dependabot-common 0.144.0 → 0.145.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 06f9de893151cd2ab1d29916da6c5d821cc70dc6878e3ccd144eb887a4588322
-  data.tar.gz: 26bcac9593d947e959aecc53e6c9f7b1474214dda334206df517c0f71cd446ec
+  metadata.gz: ddf544db22f6cd0f186d30314a7f739c307fd39c6d6154ba3e3695707c940479
+  data.tar.gz: ea8f1f2404c68e01f90fa382b51994f9bc2d09ed31a01fe527a4acb69843406f
 SHA512:
-  metadata.gz: f27252cbb1d0ee59aaee1a619b9546a1a7c22613b07f38c014eaac88be8d7ad75ebdcf5f5891f30d715441b80821ba62f99e17749cacbdb9fe4c16a2b7ca2de9
-  data.tar.gz: a7e5d2b6f8f3bf3689cd490e9b8b7c35898ae6ad15a832afda6693a64f850f3dbfbe21397de2cb8e943ab167e2b69d542c2fe8364f5d36841661c1112907af94
+  metadata.gz: 9467032f9bf7632a832e127f87755103b860725b05d18a6f6d198cd5b265e6f864e21c22d9aeab6bd1bab3328f44f94dfa2507b25a680beae7c3707968b5e0cf
+  data.tar.gz: 7f53c347a240b6a4a71bf645c96bd63e6ca5791e11a57eb944f544d8d70b192e679ded0e9e97fdf4b28f4883a2e1a58cd9de232a607222d038d0e13faf73c168

data/lib/dependabot/git_commit_checker.rb

@@ -60,10 +60,10 @@ module Dependabot
     end
 
     def pinned_ref_looks_like_commit_sha?
-      return false unless pinned?
-
       ref = dependency_source_details.fetch(:ref)
-      return false unless ref.match?(/^[0-9a-f]{6,40}$/)
+      return false unless ref&.match?(/^[0-9a-f]{6,40}$/)
+
+      return false unless pinned?
 
       local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
     end
@@ -115,6 +115,17 @@ module Dependabot
     end
     # rubocop:enable Metrics/PerceivedComplexity
 
+    def local_tag_for_pinned_version
+      return unless pinned?
+
+      ref = dependency_source_details.fetch(:ref)
+      tags = local_tags.select { |t| t.commit_sha == ref && version_class.correct?(t.name) }.
+             sort_by { |t| version_class.new(t.name) }
+      return if tags.empty?
+
+      tags[-1].name
+    end
+
     def git_repo_reachable?
       local_upload_pack
       true

data/lib/dependabot/pull_request_creator/github.rb

@@ -226,12 +226,12 @@ module Dependabot
       end
 
       def create_branch(commit)
-        ref = "heads/#{branch_name}"
+        ref = "refs/heads/#{branch_name}"
 
         begin
           branch =
             github_client_for_source.create_ref(source.repo, ref, commit.sha)
-          @branch_name = ref.gsub(%r{^heads/}, "")
+          @branch_name = ref.gsub(%r{^refs/heads/}, "")
           branch
         rescue Octokit::UnprocessableEntity => e
           # Return quietly in the case of a race
@@ -244,7 +244,7 @@ module Dependabot
 
           # Branch creation will fail if a branch called `dependabot` already
           # exists, since git won't be able to create a dir with the same name
-          ref = "heads/#{SecureRandom.hex[0..3] + branch_name}"
+          ref = "refs/heads/#{SecureRandom.hex[0..3] + branch_name}"
           retry
         end
       end

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.144.0"
+  VERSION = "0.145.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.144.0
+  version: 0.145.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-05-05 00:00:00.000000000 Z
+date: 2021-05-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -298,14 +298,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.13.0
+        version: 1.14.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.13.0
+        version: 1.14.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement