dependabot-common 0.154.3 → 0.154.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/update_checkers/version_filters.rb +19 -0
  3. data/lib/dependabot/version.rb +1 -1
  4. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: aeb284b757e0874d1371b390e0a9c9759571e4cd659ed4898450cfb2b048ffd9
4
- data.tar.gz: 56aa048446b8a19b08fe5c805768c6723a87978830895ea29a409af2577902c6
3
+ metadata.gz: db112d90ccd776ed7e343b38e963fa9612bf4e5b814e6a9c4a5867aea1a3c32b
4
+ data.tar.gz: 414df7ccf9cca26acf0d9eb2d95341657b27b0b635662ce001b059fd19cbbb09
5
5
  SHA512:
6
- metadata.gz: 7d9d3c09880a11e91f20344828502a102fe574639f785005c72234789d1115f4ae01dc3d7f75a03103f069214370db5c416bf031045843fa163b75d6c904ab10
7
- data.tar.gz: 743aa5679f2e65289da0b9e6127ba22d0d9fb290b63d5727335eb659e4ed375f7843cce929fb47a70ad4f0f4fbc85b413803ac499a5540d890ddae8c2a552e9e
6
+ metadata.gz: 613c7b103e9184a4b53f20abf6b9ddb8089642d5beb5036908d8429bfc68e6215115d575ac6162172be2910063d432004d25e10841457119ba65e7e3060870e3
7
+ data.tar.gz: ddb0f753e6b5039f4103378c45abc9981e9607ca33b2da31274c5b22a934cd1e19fc8bae4a7f47e682ccff54f1f6fa8e64fe55d5e6e7b2d8aa32fde6b1ad1d9d
data/lib/dependabot/update_checkers/version_filters.rb ADDED
@@ -0,0 +1,19 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ module UpdateCheckers
5
+ module VersionFilters
6
+ def self.filter_vulnerable_versions(versions_array, security_advisories)
7
+ versions_array.reject do |v|
8
+ security_advisories.any? do |a|
9
+ if v.is_a?(Gem::Version)
10
+ a.vulnerable?(v)
11
+ else
12
+ a.vulnerable?(v.fetch(:version))
13
+ end
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.154.3"
4
+ VERSION = "0.154.4"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.154.3
4
+ version: 0.154.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-06-21 00:00:00.000000000 Z
11
+ date: 2021-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -446,6 +446,7 @@ files:
446
446
  - lib/dependabot/update_checkers.rb
447
447
  - lib/dependabot/update_checkers/README.md
448
448
  - lib/dependabot/update_checkers/base.rb
449
+ - lib/dependabot/update_checkers/version_filters.rb
449
450
  - lib/dependabot/utils.rb
450
451
  - lib/dependabot/version.rb
451
452
  - lib/rubygems_version_patch.rb