dependabot-bundler 0.95.51 → 0.95.52
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/metadata_finder.rb +35 -3
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ce35384f5ad0555161199ff49990d309203df1a8e1cb1eaa67fee6d25542a540
|
|
4
|
+
data.tar.gz: e1caae795058175c741a176cfa9c8d0115c0ca38d4328546a7040cfaf574b1e2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3c7d478da659acfff240cfc94c164ca1d3ab3d31285435b91e455c3898aabb802914e3098adc642ca78a3ad88cf4efb9b5c6f5e43d0e59d94f3a1cd037cba08b
|
|
7
|
+
data.tar.gz: 762e9d96d1f3045655784b9a9e7c4bfd950afe3cdb32eda086958c35b53f730a796df59388c26669251b27d74653e59b0e235961d05a9dbd4cf666e50502507f
|
|
@@ -35,6 +35,19 @@ module Dependabot
|
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
+
def suggested_changelog_url
|
|
39
|
+
case new_source_type
|
|
40
|
+
when "default"
|
|
41
|
+
rubygems_api_response["changelog_uri"]
|
|
42
|
+
when "rubygems"
|
|
43
|
+
if rubygems_api_response == {}
|
|
44
|
+
changelog_url_from_gemspec_download
|
|
45
|
+
else
|
|
46
|
+
rubygems_api_response["changelog_uri"]
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
38
51
|
def new_source_type
|
|
39
52
|
sources =
|
|
40
53
|
dependency.requirements.map { |r| r.fetch(:source) }.uniq.compact
|
|
@@ -72,9 +85,10 @@ module Dependabot
|
|
|
72
85
|
github_urls = []
|
|
73
86
|
return unless rubygems_marshalled_gemspec_response
|
|
74
87
|
|
|
75
|
-
rubygems_marshalled_gemspec_response.
|
|
76
|
-
|
|
77
|
-
|
|
88
|
+
rubygems_marshalled_gemspec_response.gsub("\x06;", "\n").
|
|
89
|
+
scan(Source::SOURCE_REGEX) do
|
|
90
|
+
github_urls << Regexp.last_match.to_s
|
|
91
|
+
end
|
|
78
92
|
|
|
79
93
|
source_url = github_urls.find do |url|
|
|
80
94
|
repo = Source.from_url(url).repo
|
|
@@ -85,6 +99,24 @@ module Dependabot
|
|
|
85
99
|
Source.from_url(source_url)
|
|
86
100
|
end
|
|
87
101
|
|
|
102
|
+
def changelog_url_from_gemspec_download
|
|
103
|
+
github_urls = []
|
|
104
|
+
return unless rubygems_marshalled_gemspec_response
|
|
105
|
+
|
|
106
|
+
rubygems_marshalled_gemspec_response.gsub("\x06;", "\n").
|
|
107
|
+
scan(Dependabot::Source::SOURCE_REGEX) do
|
|
108
|
+
github_urls << Regexp.last_match.to_s +
|
|
109
|
+
Regexp.last_match.post_match.split("\n").first
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
github_urls.find do |url|
|
|
113
|
+
names = MetadataFinders::Base::ChangelogFinder::CHANGELOG_NAMES
|
|
114
|
+
names.any? do |changelog_name|
|
|
115
|
+
url.split("/").last.downcase.include?(changelog_name.downcase)
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
88
120
|
# Note: This response MUST NOT be unmarshalled
|
|
89
121
|
# (as calling Marshal.load is unsafe)
|
|
90
122
|
def rubygems_marshalled_gemspec_response
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.95.
|
|
4
|
+
version: 0.95.52
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.95.
|
|
19
|
+
version: 0.95.52
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.95.
|
|
26
|
+
version: 0.95.52
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 0.65.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 0.65.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: vcr
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|