dependabot-cargo 0.117.7 → 0.118.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cargo/update_checker.rb +1 -0
  3. data/lib/dependabot/cargo/update_checker/latest_version_finder.rb +11 -4
  4. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f34e50ca3afd0db8b304dbd8835b02349e7cab99797dcd254cb31d24539eb910
4
- data.tar.gz: 9b336c70d15a4175945bbc84d1870df8b0b3ef5cb0f7a6ad722f66999006d142
3
+ metadata.gz: bf85217804b44de12b972f6c6756a4a92dcfafc5d9043aab396e2611314d8d5a
4
+ data.tar.gz: 833b73c6f30a9c39b871b4f1b06115a987f0831f396303fe20edb451c1af936f
5
5
  SHA512:
6
- metadata.gz: f2fe5dc801636cac330fc2776735b227f972d82d7f24165231ce2dddc4537a465bb6a2c4c466f5f113d48507e1a6bdb1a3bfd3c2cbff72c42561a30349e63eaf
7
- data.tar.gz: eeec5bc84f72e42529c5c08f6da61624ad8f03d3f27f35cf63eb36fa7c3818d44259a7f8124bc4c10a916a321f9a9de71c23fd3dbaa25cace89011aff4bb6722
6
+ metadata.gz: f4b91c9bfb71f1ebde8d6884329003b0a163a2de4a608f49b1fe0565d87a92f71de5f753e40edb63198cad5ac2a125778e825a752e7a604e38a7691154073418
7
+ data.tar.gz: c280623ae9b97da2dbfbb207f51af25078fad44c4c0c007b618398fb0c4df30d3452c4be8d435d2f609e6b7a3037319e0a1940999ca36964d9d468e4884a3db1
data/lib/dependabot/cargo/update_checker.rb CHANGED
@@ -109,6 +109,7 @@ module Dependabot
109
109
  dependency_files: dependency_files,
110
110
  credentials: credentials,
111
111
  ignored_versions: ignored_versions,
112
+ raise_on_ignored: raise_on_ignored,
112
113
  security_advisories: security_advisories
113
114
  )
114
115
  end
data/lib/dependabot/cargo/update_checker/latest_version_finder.rb CHANGED
@@ -8,11 +8,13 @@ module Dependabot
8
8
  class UpdateChecker
9
9
  class LatestVersionFinder
10
10
  def initialize(dependency:, dependency_files:, credentials:,
11
- ignored_versions:, security_advisories:)
11
+ ignored_versions:, raise_on_ignored: false,
12
+ security_advisories:)
12
13
  @dependency = dependency
13
14
  @dependency_files = dependency_files
14
15
  @credentials = credentials
15
16
  @ignored_versions = ignored_versions
17
+ @raise_on_ignored = raise_on_ignored
16
18
  @security_advisories = security_advisories
17
19
  end
18
20
 
@@ -39,8 +41,8 @@ module Dependabot
39
41
  def fetch_lowest_security_fix_version
40
42
  versions = available_versions
41
43
  versions = filter_prerelease_versions(versions)
42
- versions = filter_ignored_versions(versions)
43
44
  versions = filter_vulnerable_versions(versions)
45
+ versions = filter_ignored_versions(versions)
44
46
  versions = filter_lower_versions(versions)
45
47
  versions.min
46
48
  end
@@ -52,8 +54,13 @@ module Dependabot
52
54
  end
53
55
 
54
56
  def filter_ignored_versions(versions_array)
55
- versions_array.
56
- reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
57
+ filtered = versions_array.
58
+ reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
59
+ if @raise_on_ignored && filtered.empty? && versions_array.any?
60
+ raise Dependabot::AllVersionsIgnored
61
+ end
62
+
63
+ filtered
57
64
  end
58
65
 
59
66
  def filter_vulnerable_versions(versions_array)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.7
4
+ version: 0.118.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-20 00:00:00.000000000 Z
11
+ date: 2020-05-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.7
19
+ version: 0.118.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.7
26
+ version: 0.118.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.82.0
117
+ version: 0.83.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.82.0
124
+ version: 0.83.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement