dependabot-common 0.154.3 → 0.156.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/update_checkers/version_filters.rb +19 -0
  3. data/lib/dependabot/version.rb +1 -1
  4. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: aeb284b757e0874d1371b390e0a9c9759571e4cd659ed4898450cfb2b048ffd9
4
- data.tar.gz: 56aa048446b8a19b08fe5c805768c6723a87978830895ea29a409af2577902c6
3
+ metadata.gz: 29784de7cf9f3259f4609baf0c204e2ccda7376442e16f6646f1777666ae4b9d
4
+ data.tar.gz: a1f65677de7e75cdd27e2fabebe5cb10ce789674e60e669b996c94c9a1231f70
5
5
  SHA512:
6
- metadata.gz: 7d9d3c09880a11e91f20344828502a102fe574639f785005c72234789d1115f4ae01dc3d7f75a03103f069214370db5c416bf031045843fa163b75d6c904ab10
7
- data.tar.gz: 743aa5679f2e65289da0b9e6127ba22d0d9fb290b63d5727335eb659e4ed375f7843cce929fb47a70ad4f0f4fbc85b413803ac499a5540d890ddae8c2a552e9e
6
+ metadata.gz: dcb516edc2caff94638f57d082638c86a148557eba5a7764eb1d6965e0f9f703a8ae747e586cd571da0ed67d8e8b8f04282109927a19ec89d37f9d37142237bb
7
+ data.tar.gz: d1892a7de0bef8bd47a50b92561ee72cfa1716ccdae29ca6202b75d862eb2c4293802d5c4778d60420760d5123e2985ecf758d43ee6e34f4f1e4f61db84b7469
data/lib/dependabot/update_checkers/version_filters.rb ADDED
@@ -0,0 +1,19 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ module UpdateCheckers
5
+ module VersionFilters
6
+ def self.filter_vulnerable_versions(versions_array, security_advisories)
7
+ versions_array.reject do |v|
8
+ security_advisories.any? do |a|
9
+ if v.is_a?(Gem::Version)
10
+ a.vulnerable?(v)
11
+ else
12
+ a.vulnerable?(v.fetch(:version))
13
+ end
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.154.3"
4
+ VERSION = "0.156.0"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.154.3
4
+ version: 0.156.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-06-21 00:00:00.000000000 Z
11
+ date: 2021-06-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -446,6 +446,7 @@ files:
446
446
  - lib/dependabot/update_checkers.rb
447
447
  - lib/dependabot/update_checkers/README.md
448
448
  - lib/dependabot/update_checkers/base.rb
449
+ - lib/dependabot/update_checkers/version_filters.rb
449
450
  - lib/dependabot/utils.rb
450
451
  - lib/dependabot/version.rb
451
452
  - lib/rubygems_version_patch.rb