dependabot-cargo 0.117.7 → 0.118.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f34e50ca3afd0db8b304dbd8835b02349e7cab99797dcd254cb31d24539eb910
4
- data.tar.gz: 9b336c70d15a4175945bbc84d1870df8b0b3ef5cb0f7a6ad722f66999006d142
3
+ metadata.gz: bf85217804b44de12b972f6c6756a4a92dcfafc5d9043aab396e2611314d8d5a
4
+ data.tar.gz: 833b73c6f30a9c39b871b4f1b06115a987f0831f396303fe20edb451c1af936f
5
5
  SHA512:
6
- metadata.gz: f2fe5dc801636cac330fc2776735b227f972d82d7f24165231ce2dddc4537a465bb6a2c4c466f5f113d48507e1a6bdb1a3bfd3c2cbff72c42561a30349e63eaf
7
- data.tar.gz: eeec5bc84f72e42529c5c08f6da61624ad8f03d3f27f35cf63eb36fa7c3818d44259a7f8124bc4c10a916a321f9a9de71c23fd3dbaa25cace89011aff4bb6722
6
+ metadata.gz: f4b91c9bfb71f1ebde8d6884329003b0a163a2de4a608f49b1fe0565d87a92f71de5f753e40edb63198cad5ac2a125778e825a752e7a604e38a7691154073418
7
+ data.tar.gz: c280623ae9b97da2dbfbb207f51af25078fad44c4c0c007b618398fb0c4df30d3452c4be8d435d2f609e6b7a3037319e0a1940999ca36964d9d468e4884a3db1
@@ -109,6 +109,7 @@ module Dependabot
109
109
  dependency_files: dependency_files,
110
110
  credentials: credentials,
111
111
  ignored_versions: ignored_versions,
112
+ raise_on_ignored: raise_on_ignored,
112
113
  security_advisories: security_advisories
113
114
  )
114
115
  end
@@ -8,11 +8,13 @@ module Dependabot
8
8
  class UpdateChecker
9
9
  class LatestVersionFinder
10
10
  def initialize(dependency:, dependency_files:, credentials:,
11
- ignored_versions:, security_advisories:)
11
+ ignored_versions:, raise_on_ignored: false,
12
+ security_advisories:)
12
13
  @dependency = dependency
13
14
  @dependency_files = dependency_files
14
15
  @credentials = credentials
15
16
  @ignored_versions = ignored_versions
17
+ @raise_on_ignored = raise_on_ignored
16
18
  @security_advisories = security_advisories
17
19
  end
18
20
 
@@ -39,8 +41,8 @@ module Dependabot
39
41
  def fetch_lowest_security_fix_version
40
42
  versions = available_versions
41
43
  versions = filter_prerelease_versions(versions)
42
- versions = filter_ignored_versions(versions)
43
44
  versions = filter_vulnerable_versions(versions)
45
+ versions = filter_ignored_versions(versions)
44
46
  versions = filter_lower_versions(versions)
45
47
  versions.min
46
48
  end
@@ -52,8 +54,13 @@ module Dependabot
52
54
  end
53
55
 
54
56
  def filter_ignored_versions(versions_array)
55
- versions_array.
56
- reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
57
+ filtered = versions_array.
58
+ reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
59
+ if @raise_on_ignored && filtered.empty? && versions_array.any?
60
+ raise Dependabot::AllVersionsIgnored
61
+ end
62
+
63
+ filtered
57
64
  end
58
65
 
59
66
  def filter_vulnerable_versions(versions_array)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.7
4
+ version: 0.118.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-20 00:00:00.000000000 Z
11
+ date: 2020-05-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.7
19
+ version: 0.118.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.7
26
+ version: 0.118.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.82.0
117
+ version: 0.83.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.82.0
124
+ version: 0.83.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement