dependabot-common 0.194.0 → 0.196.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/security_advisory.rb +5 -3
- data/lib/dependabot/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7916788df6e63d022769dc57ef96a24b96304d0ecccc331d74a39c07fce0484b
|
|
4
|
+
data.tar.gz: bd6acd97b08ccf52105f32556429c081a47a296ff56790aaa822e0bcb7c79908
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fb7de3b172a493374262d598140354919269eec74b0a5ffc593c9f9c4a8bb70c3b64a1f4ec28d285ebda0edc7e9c51b942e0ee03e23e83d2ae97a734e0494974
|
|
7
|
+
data.tar.gz: 6814943a3e5a68f45fe49d80fbdcf2138a08bf951b3e556adfcb2e0afb77bdd489f12fd86d6d454d0c8f42cad5848b98b399077779006d767bcb625afa0c8d31
|
|
@@ -5,13 +5,15 @@ require "rubygems_version_patch"
|
|
|
5
5
|
module Dependabot
|
|
6
6
|
class SecurityAdvisory
|
|
7
7
|
attr_reader :dependency_name, :package_manager,
|
|
8
|
-
:vulnerable_versions, :safe_versions
|
|
8
|
+
:vulnerable_versions, :safe_versions,
|
|
9
|
+
:vulnerable_version_strings
|
|
9
10
|
|
|
10
11
|
def initialize(dependency_name:, package_manager:,
|
|
11
12
|
vulnerable_versions: [], safe_versions: [])
|
|
12
13
|
@dependency_name = dependency_name
|
|
13
14
|
@package_manager = package_manager
|
|
14
|
-
@
|
|
15
|
+
@vulnerable_version_strings = vulnerable_versions || []
|
|
16
|
+
@vulnerable_versions = []
|
|
15
17
|
@safe_versions = safe_versions || []
|
|
16
18
|
|
|
17
19
|
convert_string_version_requirements
|
|
@@ -91,7 +93,7 @@ module Dependabot
|
|
|
91
93
|
private
|
|
92
94
|
|
|
93
95
|
def convert_string_version_requirements
|
|
94
|
-
@vulnerable_versions =
|
|
96
|
+
@vulnerable_versions = vulnerable_version_strings.flat_map do |vuln_str|
|
|
95
97
|
next vuln_str unless vuln_str.is_a?(String)
|
|
96
98
|
|
|
97
99
|
requirement_class.requirements_array(vuln_str)
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.196.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-06-
|
|
11
|
+
date: 2022-06-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -242,14 +242,14 @@ dependencies:
|
|
|
242
242
|
requirements:
|
|
243
243
|
- - '='
|
|
244
244
|
- !ruby/object:Gem::Version
|
|
245
|
-
version: 0.10.
|
|
245
|
+
version: 0.10.16
|
|
246
246
|
type: :development
|
|
247
247
|
prerelease: false
|
|
248
248
|
version_requirements: !ruby/object:Gem::Requirement
|
|
249
249
|
requirements:
|
|
250
250
|
- - '='
|
|
251
251
|
- !ruby/object:Gem::Version
|
|
252
|
-
version: 0.10.
|
|
252
|
+
version: 0.10.16
|
|
253
253
|
- !ruby/object:Gem::Dependency
|
|
254
254
|
name: debug
|
|
255
255
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -326,14 +326,14 @@ dependencies:
|
|
|
326
326
|
requirements:
|
|
327
327
|
- - "~>"
|
|
328
328
|
- !ruby/object:Gem::Version
|
|
329
|
-
version: 1.
|
|
329
|
+
version: 1.30.1
|
|
330
330
|
type: :development
|
|
331
331
|
prerelease: false
|
|
332
332
|
version_requirements: !ruby/object:Gem::Requirement
|
|
333
333
|
requirements:
|
|
334
334
|
- - "~>"
|
|
335
335
|
- !ruby/object:Gem::Version
|
|
336
|
-
version: 1.
|
|
336
|
+
version: 1.30.1
|
|
337
337
|
- !ruby/object:Gem::Dependency
|
|
338
338
|
name: ruby-debug-ide
|
|
339
339
|
requirement: !ruby/object:Gem::Requirement
|