update files (tinglesoftware#1203)

* Bump dependabot-omnibus from 0.264.0 to 0.265.0 in /updater (tinglesoftware#1205)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.264.0 to 0.265.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.264.0...v0.265.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* If allow condition "dependency-name" is nil, use "*"; Use wildcard matching instead of regex matching (tinglesoftware#1208)

* Bump the xunit group with 2 updates (tinglesoftware#1212)

* Bump the microsoft group with 8 updates (tinglesoftware#1211)

* Bump ts-jest from 29.1.5 to 29.2.2 in /extension in the jest group (tinglesoftware#1215)

* Bump dotnet-ef from 8.0.6 to 8.0.7 (tinglesoftware#1214)

* Fix allow condition logic (tinglesoftware#1209)

* Add missing early return statement

* Bump YamlDotNet from 15.3.0 to 16.0.0 (tinglesoftware#1213)

Bumps YamlDotNet from 15.3.0 to 16.0.0.

---
updated-dependencies:
- dependency-name: YamlDotNet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* New "vNext" update script using dependabot-core updater; aligns update behaviour more closely with the GitHub Dependabot service (tinglesoftware#1186)

* DevOps extension task new updater commands and options (tinglesoftware#1216)

* Bump dependabot-omnibus from 0.265.0 to 0.266.0 in /updater (tinglesoftware#1218)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.265.0 to 0.266.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.265.0...v0.266.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix error when attempting to update a pre-1.30 pull request using the new vNext script (tinglesoftware#1219)

* Fix PRs being incorrectly abandoned when using multiple package ecosystems (tinglesoftware#1221)

* Bump the tingle group with 3 updates (tinglesoftware#1229)

* Bump Azure.Messaging.ServiceBus from 7.17.5 to 7.18.0 in the azure group (tinglesoftware#1226)

* Bump the event-bus group with 2 updates (tinglesoftware#1227)

* Bump ts-jest from 29.2.2 to 29.2.3 in /extension in the jest group (tinglesoftware#1224)

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1225)

* Update groups

* Log updated file diffs when 'skip pull requests' and 'debug' options are true (tinglesoftware#1230)

* Fix for group PRs being closed on refresh when nothing has changed (tinglesoftware#1222)

* Bump Microsoft.FeatureManagement.AspNetCore (tinglesoftware#1231)

* Fix logging error when creating new PR and the open PR limit has been reached (tinglesoftware#1223)

* Automatically install the Azure Artifacts Credential Provider if DevOps NuGet feeds are configured (tinglesoftware#1233)

* Bump the sentry group in /updater with 2 updates (tinglesoftware#1235)

Bumps the sentry group in /updater with 2 updates: [sentry-opentelemetry](https://github.com/getsentry/sentry-ruby) and [sentry-ruby](https://github.com/getsentry/sentry-ruby).


Updates `sentry-opentelemetry` from 5.18.1 to 5.18.2
- [Release notes](https://github.com/getsentry/sentry-ruby/releases)
- [Changelog](https://github.com/getsentry/sentry-ruby/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-ruby@5.18.1...5.18.2)

Updates `sentry-ruby` from 5.18.1 to 5.18.2
- [Release notes](https://github.com/getsentry/sentry-ruby/releases)
- [Changelog](https://github.com/getsentry/sentry-ruby/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-ruby@5.18.1...5.18.2)

---
updated-dependencies:
- dependency-name: sentry-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
- dependency-name: sentry-ruby
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Sync files for updater version 0.266.0 (tinglesoftware#1236)

Follow up to tinglesoftware#1235

* Regenerate Gemfile.lock

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1237)

Bumps the js-ts-types group in /extension with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 20.14.11 to 20.14.12
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: js-ts-types
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump typescript from 5.5.3 to 5.5.4 in /extension (tinglesoftware#1239)

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.3 to 5.5.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.5.3...v5.5.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump gittools/actions from 1 to 2 (tinglesoftware#1238)

Bumps [gittools/actions](https://github.com/gittools/actions) from 1 to 2.
- [Release notes](https://github.com/gittools/actions/releases)
- [Commits](GitTools/actions@v1...v2)

---
updated-dependencies:
- dependency-name: gittools/actions
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump Microsoft.Azure.AppConfiguration.AspNetCore in the azure group (tinglesoftware#1240)

Bumps the azure group with 1 update: [Microsoft.Azure.AppConfiguration.AspNetCore](https://github.com/Azure/Azconfig-DotnetProvider).


Updates `Microsoft.Azure.AppConfiguration.AspNetCore` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/Azure/Azconfig-DotnetProvider/releases)
- [Commits](Azure/AppConfiguration-DotnetProvider@7.2.0...7.3.0)

---
updated-dependencies:
- dependency-name: Microsoft.Azure.AppConfiguration.AspNetCore
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: azure
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* NuGet feed auth support for Azure DevOps, Azure DevOps Server, and third-party NuGet servers (tinglesoftware#1241)

* Add `helpUrl` and `releaseNotes` to the extension task.

* Remove unused `useConfigFile` input (tinglesoftware#1244)

* Reference discussion for permission in bug report template

* Remove docker demand and rely on `tl.which` (tinglesoftware#1246)

This should allow private agents with non-standard discovery.

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1250)

* Bump dependabot-omnibus from 0.266.0 to 0.267.0 in /updater (tinglesoftware#1252)

* Bump the opentelemetry group in /updater with 6 updates (tinglesoftware#1249)

* Fix nuget.config not using correct credentials during NuGet updates of .NET Framework projects (tinglesoftware#1248)

* Sync files for updater version 0.267.0

* Enable opentelemetry in `updater_script_vnext` (tinglesoftware#1254)

This is the first step towards adding telemetry to the updater. Useful in debugging of issues and general analytics. It follows what the GitHub hosted version has.

* Enable sentry in `updater_script_vnext` (tinglesoftware#1255)

This is the second step towards monitoring the updater. Useful in debugging of issues and general analytics. It follows what the GitHub hosted version has.

OpenTelemetry was setup in tinglesoftware#1254. Next step is to connect the error handler.

* Update update_script.rb

* Backport NuGet auth fix to `update_script`; Prevent NuGet leaking passwords in logs (tinglesoftware#1256)

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Bump axios from 1.7.2 to 1.7.3 in /extension (tinglesoftware#1264)

* Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1262)

* Bump ts-jest from 29.2.3 to 29.2.4 in /extension in the jest group (tinglesoftware#1261)

* Bump azure-pipelines-task-lib from 4.13.0 to 4.15.0 in /extension (tinglesoftware#1263)

* Bump Azure.Messaging.ServiceBus from 7.18.0 to 7.18.1 in the azure group (tinglesoftware#1258)

* Bump dependabot-omnibus from 0.267.0 to 0.268.0 in /updater (tinglesoftware#1259)

Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.267.0 to 0.268.0.
- [Release notes](https://github.com/dependabot/dependabot-core/releases)
- [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md)
- [Commits](dependabot/dependabot-core@v0.267.0...v0.268.0)

---
updated-dependencies:
- dependency-name: dependabot-omnibus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Regenerate Gemfile.lock

* Sync files for updater version 0.268.0

* Update rubocop

* Update update_script.rb

* Make use of OpenTelemetry in the updater (tinglesoftware#1268)

* Update azure.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update azure.rb

* Update azure.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update Gemfile

* Update update_script.rb

* Update Gemfile

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update GitVersion and react to changes (tinglesoftware#1270)

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update updater.yml

* revert

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update updater.yml

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* Update update_script.rb

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* test

* testt

* test

* test

* Update GitVersion.yml so that CI artifacts have better naming

* test

* test

* test

* test

* clean up

* clean up

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Maxwell Weru <[email protected]>
Co-authored-by: Rhys Koedijk <[email protected]>
Co-authored-by: Berend Haan <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants