dependabot-common 0.143.3 → 0.145.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7b86579e2112d65ed03954f5590dc1dec848a75d78466533af0071a127990d86
|
|
4
|
+
data.tar.gz: 19166a908570f73192e56aaf4cafc6217f324170639798a1ee2b90866db6834c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 31ec99470bd79837c1779aca0c7a15d386b9bcf205de6ca7657412362fd9036b472a2ff918c4209ef17ae23795e5dc987600d39a1092227b5ce4caed08ac7556
|
|
7
|
+
data.tar.gz: 0c8a847875ec3a67dd84dd4113a4044888ed6e529298e503ef6941784cae1f498dd88bfe3a159b36f5d9a8d4a1d567f94a731ae40e1c0b397cd853ace39683cb
|
|
@@ -18,7 +18,8 @@ module Dependabot
|
|
|
18
18
|
@update_types = update_types || []
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
def ignored_versions(dependency)
|
|
21
|
+
def ignored_versions(dependency, security_updates_only)
|
|
22
|
+
return versions if security_updates_only
|
|
22
23
|
return [ALL_VERSIONS] if versions.empty? && transformed_update_types.empty?
|
|
23
24
|
|
|
24
25
|
versions_by_type(dependency) + versions
|
|
@@ -31,6 +32,8 @@ module Dependabot
|
|
|
31
32
|
end
|
|
32
33
|
|
|
33
34
|
def versions_by_type(dependency)
|
|
35
|
+
return [] unless dependency.version
|
|
36
|
+
|
|
34
37
|
transformed_update_types.flat_map do |t|
|
|
35
38
|
case t
|
|
36
39
|
when PATCH_VERSION_TYPE
|
|
@@ -46,53 +49,44 @@ module Dependabot
|
|
|
46
49
|
end
|
|
47
50
|
|
|
48
51
|
def ignore_patch(version)
|
|
49
|
-
|
|
50
|
-
return [] unless parts.size > 2
|
|
52
|
+
return [] unless rubygems_compatible?(version)
|
|
51
53
|
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
upper_parts
|
|
55
|
-
lower_bound = "
|
|
54
|
+
parts = version.split(".")
|
|
55
|
+
version_parts = parts.fill(0, parts.length...2)
|
|
56
|
+
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1]
|
|
57
|
+
lower_bound = "> #{version}"
|
|
56
58
|
upper_bound = "< #{upper_parts.join('.')}"
|
|
59
|
+
|
|
57
60
|
["#{lower_bound}, #{upper_bound}"]
|
|
58
61
|
end
|
|
59
62
|
|
|
60
63
|
def ignore_minor(version)
|
|
61
|
-
|
|
62
|
-
return [] if parts.size < 2
|
|
63
|
-
|
|
64
|
-
if Gem::Version.correct?(version)
|
|
65
|
-
lower_parts = parts.first(2) + ["a"]
|
|
66
|
-
upper_parts = parts.first(1)
|
|
67
|
-
lower_parts[1] = lower_parts[1].to_i + 1
|
|
68
|
-
upper_parts[0] = upper_parts[0].to_i + 1
|
|
69
|
-
else
|
|
70
|
-
lower_parts = parts.first(1) + ["a"]
|
|
71
|
-
upper_parts = parts.first(1)
|
|
72
|
-
begin
|
|
73
|
-
upper_parts[0] = Integer(upper_parts[0]) + 1
|
|
74
|
-
rescue ArgumentError
|
|
75
|
-
upper_parts.push(999_999)
|
|
76
|
-
end
|
|
77
|
-
end
|
|
64
|
+
return [] unless rubygems_compatible?(version)
|
|
78
65
|
|
|
66
|
+
parts = version.split(".")
|
|
67
|
+
version_parts = parts.fill(0, parts.length...2)
|
|
68
|
+
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + ["a"]
|
|
69
|
+
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1]
|
|
79
70
|
lower_bound = ">= #{lower_parts.join('.')}"
|
|
80
71
|
upper_bound = "< #{upper_parts.join('.')}"
|
|
72
|
+
|
|
81
73
|
["#{lower_bound}, #{upper_bound}"]
|
|
82
74
|
end
|
|
83
75
|
|
|
84
76
|
def ignore_major(version)
|
|
85
|
-
|
|
86
|
-
return [] unless parts.size > 1
|
|
77
|
+
return [] unless rubygems_compatible?(version)
|
|
87
78
|
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
lower_parts[0] = lower_parts[0].to_i + 1
|
|
91
|
-
upper_parts[0] = upper_parts[0].to_i + 2
|
|
79
|
+
version_parts = version.split(".")
|
|
80
|
+
lower_parts = [version_parts[0].to_i + 1] + ["a"]
|
|
92
81
|
lower_bound = ">= #{lower_parts.join('.')}"
|
|
93
|
-
upper_bound = "< #{upper_parts.join('.')}"
|
|
94
82
|
|
|
95
|
-
[
|
|
83
|
+
[lower_bound]
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def rubygems_compatible?(version)
|
|
87
|
+
return false if version.nil? || version.empty?
|
|
88
|
+
|
|
89
|
+
Gem::Version.correct?(version)
|
|
96
90
|
end
|
|
97
91
|
end
|
|
98
92
|
end
|
|
@@ -12,12 +12,13 @@ module Dependabot
|
|
|
12
12
|
@commit_message_options = commit_message_options
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
def ignored_versions_for(dependency)
|
|
15
|
+
def ignored_versions_for(dependency, security_updates_only: false)
|
|
16
16
|
normalizer = name_normaliser_for(dependency)
|
|
17
|
-
dep_name =
|
|
17
|
+
dep_name = normalizer.call(dependency.name)
|
|
18
|
+
|
|
18
19
|
@ignore_conditions.
|
|
19
20
|
select { |ic| self.class.wildcard_match?(normalizer.call(ic.dependency_name), dep_name) }.
|
|
20
|
-
map { |ic| ic.ignored_versions(dependency) }.
|
|
21
|
+
map { |ic| ic.ignored_versions(dependency, security_updates_only) }.
|
|
21
22
|
flatten.
|
|
22
23
|
compact.
|
|
23
24
|
uniq
|
|
@@ -226,12 +226,12 @@ module Dependabot
|
|
|
226
226
|
end
|
|
227
227
|
|
|
228
228
|
def create_branch(commit)
|
|
229
|
-
ref = "heads/#{branch_name}"
|
|
229
|
+
ref = "refs/heads/#{branch_name}"
|
|
230
230
|
|
|
231
231
|
begin
|
|
232
232
|
branch =
|
|
233
233
|
github_client_for_source.create_ref(source.repo, ref, commit.sha)
|
|
234
|
-
@branch_name = ref.gsub(%r{^heads/}, "")
|
|
234
|
+
@branch_name = ref.gsub(%r{^refs/heads/}, "")
|
|
235
235
|
branch
|
|
236
236
|
rescue Octokit::UnprocessableEntity => e
|
|
237
237
|
# Return quietly in the case of a race
|
|
@@ -244,7 +244,7 @@ module Dependabot
|
|
|
244
244
|
|
|
245
245
|
# Branch creation will fail if a branch called `dependabot` already
|
|
246
246
|
# exists, since git won't be able to create a dir with the same name
|
|
247
|
-
ref = "heads/#{SecureRandom.hex[0..3] + branch_name}"
|
|
247
|
+
ref = "refs/heads/#{SecureRandom.hex[0..3] + branch_name}"
|
|
248
248
|
retry
|
|
249
249
|
end
|
|
250
250
|
end
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.145.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-05-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|