RubyGems - dependabot-common - Versions diffs - 0.113.18 → 0.113.19 - Mend

dependabot-common 0.113.18 → 0.113.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/dependabot/pull_request_creator/gitlab.rb +2 -2
data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb +11 -27
data/lib/dependabot/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 830722a433e1fc99d28ef9d6812343b005f7bd6a44fe9a1a8ad49555c702b8a8
-  data.tar.gz: c1728259c6296e643867d59a964d83e5bf0836457be53c0702094aae48e91960
+  metadata.gz: 7de0ce549409706f4b15e715b2f4ca45835ff7bc1fda5725f03bc56e899cf2ab
+  data.tar.gz: 2525710695a42e8f1d156630d9a242dac2cda7898513c0e1d836a11b8923c390
 SHA512:
-  metadata.gz: dadbc442fc278cb7357eea381e4b874659bce5fd599b5a6480bc0959ec2c51ffca51c10d7cb84ce64cfd2b1f588856ad4284061e89d961f0e91c5e0755e901e2
-  data.tar.gz: 00c92be989b8ce57f718c68c7d2650cc566993c7f75421f97f83e3470692148f910bf837bc10ab51d45d6cd14825b2cd46eea65ed306d16159cd2c47231ff043
+  metadata.gz: b309a3f226e4a3e6a59e899a62b31a7f0561c493749f6494a1a842f877d457af3e1c47c81ee70e20ea3c0a819b2fa4c5c828d6776379a40902560383dc8b991d
+  data.tar.gz: c3e3d9bd37881b1d9d83884dfb13ec67edea5186b2b0f9b5c5711eb10a27343f3dcc5c7ad2d2d47e8eebb4053ea4ac84aeb805ecb873751cc81c0bca3401032f

data/lib/dependabot/pull_request_creator/gitlab.rb CHANGED Viewed

@@ -157,8 +157,8 @@ module Dependabot
         gitlab_client_for_source.edit_merge_request_approvers(
           source.repo,
           merge_request.iid,
-          approver_ids: approvers_hash[:approvers] || [],
-          approver_group_ids: approvers_hash[:group_approvers] || []
+          approver_ids: approvers_hash[:approvers],
+          approver_group_ids: approvers_hash[:group_approvers]
         )
       end

data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb CHANGED Viewed

@@ -25,12 +25,7 @@ module Dependabot
         #   (?:.|\n)*?           Non-capturing group to consume code span content (non-eager)
         #   (?>\k<codespanopen>) Atomic group marking the end of the code span (same length as opening)
         # rubocop:enable Metrics/LineLength
-        CODEBLOCK_REGEX = /
-          # fenced code block
-          (?<=\n|^)(?<fenceopen>(?>`{3,}|~{3,})).*?(?>\k<fenceopen>)|
-          # code span
-          (?<codespanopen>`+)(?![^`]*?\n{2,})(?:.|\n)*?(?>\k<codespanopen>)
-        /xm.freeze
+        CODEBLOCK_REGEX = /```|~~~/.freeze
         # End of string
         EOS_REGEX = /\z/.freeze
@@ -43,34 +38,23 @@ module Dependabot
         def sanitize_links_and_mentions(text:)
           # We don't want to sanitize any links or mentions that are contained
           # within code blocks, so we split the text on "```" or "~~~"
-          sanitized_text = []
+          lines = []
           scan = StringScanner.new(text)
           until scan.eos?
-            block = scan.scan_until(CODEBLOCK_REGEX) ||
-                    scan.scan_until(EOS_REGEX)
-            sanitized_text << sanitize_links_and_mentions_in_block(block)
+            line = scan.scan_until(CODEBLOCK_REGEX) ||
+                   scan.scan_until(EOS_REGEX)
+            delimiter = line.match(CODEBLOCK_REGEX)&.to_s
+            unless delimiter && lines.count { |l| l.include?(delimiter) }.odd?
+              line = sanitize_mentions(line)
+              line = sanitize_links(line)
+            end
+            lines << line
           end
-          sanitized_text.join
+          lines.join
         end
         private
-        def sanitize_links_and_mentions_in_block(block)
-          # Handle code blocks one by one
-          normal_text = block
-          verbatim_text = ""
-          match = block.match(CODEBLOCK_REGEX)
-          if match
-            # Part leading up to start of code block
-            normal_text = match.pre_match
-            # Entire code block copied verbatim
-            verbatim_text = match.to_s
-          end
-          normal_text = sanitize_mentions(normal_text)
-          normal_text = sanitize_links(normal_text)
-          normal_text + verbatim_text
-        end
         def sanitize_mentions(text)
           text.gsub(%r{(?<![A-Za-z0-9`~])@#{GITHUB_USERNAME}/?}) do |mention|
             next mention if mention.end_with?("/")

data/lib/dependabot/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.113.18"
+  VERSION = "0.113.19"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.113.18
+  version: 0.113.19
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-30 00:00:00.000000000 Z
+date: 2019-11-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit