dependabot-common 0.224.0 → 0.226.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency_file.rb +5 -1
- data/lib/dependabot/dependency_group.rb +8 -0
- data/lib/dependabot/file_fetchers/base.rb +23 -5
- data/lib/dependabot/file_parsers/base/dependency_set.rb +1 -0
- data/lib/dependabot/git_commit_checker.rb +22 -15
- data/lib/dependabot/git_metadata_fetcher.rb +6 -5
- data/lib/dependabot/metadata_finders/base.rb +1 -2
- data/lib/dependabot/pull_request_creator/bitbucket.rb +3 -0
- data/lib/dependabot/pull_request_creator/github.rb +1 -2
- data/lib/dependabot/pull_request_creator/gitlab.rb +2 -1
- data/lib/dependabot/pull_request_creator/message_builder.rb +62 -3
- data/lib/dependabot/pull_request_creator.rb +2 -0
- data/lib/dependabot/pull_request_updater/github.rb +1 -2
- data/lib/dependabot/pull_request_updater/gitlab.rb +2 -1
- data/lib/dependabot/shared_helpers.rb +7 -0
- data/lib/dependabot/update_checkers/base.rb +2 -0
- data/lib/dependabot.rb +1 -1
- metadata +13 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 47e3c8b72c7026283675f4969109de44931af6b655978be6762eb1c846f92dc9
|
4
|
+
data.tar.gz: 4d1b71853adbe711c8ad038c27df1fabc2612de1226705ac3a55de8f70ccfa0c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e8edba97936c9846ec37066eb5ff03dfce9f24aa8e7fe688665b17939ce6e785f2e00a3bda2baf666422e7044daef0dbfbb84d770c02ef12ccbd9b12aeb8fca6
|
7
|
+
data.tar.gz: aacddd041d120483380bc7d3e6b6e757cc4f80c304d6bd8df7a911174b53f361e1a1d3926dd193c3cd1e7451d8c6b29370406dfcfee52dcb3264304319417c46
|
@@ -44,7 +44,7 @@ module Dependabot
|
|
44
44
|
@type = type
|
45
45
|
|
46
46
|
begin
|
47
|
-
@mode = File.stat(
|
47
|
+
@mode = File.stat(realpath).mode.to_s(8)
|
48
48
|
rescue StandardError
|
49
49
|
@mode = mode
|
50
50
|
end
|
@@ -76,6 +76,10 @@ module Dependabot
|
|
76
76
|
Pathname.new(File.join(directory, name)).cleanpath.to_path
|
77
77
|
end
|
78
78
|
|
79
|
+
def realpath
|
80
|
+
(symlink_target || path).sub(%r{^/}, "")
|
81
|
+
end
|
82
|
+
|
79
83
|
def ==(other)
|
80
84
|
return false unless other.instance_of?(self.class)
|
81
85
|
|
@@ -1,5 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require "dependabot/experiments"
|
4
|
+
require "dependabot/config/ignore_condition"
|
5
|
+
require "dependabot/logger"
|
6
|
+
|
3
7
|
require "wildcard_matcher"
|
4
8
|
require "yaml"
|
5
9
|
|
@@ -54,5 +58,9 @@ module Dependabot
|
|
54
58
|
"development"
|
55
59
|
end
|
56
60
|
end
|
61
|
+
|
62
|
+
def experimental_rules_enabled?
|
63
|
+
Dependabot::Experiments.enabled?(:grouped_updates_experimental_rules)
|
64
|
+
end
|
57
65
|
end
|
58
66
|
end
|
@@ -108,6 +108,10 @@ module Dependabot
|
|
108
108
|
|
109
109
|
private
|
110
110
|
|
111
|
+
def fetch_support_file(name)
|
112
|
+
fetch_file_if_present(name)&.tap { |f| f.support_file = true }
|
113
|
+
end
|
114
|
+
|
111
115
|
def fetch_file_if_present(filename, fetch_submodules: false)
|
112
116
|
unless repo_contents_path.nil?
|
113
117
|
begin
|
@@ -128,8 +132,7 @@ module Dependabot
|
|
128
132
|
|
129
133
|
fetch_file_from_host(filename, fetch_submodules: fetch_submodules)
|
130
134
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
131
|
-
|
132
|
-
raise Dependabot::DependencyFileNotFound, path
|
135
|
+
nil
|
133
136
|
end
|
134
137
|
|
135
138
|
def load_cloned_file_if_present(filename)
|
@@ -159,19 +162,34 @@ module Dependabot
|
|
159
162
|
|
160
163
|
path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
|
161
164
|
content = _fetch_file_content(path, fetch_submodules: fetch_submodules)
|
162
|
-
|
165
|
+
clean_path = path.gsub(%r{^/}, "")
|
166
|
+
|
167
|
+
linked_path = symlinked_subpath(clean_path)
|
168
|
+
type = "symlink" if linked_path
|
169
|
+
symlink_target = clean_path.sub(linked_path, @linked_paths.dig(linked_path, :path)) if type == "symlink"
|
163
170
|
|
164
171
|
DependencyFile.new(
|
165
172
|
name: Pathname.new(filename).cleanpath.to_path,
|
166
173
|
directory: directory,
|
167
174
|
type: type,
|
168
175
|
content: content,
|
169
|
-
symlink_target:
|
176
|
+
symlink_target: symlink_target
|
170
177
|
)
|
171
178
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
172
179
|
raise Dependabot::DependencyFileNotFound, path
|
173
180
|
end
|
174
181
|
|
182
|
+
# Finds the first subpath in path that is a symlink
|
183
|
+
def symlinked_subpath(path)
|
184
|
+
subpaths(path).find { |subpath| @linked_paths.key?(subpath) }
|
185
|
+
end
|
186
|
+
|
187
|
+
# Given a "foo/bar/baz" path, returns ["foo", "foo/bar", "foo/bar/baz"]
|
188
|
+
def subpaths(path)
|
189
|
+
components = path.split("/")
|
190
|
+
components.map { |component| components[0..components.index(component)].join("/") }
|
191
|
+
end
|
192
|
+
|
175
193
|
def repo_contents(dir: ".", ignore_base_directory: false,
|
176
194
|
raise_errors: true, fetch_submodules: false)
|
177
195
|
dir = File.join(directory, dir) unless ignore_base_directory
|
@@ -375,7 +393,7 @@ module Dependabot
|
|
375
393
|
|
376
394
|
def _gitlab_repo_contents(repo, path, commit)
|
377
395
|
gitlab_client.
|
378
|
-
repo_tree(repo, path: path,
|
396
|
+
repo_tree(repo, path: path, ref: commit, per_page: 100).
|
379
397
|
map do |file|
|
380
398
|
# GitLab API essentially returns the output from `git ls-tree`
|
381
399
|
type = case file.type
|
@@ -40,7 +40,6 @@ module Dependabot
|
|
40
40
|
def pinned?
|
41
41
|
raise "Not a git dependency!" unless git_dependency?
|
42
42
|
|
43
|
-
ref = dependency_source_details.fetch(:ref)
|
44
43
|
branch = dependency_source_details.fetch(:branch)
|
45
44
|
|
46
45
|
return false if ref.nil?
|
@@ -61,16 +60,14 @@ module Dependabot
|
|
61
60
|
def pinned_ref_looks_like_version?
|
62
61
|
return false unless pinned?
|
63
62
|
|
64
|
-
version_tag?(
|
63
|
+
version_tag?(ref)
|
65
64
|
end
|
66
65
|
|
67
66
|
def pinned_ref_looks_like_commit_sha?
|
68
|
-
ref = dependency_source_details.fetch(:ref)
|
69
67
|
ref_looks_like_commit_sha?(ref)
|
70
68
|
end
|
71
69
|
|
72
70
|
def head_commit_for_pinned_ref
|
73
|
-
ref = dependency_source_details.fetch(:ref)
|
74
71
|
local_repo_git_metadata_fetcher.head_commit_for_ref_sha(ref)
|
75
72
|
end
|
76
73
|
|
@@ -144,15 +141,14 @@ module Dependabot
|
|
144
141
|
end
|
145
142
|
|
146
143
|
def most_specific_tag_equivalent_to_pinned_ref
|
147
|
-
commit_sha = head_commit_for_local_branch(
|
144
|
+
commit_sha = head_commit_for_local_branch(ref)
|
148
145
|
most_specific_version_tag_for_sha(commit_sha)
|
149
146
|
end
|
150
147
|
|
151
148
|
def local_tag_for_pinned_sha
|
152
|
-
return
|
149
|
+
return @local_tag_for_pinned_sha if defined?(@local_tag_for_pinned_sha)
|
153
150
|
|
154
|
-
|
155
|
-
most_specific_version_tag_for_sha(commit_sha)
|
151
|
+
@local_tag_for_pinned_sha = most_specific_version_tag_for_sha(ref) if pinned_ref_looks_like_commit_sha?
|
156
152
|
end
|
157
153
|
|
158
154
|
def git_repo_reachable?
|
@@ -223,7 +219,7 @@ module Dependabot
|
|
223
219
|
return false unless tag
|
224
220
|
|
225
221
|
commit_included_in_tag?(
|
226
|
-
commit:
|
222
|
+
commit: ref,
|
227
223
|
tag: tag,
|
228
224
|
allow_identical: true
|
229
225
|
)
|
@@ -327,8 +323,11 @@ module Dependabot
|
|
327
323
|
end
|
328
324
|
|
329
325
|
def ref_or_branch
|
330
|
-
dependency_source_details.fetch(:
|
331
|
-
|
326
|
+
ref || dependency_source_details.fetch(:branch)
|
327
|
+
end
|
328
|
+
|
329
|
+
def ref
|
330
|
+
dependency_source_details.fetch(:ref)
|
332
331
|
end
|
333
332
|
|
334
333
|
def version_tag?(tag)
|
@@ -336,10 +335,18 @@ module Dependabot
|
|
336
335
|
end
|
337
336
|
|
338
337
|
def matches_existing_prefix?(tag)
|
339
|
-
return true unless ref_or_branch
|
338
|
+
return true unless ref_or_branch
|
339
|
+
|
340
|
+
if version_tag?(ref_or_branch)
|
341
|
+
same_prefix?(ref_or_branch, tag)
|
342
|
+
else
|
343
|
+
local_tag_for_pinned_sha.nil? || same_prefix?(local_tag_for_pinned_sha, tag)
|
344
|
+
end
|
345
|
+
end
|
340
346
|
|
341
|
-
|
342
|
-
|
347
|
+
def same_prefix?(tag, other_tag)
|
348
|
+
tag.gsub(VERSION_REGEX, "").gsub(/v$/i, "") ==
|
349
|
+
other_tag.gsub(VERSION_REGEX, "").gsub(/v$/i, "")
|
343
350
|
end
|
344
351
|
|
345
352
|
def to_local_tag(tag)
|
@@ -417,7 +424,7 @@ module Dependabot
|
|
417
424
|
return false unless dependency_source_details&.fetch(:ref, nil)
|
418
425
|
return false unless pinned_ref_looks_like_version?
|
419
426
|
|
420
|
-
version = version_from_ref(
|
427
|
+
version = version_from_ref(ref)
|
421
428
|
version.prerelease?
|
422
429
|
end
|
423
430
|
|
@@ -47,8 +47,10 @@ module Dependabot
|
|
47
47
|
if ref == "HEAD"
|
48
48
|
# Remove the opening clause of the upload pack as this isn't always
|
49
49
|
# followed by a line break. When it isn't (e.g., with Bitbucket) it
|
50
|
-
# causes problems for our `sha_for_update_pack_line` logic
|
51
|
-
|
50
|
+
# causes problems for our `sha_for_update_pack_line` logic. The format
|
51
|
+
# of this opening clause is documented at
|
52
|
+
# https://git-scm.com/docs/http-protocol#_smart_server_response
|
53
|
+
line = upload_pack.gsub(/^[0-9a-f]{4}# service=git-upload-pack/, "").
|
52
54
|
lines.find { |l| l.include?(" HEAD") }
|
53
55
|
return sha_for_update_pack_line(line) if line
|
54
56
|
end
|
@@ -177,7 +179,7 @@ module Dependabot
|
|
177
179
|
# (GitHub, GitLab, BitBucket) work with or without the suffix.
|
178
180
|
# That change has other ramifications, so it'd be better if Azure started supporting ".git"
|
179
181
|
# like all the other providers.
|
180
|
-
uri =
|
182
|
+
uri = SharedHelpers.scp_to_standard(uri)
|
181
183
|
uri = URI(uri)
|
182
184
|
hostname = uri.hostname.to_s
|
183
185
|
hostname == "dev.azure.com" || hostname.end_with?(".visualstudio.com")
|
@@ -186,8 +188,7 @@ module Dependabot
|
|
186
188
|
# Add in username and password if present in credentials.
|
187
189
|
# Credentials are never present for production Dependabot.
|
188
190
|
def uri_with_auth(uri)
|
189
|
-
|
190
|
-
uri = "https://#{uri.split('git@').last.sub(%r{:/?}, '/')}" if uri.start_with?("git@")
|
191
|
+
uri = SharedHelpers.scp_to_standard(uri)
|
191
192
|
uri = URI(uri)
|
192
193
|
cred = credentials.select { |c| c["type"] == "git_source" }.
|
193
194
|
find { |c| uri.host == c["host"] }
|
@@ -10,6 +10,9 @@ module Dependabot
|
|
10
10
|
:files, :commit_message, :pr_description, :pr_name,
|
11
11
|
:author_details, :labeler, :work_item
|
12
12
|
|
13
|
+
# BitBucket Cloud accepts > 1MB characters, but they display poorly in the UI, so limiting to 4x 65,536
|
14
|
+
PR_DESCRIPTION_MAX_LENGTH = 262_143 # 0 based count
|
15
|
+
|
13
16
|
def initialize(source:, branch_name:, base_commit:, credentials:,
|
14
17
|
files:, commit_message:, pr_description:, pr_name:,
|
15
18
|
author_details:, labeler: nil, work_item: nil)
|
@@ -23,7 +23,7 @@ module Dependabot
|
|
23
23
|
:pr_message_header, :pr_message_footer,
|
24
24
|
:commit_message_options, :vulnerabilities_fixed,
|
25
25
|
:github_redirection_service, :dependency_group, :pr_message_max_length,
|
26
|
-
:pr_message_encoding
|
26
|
+
:pr_message_encoding, :ignore_conditions
|
27
27
|
|
28
28
|
TRUNCATED_MSG = "...\n\n_Description has been truncated_"
|
29
29
|
|
@@ -31,7 +31,7 @@ module Dependabot
|
|
31
31
|
pr_message_header: nil, pr_message_footer: nil,
|
32
32
|
commit_message_options: {}, vulnerabilities_fixed: {},
|
33
33
|
github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
|
34
|
-
dependency_group: nil, pr_message_max_length: nil, pr_message_encoding: nil)
|
34
|
+
dependency_group: nil, pr_message_max_length: nil, pr_message_encoding: nil, ignore_conditions: [])
|
35
35
|
@dependencies = dependencies
|
36
36
|
@files = files
|
37
37
|
@source = source
|
@@ -44,6 +44,7 @@ module Dependabot
|
|
44
44
|
@dependency_group = dependency_group
|
45
45
|
@pr_message_max_length = pr_message_max_length
|
46
46
|
@pr_message_encoding = pr_message_encoding
|
47
|
+
@ignore_conditions = ignore_conditions
|
47
48
|
end
|
48
49
|
|
49
50
|
attr_writer :pr_message_max_length
|
@@ -57,13 +58,31 @@ module Dependabot
|
|
57
58
|
end
|
58
59
|
|
59
60
|
def pr_message
|
60
|
-
|
61
|
+
# TODO: Remove unignore_commands? feature flag once we are confident
|
62
|
+
# that it is working as expected
|
63
|
+
msg = if unignore_commands?
|
64
|
+
"#{suffixed_pr_message_header}" \
|
65
|
+
"#{commit_message_intro}" \
|
66
|
+
"#{metadata_cascades}" \
|
67
|
+
"#{ignore_conditions_table}" \
|
68
|
+
"#{prefixed_pr_message_footer}"
|
69
|
+
else
|
70
|
+
"#{suffixed_pr_message_header}" \
|
71
|
+
"#{commit_message_intro}" \
|
72
|
+
"#{metadata_cascades}" \
|
73
|
+
"#{prefixed_pr_message_footer}"
|
74
|
+
end
|
75
|
+
|
61
76
|
truncate_pr_message(msg)
|
62
77
|
rescue StandardError => e
|
63
78
|
Dependabot.logger.error("Error while generating PR message: #{e.message}")
|
64
79
|
suffixed_pr_message_header + prefixed_pr_message_footer
|
65
80
|
end
|
66
81
|
|
82
|
+
def unignore_commands?
|
83
|
+
Experiments.enabled?(:unignore_commands)
|
84
|
+
end
|
85
|
+
|
67
86
|
# Truncate PR message as determined by the pr_message_max_length and pr_message_encoding instance variables
|
68
87
|
# The encoding is used when calculating length, all messages are returned as ruby UTF_8 encoded string
|
69
88
|
def truncate_pr_message(msg)
|
@@ -504,6 +523,46 @@ module Dependabot
|
|
504
523
|
).to_s
|
505
524
|
end
|
506
525
|
|
526
|
+
def ignore_conditions_table
|
527
|
+
# Return an empty string if ignore_conditions is empty
|
528
|
+
return "" if @ignore_conditions.empty?
|
529
|
+
|
530
|
+
# Filter out the conditions where from_config_file is false and dependency is in @dependencies
|
531
|
+
valid_ignore_conditions = @ignore_conditions.select do |ic|
|
532
|
+
ic["source"] =~ /\A@dependabot ignore/ && dependencies.any? { |dep| dep.name == ic["dependency-name"] }
|
533
|
+
end
|
534
|
+
|
535
|
+
# Return an empty string if no valid ignore conditions after filtering
|
536
|
+
return "" if valid_ignore_conditions.empty?
|
537
|
+
|
538
|
+
# Sort them by updated_at (or created_at if updated_at is nil), taking the latest 20
|
539
|
+
sorted_ignore_conditions = valid_ignore_conditions.sort_by { |ic| ic["updated-at"] }.last(20)
|
540
|
+
|
541
|
+
# Map each condition to a row string
|
542
|
+
table_rows = sorted_ignore_conditions.map do |ic|
|
543
|
+
"| #{ic['dependency-name']} | [#{ic['version-requirement']}] |"
|
544
|
+
end
|
545
|
+
|
546
|
+
summary = "Most Recent Ignore Conditions Applied to This Pull Request"
|
547
|
+
build_table(summary, table_rows)
|
548
|
+
end
|
549
|
+
|
550
|
+
def build_table(summary, rows)
|
551
|
+
table_header = "| Dependency Name | Ignore Conditions |"
|
552
|
+
table_divider = "| --- | --- |"
|
553
|
+
table_body = rows.join("\n")
|
554
|
+
body = "\n#{[table_header, table_divider, table_body].join("\n")}\n"
|
555
|
+
|
556
|
+
if %w(azure bitbucket codecommit).include?(source.provider)
|
557
|
+
"\n##{summary}\n\n#{body}"
|
558
|
+
else
|
559
|
+
# Build the collapsible section
|
560
|
+
msg = "<details>\n<summary>#{summary}</summary>\n\n" \
|
561
|
+
"#{[table_header, table_divider, table_body].join("\n")}\n</details>"
|
562
|
+
"\n#{msg}\n"
|
563
|
+
end
|
564
|
+
end
|
565
|
+
|
507
566
|
def changelog_url(dependency)
|
508
567
|
metadata_finder(dependency).changelog_url
|
509
568
|
end
|
@@ -230,6 +230,8 @@ module Dependabot
|
|
230
230
|
@pr_message_encoding = Azure::PR_DESCRIPTION_ENCODING if @pr_message_encoding.nil?
|
231
231
|
when "codecommit"
|
232
232
|
@pr_message_max_length = Codecommit::PR_DESCRIPTION_MAX_LENGTH if @pr_message_max_length.nil?
|
233
|
+
when "bitbucket"
|
234
|
+
@pr_message_max_length = Bitbucket::PR_DESCRIPTION_MAX_LENGTH if @pr_message_max_length.nil?
|
233
235
|
end
|
234
236
|
|
235
237
|
@message = MessageBuilder.new(
|
@@ -191,6 +191,13 @@ module Dependabot
|
|
191
191
|
reset_global_git_config(backup_git_config_path)
|
192
192
|
end
|
193
193
|
|
194
|
+
# Handle SCP-style git URIs
|
195
|
+
def self.scp_to_standard(uri)
|
196
|
+
return uri unless uri.start_with?("git@")
|
197
|
+
|
198
|
+
"https://#{uri.split('git@').last.sub(%r{:/?}, '/')}"
|
199
|
+
end
|
200
|
+
|
194
201
|
def self.credential_helper_path
|
195
202
|
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
196
203
|
end
|
@@ -166,6 +166,7 @@ module Dependabot
|
|
166
166
|
previous_version: previous_version,
|
167
167
|
previous_requirements: dependency.requirements,
|
168
168
|
package_manager: dependency.package_manager,
|
169
|
+
metadata: dependency.metadata,
|
169
170
|
subdependency_metadata: dependency.subdependency_metadata
|
170
171
|
)
|
171
172
|
end
|
@@ -181,6 +182,7 @@ module Dependabot
|
|
181
182
|
previous_version: previous_version,
|
182
183
|
previous_requirements: dependency.requirements,
|
183
184
|
package_manager: dependency.package_manager,
|
185
|
+
metadata: dependency.metadata,
|
184
186
|
subdependency_metadata: dependency.subdependency_metadata
|
185
187
|
)
|
186
188
|
end
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.226.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-08-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-codecommit
|
@@ -84,14 +84,14 @@ dependencies:
|
|
84
84
|
requirements:
|
85
85
|
- - "~>"
|
86
86
|
- !ruby/object:Gem::Version
|
87
|
-
version: 1.
|
87
|
+
version: 1.18.0
|
88
88
|
type: :runtime
|
89
89
|
prerelease: false
|
90
90
|
version_requirements: !ruby/object:Gem::Requirement
|
91
91
|
requirements:
|
92
92
|
- - "~>"
|
93
93
|
- !ruby/object:Gem::Version
|
94
|
-
version: 1.
|
94
|
+
version: 1.18.0
|
95
95
|
- !ruby/object:Gem::Dependency
|
96
96
|
name: excon
|
97
97
|
requirement: !ruby/object:Gem::Requirement
|
@@ -101,7 +101,7 @@ dependencies:
|
|
101
101
|
version: '0.96'
|
102
102
|
- - "<"
|
103
103
|
- !ruby/object:Gem::Version
|
104
|
-
version: '0.
|
104
|
+
version: '0.101'
|
105
105
|
type: :runtime
|
106
106
|
prerelease: false
|
107
107
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -111,35 +111,35 @@ dependencies:
|
|
111
111
|
version: '0.96'
|
112
112
|
- - "<"
|
113
113
|
- !ruby/object:Gem::Version
|
114
|
-
version: '0.
|
114
|
+
version: '0.101'
|
115
115
|
- !ruby/object:Gem::Dependency
|
116
116
|
name: faraday
|
117
117
|
requirement: !ruby/object:Gem::Requirement
|
118
118
|
requirements:
|
119
119
|
- - '='
|
120
120
|
- !ruby/object:Gem::Version
|
121
|
-
version: 2.7.
|
121
|
+
version: 2.7.10
|
122
122
|
type: :runtime
|
123
123
|
prerelease: false
|
124
124
|
version_requirements: !ruby/object:Gem::Requirement
|
125
125
|
requirements:
|
126
126
|
- - '='
|
127
127
|
- !ruby/object:Gem::Version
|
128
|
-
version: 2.7.
|
128
|
+
version: 2.7.10
|
129
129
|
- !ruby/object:Gem::Dependency
|
130
130
|
name: faraday-retry
|
131
131
|
requirement: !ruby/object:Gem::Requirement
|
132
132
|
requirements:
|
133
133
|
- - '='
|
134
134
|
- !ruby/object:Gem::Version
|
135
|
-
version: 2.
|
135
|
+
version: 2.2.0
|
136
136
|
type: :runtime
|
137
137
|
prerelease: false
|
138
138
|
version_requirements: !ruby/object:Gem::Requirement
|
139
139
|
requirements:
|
140
140
|
- - '='
|
141
141
|
- !ruby/object:Gem::Version
|
142
|
-
version: 2.
|
142
|
+
version: 2.2.0
|
143
143
|
- !ruby/object:Gem::Dependency
|
144
144
|
name: gitlab
|
145
145
|
requirement: !ruby/object:Gem::Requirement
|
@@ -346,14 +346,14 @@ dependencies:
|
|
346
346
|
requirements:
|
347
347
|
- - "~>"
|
348
348
|
- !ruby/object:Gem::Version
|
349
|
-
version: 1.
|
349
|
+
version: 1.18.0
|
350
350
|
type: :development
|
351
351
|
prerelease: false
|
352
352
|
version_requirements: !ruby/object:Gem::Requirement
|
353
353
|
requirements:
|
354
354
|
- - "~>"
|
355
355
|
- !ruby/object:Gem::Version
|
356
|
-
version: 1.
|
356
|
+
version: 1.18.0
|
357
357
|
- !ruby/object:Gem::Dependency
|
358
358
|
name: stackprof
|
359
359
|
requirement: !ruby/object:Gem::Requirement
|
@@ -486,7 +486,7 @@ licenses:
|
|
486
486
|
- Nonstandard
|
487
487
|
metadata:
|
488
488
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
489
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
489
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.226.0
|
490
490
|
post_install_message:
|
491
491
|
rdoc_options: []
|
492
492
|
require_paths:
|