dependabot-common 0.230.0 → 0.232.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/clients/azure.rb +4 -3
- data/lib/dependabot/clients/bitbucket.rb +4 -3
- data/lib/dependabot/clients/bitbucket_with_retries.rb +4 -3
- data/lib/dependabot/clients/codecommit.rb +6 -5
- data/lib/dependabot/clients/github_with_retries.rb +11 -10
- data/lib/dependabot/clients/gitlab_with_retries.rb +11 -10
- data/lib/dependabot/config/file.rb +1 -0
- data/lib/dependabot/config/file_fetcher.rb +1 -0
- data/lib/dependabot/config/ignore_condition.rb +1 -0
- data/lib/dependabot/config/update_config.rb +10 -9
- data/lib/dependabot/config.rb +1 -0
- data/lib/dependabot/dependency.rb +11 -10
- data/lib/dependabot/dependency_file.rb +1 -0
- data/lib/dependabot/dependency_group.rb +1 -0
- data/lib/dependabot/errors.rb +1 -0
- data/lib/dependabot/experiments.rb +1 -0
- data/lib/dependabot/file_fetchers/base.rb +27 -26
- data/lib/dependabot/file_fetchers.rb +1 -0
- data/lib/dependabot/file_parsers/base/dependency_set.rb +1 -0
- data/lib/dependabot/file_parsers/base.rb +1 -0
- data/lib/dependabot/file_parsers.rb +1 -0
- data/lib/dependabot/file_updaters/artifact_updater.rb +1 -0
- data/lib/dependabot/file_updaters/base.rb +1 -0
- data/lib/dependabot/file_updaters/vendor_updater.rb +1 -0
- data/lib/dependabot/file_updaters.rb +1 -0
- data/lib/dependabot/git_commit_checker.rb +22 -21
- data/lib/dependabot/git_metadata_fetcher.rb +13 -12
- data/lib/dependabot/logger.rb +1 -0
- data/lib/dependabot/metadata_finders/base/changelog_finder.rb +26 -25
- data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +2 -1
- data/lib/dependabot/metadata_finders/base/commits_finder.rb +44 -43
- data/lib/dependabot/metadata_finders/base/release_finder.rb +25 -24
- data/lib/dependabot/metadata_finders/base.rb +3 -2
- data/lib/dependabot/metadata_finders.rb +1 -0
- data/lib/dependabot/pull_request_creator/azure.rb +1 -0
- data/lib/dependabot/pull_request_creator/bitbucket.rb +1 -0
- data/lib/dependabot/pull_request_creator/branch_namer/base.rb +1 -0
- data/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb +1 -0
- data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb +36 -35
- data/lib/dependabot/pull_request_creator/branch_namer.rb +1 -0
- data/lib/dependabot/pull_request_creator/codecommit.rb +3 -2
- data/lib/dependabot/pull_request_creator/commit_signer.rb +1 -0
- data/lib/dependabot/pull_request_creator/github.rb +23 -27
- data/lib/dependabot/pull_request_creator/gitlab.rb +1 -0
- data/lib/dependabot/pull_request_creator/labeler.rb +18 -17
- data/lib/dependabot/pull_request_creator/message.rb +1 -0
- data/lib/dependabot/pull_request_creator/message_builder/issue_linker.rb +8 -7
- data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb +1 -0
- data/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb +7 -6
- data/lib/dependabot/pull_request_creator/message_builder.rb +18 -17
- data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +61 -60
- data/lib/dependabot/pull_request_creator.rb +7 -0
- data/lib/dependabot/pull_request_updater/azure.rb +1 -0
- data/lib/dependabot/pull_request_updater/github.rb +5 -4
- data/lib/dependabot/pull_request_updater/gitlab.rb +1 -0
- data/lib/dependabot/pull_request_updater.rb +1 -0
- data/lib/dependabot/registry_client.rb +1 -0
- data/lib/dependabot/security_advisory.rb +5 -4
- data/lib/dependabot/shared_helpers.rb +5 -4
- data/lib/dependabot/simple_instrumentor.rb +1 -0
- data/lib/dependabot/source.rb +5 -4
- data/lib/dependabot/update_checkers/base.rb +7 -6
- data/lib/dependabot/update_checkers/version_filters.rb +1 -0
- data/lib/dependabot/update_checkers.rb +1 -0
- data/lib/dependabot/utils.rb +1 -0
- data/lib/dependabot/version.rb +1 -0
- data/lib/dependabot/workspace/base.rb +1 -0
- data/lib/dependabot/workspace/change_attempt.rb +1 -0
- data/lib/dependabot/workspace/git.rb +1 -0
- data/lib/dependabot/workspace.rb +1 -0
- data/lib/dependabot.rb +2 -1
- data/lib/wildcard_matcher.rb +4 -3
- metadata +31 -3
data/lib/dependabot/source.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# typed: true
|
1
2
|
# frozen_string_literal: true
|
2
3
|
|
3
4
|
module Dependabot
|
@@ -133,12 +134,12 @@ module Dependabot
|
|
133
134
|
|
134
135
|
case provider
|
135
136
|
when "github", "gitlab"
|
136
|
-
path = Pathname.new(File.join("tree/#{branch || 'HEAD'}", directory))
|
137
|
-
|
137
|
+
path = Pathname.new(File.join("tree/#{branch || 'HEAD'}", directory))
|
138
|
+
.cleanpath.to_path
|
138
139
|
url + "/" + path
|
139
140
|
when "bitbucket"
|
140
|
-
path = Pathname.new(File.join("src/#{branch || 'default'}", directory))
|
141
|
-
|
141
|
+
path = Pathname.new(File.join("src/#{branch || 'default'}", directory))
|
142
|
+
.cleanpath.to_path
|
142
143
|
url + "/" + path
|
143
144
|
when "azure"
|
144
145
|
url + "?path=#{directory}"
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# typed: true
|
1
2
|
# frozen_string_literal: true
|
2
3
|
|
3
4
|
require "json"
|
@@ -299,12 +300,12 @@ module Dependabot
|
|
299
300
|
|
300
301
|
def version_from_requirements
|
301
302
|
@version_from_requirements ||=
|
302
|
-
dependency.requirements.filter_map { |r| r.fetch(:requirement) }
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
303
|
+
dependency.requirements.filter_map { |r| r.fetch(:requirement) }
|
304
|
+
.flat_map { |req_str| requirement_class.requirements_array(req_str) }
|
305
|
+
.flat_map(&:requirements)
|
306
|
+
.reject { |req_array| req_array.first.start_with?("<") }
|
307
|
+
.map(&:last)
|
308
|
+
.max
|
308
309
|
end
|
309
310
|
|
310
311
|
def requirements_can_update?
|
data/lib/dependabot/utils.rb
CHANGED
data/lib/dependabot/version.rb
CHANGED
data/lib/dependabot/workspace.rb
CHANGED
data/lib/dependabot.rb
CHANGED
data/lib/wildcard_matcher.rb
CHANGED
@@ -1,12 +1,13 @@
|
|
1
|
+
# typed: true
|
1
2
|
# frozen_string_literal: true
|
2
3
|
|
3
4
|
class WildcardMatcher
|
4
5
|
def self.match?(wildcard_string, candidate_string)
|
5
6
|
return false unless wildcard_string && candidate_string
|
6
7
|
|
7
|
-
regex_string = "a#{wildcard_string.downcase}a".split("*")
|
8
|
-
|
9
|
-
|
8
|
+
regex_string = "a#{wildcard_string.downcase}a".split("*")
|
9
|
+
.map { |p| Regexp.quote(p) }
|
10
|
+
.join(".*").gsub(/^a|a$/, "")
|
10
11
|
regex = /^#{regex_string}$/
|
11
12
|
regex.match?(candidate_string.downcase)
|
12
13
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.232.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-09-
|
11
|
+
date: 2023-09-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-codecommit
|
@@ -222,6 +222,20 @@ dependencies:
|
|
222
222
|
- - "~>"
|
223
223
|
- !ruby/object:Gem::Version
|
224
224
|
version: '5.0'
|
225
|
+
- !ruby/object:Gem::Dependency
|
226
|
+
name: sorbet-runtime
|
227
|
+
requirement: !ruby/object:Gem::Requirement
|
228
|
+
requirements:
|
229
|
+
- - "~>"
|
230
|
+
- !ruby/object:Gem::Version
|
231
|
+
version: '0.5'
|
232
|
+
type: :runtime
|
233
|
+
prerelease: false
|
234
|
+
version_requirements: !ruby/object:Gem::Requirement
|
235
|
+
requirements:
|
236
|
+
- - "~>"
|
237
|
+
- !ruby/object:Gem::Version
|
238
|
+
version: '0.5'
|
225
239
|
- !ruby/object:Gem::Dependency
|
226
240
|
name: toml-rb
|
227
241
|
requirement: !ruby/object:Gem::Requirement
|
@@ -354,6 +368,20 @@ dependencies:
|
|
354
368
|
- - "~>"
|
355
369
|
- !ruby/object:Gem::Version
|
356
370
|
version: 1.19.0
|
371
|
+
- !ruby/object:Gem::Dependency
|
372
|
+
name: rubocop-sorbet
|
373
|
+
requirement: !ruby/object:Gem::Requirement
|
374
|
+
requirements:
|
375
|
+
- - "~>"
|
376
|
+
- !ruby/object:Gem::Version
|
377
|
+
version: 0.7.3
|
378
|
+
type: :development
|
379
|
+
prerelease: false
|
380
|
+
version_requirements: !ruby/object:Gem::Requirement
|
381
|
+
requirements:
|
382
|
+
- - "~>"
|
383
|
+
- !ruby/object:Gem::Version
|
384
|
+
version: 0.7.3
|
357
385
|
- !ruby/object:Gem::Dependency
|
358
386
|
name: stackprof
|
359
387
|
requirement: !ruby/object:Gem::Requirement
|
@@ -486,7 +514,7 @@ licenses:
|
|
486
514
|
- Nonstandard
|
487
515
|
metadata:
|
488
516
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
489
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
517
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.232.0
|
490
518
|
post_install_message:
|
491
519
|
rdoc_options: []
|
492
520
|
require_paths:
|