dependabot-common 0.119.3 → 0.119.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of dependabot-common might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/dependabot/file_parsers/base/dependency_set.rb +0 -3
- data/lib/dependabot/git_commit_checker.rb +2 -0
- data/lib/dependabot/metadata_finders/base/changelog_finder.rb +2 -0
- data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +0 -2
- data/lib/dependabot/pull_request_creator/branch_namer.rb +0 -2
- data/lib/dependabot/pull_request_creator/github.rb +2 -0
- data/lib/dependabot/pull_request_creator/labeler.rb +4 -0
- data/lib/dependabot/pull_request_creator/message_builder.rb +0 -2
- data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb +0 -2
- data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +2 -0
- data/lib/dependabot/shared_helpers.rb +2 -0
- data/lib/dependabot/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c084a2dd6045074bdde8be081749cf0bb32dc4fcaa99b07bf6eea049cd798dd6
|
|
4
|
+
data.tar.gz: 3201d221483932d06cadd03304dcb8b65561bc1778d3aefca45416fc260e94cf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 68a073b8397b7128e2f63076267e1f3efb4b7c3501674e7e657ac4ee3a6cd8e5d8f55e7cb368758045dddbb179289ec7a6a45f1eeca2d8376c9b9758d8ca8577
|
|
7
|
+
data.tar.gz: bc1cddb30b8d543019e3434963b224f3feb58cf50abe19b9a360606db3ba4340fcb8d007716302b29a9e25a79e305590b060285e19aa139a6c186203b81ca534
|
|
@@ -60,7 +60,6 @@ module Dependabot
|
|
|
60
60
|
dependencies.find { |d| d.name&.downcase == name&.downcase }
|
|
61
61
|
end
|
|
62
62
|
|
|
63
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
64
63
|
def combined_dependency(old_dep, new_dep)
|
|
65
64
|
package_manager = old_dep.package_manager
|
|
66
65
|
v_cls = Utils.version_class_for_package_manager(package_manager)
|
|
@@ -89,8 +88,6 @@ module Dependabot
|
|
|
89
88
|
subdependency_metadata: subdependency_metadata
|
|
90
89
|
)
|
|
91
90
|
end
|
|
92
|
-
|
|
93
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
94
91
|
end
|
|
95
92
|
end
|
|
96
93
|
end
|
|
@@ -86,6 +86,7 @@ module Dependabot
|
|
|
86
86
|
raise Dependabot::GitDependencyReferenceNotFound, dependency.name
|
|
87
87
|
end
|
|
88
88
|
|
|
89
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
89
90
|
def local_tag_for_latest_version
|
|
90
91
|
tags =
|
|
91
92
|
local_tags.
|
|
@@ -114,6 +115,7 @@ module Dependabot
|
|
|
114
115
|
tag_sha: tag.tag_sha
|
|
115
116
|
}
|
|
116
117
|
end
|
|
118
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
117
119
|
|
|
118
120
|
def git_repo_reachable?
|
|
119
121
|
local_upload_pack
|
|
@@ -143,6 +143,7 @@ module Dependabot
|
|
|
143
143
|
select_best_changelog(files)
|
|
144
144
|
end
|
|
145
145
|
|
|
146
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
146
147
|
def select_best_changelog(files)
|
|
147
148
|
CHANGELOG_NAMES.each do |name|
|
|
148
149
|
candidates = files.select { |f| f.name =~ /#{name}/i }
|
|
@@ -163,6 +164,7 @@ module Dependabot
|
|
|
163
164
|
|
|
164
165
|
nil
|
|
165
166
|
end
|
|
167
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
166
168
|
|
|
167
169
|
def tag_for_new_version
|
|
168
170
|
@tag_for_new_version ||=
|
|
@@ -21,7 +21,6 @@ module Dependabot
|
|
|
21
21
|
!old_version_changelog_line.nil?
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
25
24
|
def pruned_text
|
|
26
25
|
changelog_lines = changelog_text.split("\n")
|
|
27
26
|
|
|
@@ -51,7 +50,6 @@ module Dependabot
|
|
|
51
50
|
|
|
52
51
|
changelog_lines.slice(slice_range).join("\n").sub(/\n*\z/, "")
|
|
53
52
|
end
|
|
54
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
55
53
|
|
|
56
54
|
private
|
|
57
55
|
|
|
@@ -116,7 +116,6 @@ module Dependabot
|
|
|
116
116
|
gsub(",", "-and-")
|
|
117
117
|
end
|
|
118
118
|
|
|
119
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
120
119
|
def new_version(dependency)
|
|
121
120
|
# Version looks like a git SHA and we could be updating to a specific
|
|
122
121
|
# ref in which case we return that otherwise we return a shorthand sha
|
|
@@ -135,7 +134,6 @@ module Dependabot
|
|
|
135
134
|
dependency.version
|
|
136
135
|
end
|
|
137
136
|
end
|
|
138
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
139
137
|
|
|
140
138
|
def previous_ref(dependency)
|
|
141
139
|
previous_refs = dependency.previous_requirements.map do |r|
|
|
@@ -51,6 +51,7 @@ module Dependabot
|
|
|
51
51
|
@require_up_to_date_base
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
54
55
|
def branch_exists?(name)
|
|
55
56
|
git_metadata_fetcher.ref_names.include?(name)
|
|
56
57
|
rescue Dependabot::GitDependenciesNotReachable => e
|
|
@@ -66,6 +67,7 @@ module Dependabot
|
|
|
66
67
|
retrying = true
|
|
67
68
|
retry
|
|
68
69
|
end
|
|
70
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
69
71
|
|
|
70
72
|
def unmerged_pull_request_exists?
|
|
71
73
|
pull_requests_for_branch.reject(&:merged).any?
|
|
@@ -113,6 +113,7 @@ module Dependabot
|
|
|
113
113
|
end.min
|
|
114
114
|
end
|
|
115
115
|
|
|
116
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
116
117
|
def version(dep)
|
|
117
118
|
return dep.version if version_class.correct?(dep.version)
|
|
118
119
|
|
|
@@ -127,7 +128,9 @@ module Dependabot
|
|
|
127
128
|
|
|
128
129
|
version_from_ref
|
|
129
130
|
end
|
|
131
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
130
132
|
|
|
133
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
131
134
|
def previous_version(dep)
|
|
132
135
|
version_str = dep.previous_version
|
|
133
136
|
return version_str if version_class.correct?(version_str)
|
|
@@ -144,6 +147,7 @@ module Dependabot
|
|
|
144
147
|
|
|
145
148
|
version_from_ref
|
|
146
149
|
end
|
|
150
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
147
151
|
|
|
148
152
|
def create_default_dependencies_label_if_required
|
|
149
153
|
return if custom_labels
|
|
@@ -567,7 +567,6 @@ module Dependabot
|
|
|
567
567
|
)
|
|
568
568
|
end
|
|
569
569
|
|
|
570
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
571
570
|
def previous_version(dependency)
|
|
572
571
|
# If we don't have a previous version, we *may* still be able to figure
|
|
573
572
|
# one out if a ref was provided and has been changed (in which case the
|
|
@@ -590,7 +589,6 @@ module Dependabot
|
|
|
590
589
|
dependency.previous_version
|
|
591
590
|
end
|
|
592
591
|
end
|
|
593
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
594
592
|
|
|
595
593
|
def new_version(dependency)
|
|
596
594
|
if dependency.version.match?(/^[0-9a-f]{40}$/)
|
|
@@ -58,7 +58,6 @@ module Dependabot
|
|
|
58
58
|
end
|
|
59
59
|
end
|
|
60
60
|
|
|
61
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
62
61
|
def sanitize_links(doc)
|
|
63
62
|
doc.walk do |node|
|
|
64
63
|
if node.type == :link && node.url.match?(GITHUB_REF_REGEX)
|
|
@@ -81,7 +80,6 @@ module Dependabot
|
|
|
81
80
|
end
|
|
82
81
|
end
|
|
83
82
|
end
|
|
84
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
85
83
|
|
|
86
84
|
def replace_github_host(text)
|
|
87
85
|
text.gsub(
|
|
@@ -172,6 +172,7 @@ module Dependabot
|
|
|
172
172
|
last_dependabot_commit_message&.split(/[:(]/)&.first
|
|
173
173
|
end
|
|
174
174
|
|
|
175
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
175
176
|
def using_angular_commit_messages?
|
|
176
177
|
return false if recent_commit_messages.none?
|
|
177
178
|
|
|
@@ -202,6 +203,7 @@ module Dependabot
|
|
|
202
203
|
|
|
203
204
|
true
|
|
204
205
|
end
|
|
206
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
205
207
|
|
|
206
208
|
def using_eslint_commit_messages?
|
|
207
209
|
return false if recent_commit_messages.none?
|
|
@@ -178,6 +178,7 @@ module Dependabot
|
|
|
178
178
|
)
|
|
179
179
|
end
|
|
180
180
|
|
|
181
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
181
182
|
def self.configure_git_credentials(credentials)
|
|
182
183
|
# Then add a file-based credential store that loads a file in this repo.
|
|
183
184
|
# Under the hood this uses git credential-store, but it's invoked through
|
|
@@ -221,6 +222,7 @@ module Dependabot
|
|
|
221
222
|
# Save the file
|
|
222
223
|
File.write("git.store", git_store_content)
|
|
223
224
|
end
|
|
225
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
224
226
|
|
|
225
227
|
def self.reset_git_repo(path)
|
|
226
228
|
Dir.chdir(path) do
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.119.
|
|
4
|
+
version: 0.119.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-09-
|
|
11
|
+
date: 2020-09-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -292,14 +292,14 @@ dependencies:
|
|
|
292
292
|
requirements:
|
|
293
293
|
- - "~>"
|
|
294
294
|
- !ruby/object:Gem::Version
|
|
295
|
-
version: 0.
|
|
295
|
+
version: 0.90.0
|
|
296
296
|
type: :development
|
|
297
297
|
prerelease: false
|
|
298
298
|
version_requirements: !ruby/object:Gem::Requirement
|
|
299
299
|
requirements:
|
|
300
300
|
- - "~>"
|
|
301
301
|
- !ruby/object:Gem::Version
|
|
302
|
-
version: 0.
|
|
302
|
+
version: 0.90.0
|
|
303
303
|
- !ruby/object:Gem::Dependency
|
|
304
304
|
name: vcr
|
|
305
305
|
requirement: !ruby/object:Gem::Requirement
|