dependabot-cargo 0.117.6 → 0.117.11

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 362b3b7ad9ce0b416948e00cf5da6c06ccb6c187e75970232a2b76244c44d685
4
- data.tar.gz: f5e6aa876b2bf28b74ee6e658d2a61f689500339780d130c86ad66fe5040d3e7
3
+ metadata.gz: c89ee2d3c2ae684e0cd411d9dc87a239ae9c9337d33e59e3c1a5c4620287f8c7
4
+ data.tar.gz: 402822d0a49416a88c732263fee8c5b370dd11e0eedc91507a848e4b023856d7
5
5
  SHA512:
6
- metadata.gz: 0761a726d82fc2daeb61bd172513784d7272280e332d5a57da45f7303358fe06efc50804e4a9a7d90f7e80ddb95e57523e1fe022540130919b400a9a264a6f11
7
- data.tar.gz: 5d4aae7487517b81fc07e4a321eb39e62f46ac814fe26c8e56350ba6bd88ef56bbd2e212b3354e5255e2810e22a228bd797bc8fcc9b2d9c76546611d4757663e
6
+ metadata.gz: be44a2e2fa1febe59256d5d185c020c5e4a0e8aa48e22f41c7c6c82d86f70b32be34052b20db6b7c1ef09a8a0c794f97da569b63b24948a182a9229b21d11a1f
7
+ data.tar.gz: 573c748dc1aa945ed6d023628f98561c69fd20b49c2fd0e4d4894ca22ab01dc26135551bca76aaec26bd3c642d4345be4d899bc60692f79ecb348e721b7c1c0f
@@ -109,6 +109,7 @@ module Dependabot
109
109
  dependency_files: dependency_files,
110
110
  credentials: credentials,
111
111
  ignored_versions: ignored_versions,
112
+ raise_on_ignored: raise_on_ignored,
112
113
  security_advisories: security_advisories
113
114
  )
114
115
  end
@@ -8,11 +8,13 @@ module Dependabot
8
8
  class UpdateChecker
9
9
  class LatestVersionFinder
10
10
  def initialize(dependency:, dependency_files:, credentials:,
11
- ignored_versions:, security_advisories:)
11
+ ignored_versions:, raise_on_ignored: false,
12
+ security_advisories:)
12
13
  @dependency = dependency
13
14
  @dependency_files = dependency_files
14
15
  @credentials = credentials
15
16
  @ignored_versions = ignored_versions
17
+ @raise_on_ignored = raise_on_ignored
16
18
  @security_advisories = security_advisories
17
19
  end
18
20
 
@@ -39,8 +41,8 @@ module Dependabot
39
41
  def fetch_lowest_security_fix_version
40
42
  versions = available_versions
41
43
  versions = filter_prerelease_versions(versions)
42
- versions = filter_ignored_versions(versions)
43
44
  versions = filter_vulnerable_versions(versions)
45
+ versions = filter_ignored_versions(versions)
44
46
  versions = filter_lower_versions(versions)
45
47
  versions.min
46
48
  end
@@ -52,8 +54,13 @@ module Dependabot
52
54
  end
53
55
 
54
56
  def filter_ignored_versions(versions_array)
55
- versions_array.
56
- reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
57
+ filtered = versions_array.
58
+ reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
59
+ if @raise_on_ignored && filtered.empty? && versions_array.any?
60
+ raise Dependabot::AllVersionsIgnored
61
+ end
62
+
63
+ filtered
57
64
  end
58
65
 
59
66
  def filter_vulnerable_versions(versions_array)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.6
4
+ version: 0.117.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-09 00:00:00.000000000 Z
11
+ date: 2020-05-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.6
19
+ version: 0.117.11
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.6
26
+ version: 0.117.11
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.80.1
117
+ version: 0.83.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.80.1
124
+ version: 0.83.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement