dependabot-common 0.145.0 → 0.146.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/git_commit_checker.rb +39 -4
- data/lib/dependabot/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c430c1ee8606e0ef67a7657c806dd1f0ae71e7a0275fd772a8fcc1f2e5b54fd5
|
|
4
|
+
data.tar.gz: 91566a14047344e54bab381aee4f30991ce0a6819a9860f3a1b0f0699501de86
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d824e78a693db6f507603a3160b54e4808543307977acc99cfff5c93983ef08e1ea16ac6c2f381aa2db429587ffb59817703e5ef352ddea4ae94d034ed8a4d44
|
|
7
|
+
data.tar.gz: 00ffc4a86040393d70342f97654a25d75300166b4032950307b2183c56a08fa11880eafbe215259588fc106cf1d79f1c4721a6a73270210f2b6f197c5d34f222
|
|
@@ -60,10 +60,10 @@ module Dependabot
|
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
def pinned_ref_looks_like_commit_sha?
|
|
63
|
-
return false unless pinned?
|
|
64
|
-
|
|
65
63
|
ref = dependency_source_details.fetch(:ref)
|
|
66
|
-
return false unless ref
|
|
64
|
+
return false unless ref&.match?(/^[0-9a-f]{6,40}$/)
|
|
65
|
+
|
|
66
|
+
return false unless pinned?
|
|
67
67
|
|
|
68
68
|
local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
|
|
69
69
|
end
|
|
@@ -87,13 +87,16 @@ module Dependabot
|
|
|
87
87
|
end
|
|
88
88
|
|
|
89
89
|
# rubocop:disable Metrics/PerceivedComplexity
|
|
90
|
+
# rubocop:disable Metrics/AbcSize
|
|
90
91
|
def local_tag_for_latest_version
|
|
91
92
|
tags =
|
|
92
93
|
local_tags.
|
|
93
94
|
select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }
|
|
94
95
|
filtered = tags.
|
|
95
96
|
reject { |t| tag_included_in_ignore_requirements?(t) }
|
|
96
|
-
|
|
97
|
+
if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(tags).any?
|
|
98
|
+
raise Dependabot::AllVersionsIgnored
|
|
99
|
+
end
|
|
97
100
|
|
|
98
101
|
tag = filtered.
|
|
99
102
|
reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }.
|
|
@@ -113,8 +116,40 @@ module Dependabot
|
|
|
113
116
|
tag_sha: tag.tag_sha
|
|
114
117
|
}
|
|
115
118
|
end
|
|
119
|
+
# rubocop:enable Metrics/AbcSize
|
|
116
120
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
117
121
|
|
|
122
|
+
def current_version
|
|
123
|
+
return unless dependency.version && version_tag?(dependency.version)
|
|
124
|
+
|
|
125
|
+
version = dependency.version.match(VERSION_REGEX).named_captures.fetch("version")
|
|
126
|
+
version_class.new(version)
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def filter_lower_versions(tags)
|
|
130
|
+
return tags unless current_version
|
|
131
|
+
|
|
132
|
+
versions = tags.map do |t|
|
|
133
|
+
version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
|
|
134
|
+
version_class.new(version)
|
|
135
|
+
end
|
|
136
|
+
|
|
137
|
+
versions.select do |version|
|
|
138
|
+
version > current_version
|
|
139
|
+
end
|
|
140
|
+
end
|
|
141
|
+
|
|
142
|
+
def local_tag_for_pinned_version
|
|
143
|
+
return unless pinned?
|
|
144
|
+
|
|
145
|
+
ref = dependency_source_details.fetch(:ref)
|
|
146
|
+
tags = local_tags.select { |t| t.commit_sha == ref && version_class.correct?(t.name) }.
|
|
147
|
+
sort_by { |t| version_class.new(t.name) }
|
|
148
|
+
return if tags.empty?
|
|
149
|
+
|
|
150
|
+
tags[-1].name
|
|
151
|
+
end
|
|
152
|
+
|
|
118
153
|
def git_repo_reachable?
|
|
119
154
|
local_upload_pack
|
|
120
155
|
true
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.146.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-05-
|
|
11
|
+
date: 2021-05-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -298,14 +298,14 @@ dependencies:
|
|
|
298
298
|
requirements:
|
|
299
299
|
- - "~>"
|
|
300
300
|
- !ruby/object:Gem::Version
|
|
301
|
-
version: 1.
|
|
301
|
+
version: 1.14.0
|
|
302
302
|
type: :development
|
|
303
303
|
prerelease: false
|
|
304
304
|
version_requirements: !ruby/object:Gem::Requirement
|
|
305
305
|
requirements:
|
|
306
306
|
- - "~>"
|
|
307
307
|
- !ruby/object:Gem::Version
|
|
308
|
-
version: 1.
|
|
308
|
+
version: 1.14.0
|
|
309
309
|
- !ruby/object:Gem::Dependency
|
|
310
310
|
name: simplecov
|
|
311
311
|
requirement: !ruby/object:Gem::Requirement
|